IT Enterprise Risk Analyst jobs in United States
cer-icon
Apply on Employer Site
company-logo

City of Tucson · 1 day ago

IT Enterprise Risk Analyst

positionCity of Tucson - Information Technology
timeFull-time
remoteOnsite
seniorityMid Level
money$29.23/hr - $43.85/hr
date3+ years exp

The City of Tucson’s Information Technology Department is seeking an IT Enterprise Risk Analyst to support their Governance, Risk, and Compliance efforts. The role involves developing, implementing, and maintaining IT policies, procedures, and controls to ensure compliance and protect data and IT infrastructure.

Business DevelopmentGovernmentInformation ServicesOnline PortalsTravel
badNo H1BnoteU.S. Citizen Onlynote

Responsibilities

Analyzes and supports the development of IT Governance, Identify and Mitigate risks (GRC) frameworks, policies, standards, procedures, and governance controls in collaboration with teams and subject matter experts (SMEs). Provides guidance on understanding and adhering to established policies and procedures with IT teams embedded in partner departments. Recommends and implements improvements documenting identified risks, risk score, mitigation strategies, contingency plans, and monitoring activities
Supports the development and maintenance of a comprehensive risk register, tracking identified risks, risk scores, mitigation strategies, contingency plans, and monitoring activities. Contributes to the definition and continuous improvement of key risk indicators (KRIs) and performance metrics to assess program effectiveness
Conducts and facilitates IT risk assessments to identify and evaluate potential threats, vulnerabilities, and impacts on tech-enabled business operations. Assesses risks associated with third-party vendors and service providers. Supports internal and external audits by gathering evidence, preparing documentation, and addressing audit findings
Performs gap analyses and compliance assessments to identify areas for improvement and ensure adherence to IT GRC standards. Maintains an up-to-date knowledge base for IT GRC-related information to support ongoing compliance and risk management efforts. Monitors organization-wide compliance with administrative directives and policies, external regulations (e.g. PCI, HIPAA, CJIS, etc.), and other IT governance requirements for corrective measures
Identifies opportunities for process improvements by working with SMEs to enhance risk management and compliance practices. Educates employees on IT standards, policies and compliance obligations
Assists in IT incident response, documenting findings, supporting remediation and root cause analysis efforts, and assessing security and compliance impacts. Assists in the development and implementation of risk mitigation strategies and controls to enhance IT security and compliance
Performs all other duties and tasks as assigned

Qualification

IT governanceRisk managementIT controlsCloud computingRisk assessment methodologiesIT audit processesChange managementMetricsScriptingData protection regulationsDocumentation skills

Required

Bachelor's Degree
Three (3) years of relevant experience
A valid and unrestricted driver's license with two (2) years of licensed driving
Experience in IT governance, risk management, and a basic understanding of IT controls and security
Understanding of core IT concepts including fundamental knowledge of operating systems, networking basics, knowledge of cloud computing, and a basic understanding of scripting
Knowledge of industry-standard data and privacy protection regulations
Familiarity with risk assessment methodologies
Understanding of IT audit processes and security controls
Adept documentation skills demonstrated through experience in documenting IT policies, controls and creating compliance reports
Understanding of change management and the use of metrics

Preferred

Three years of experience as an Enterprise Risk Analyst, IT GRC Analyst or in a related role

Benefits

Medical
Dental
Vision
Life
Disability
FSA coverage
Pension plan
Optional Roth and pretax deferred compensation savings
38 paid days off in the first year of employment
Twelve weeks of paid parental leave
Paid tuition reimbursement
Student loan repayment
Off- and on-the-job training
Paid volunteer hours

Company

City of Tucson

twittertwittertwitter
company-logo
City of Tucson is a government organization that focuses to manage all municipal operations with updated information services online.
dateFounded in 1775
location
Tucson, Arizona, USA
people-size1001-5000 employees
web-link
https://www.tucsonaz.gov

Funding

Current Stage
Late Stage

Leadership Team

leader-logo
Anna Rosenberry, CPA
Chief Financial Officer - Assistant City Manager
linkedin
leader-logo
Fatima Luna
Chief Resilience Officer
linkedin

Recent News

Global Water Resources, Inc.
Global Water Resources Reports Third Quarter 2025 Results
2025-11-14
Arizona Daily Star
City funding cuts to put pressure on Winterhaven Festival
2025-10-27
Arizona Daily Star
Developers now plan to air-cool Project Blue at original Pima County site
2025-09-19
Company data provided by crunchbase