Technology Risk/Control Analyst

Job Summary:
We are seeking an experienced Technology Risk/Control Analyst - Banking - to assess and ensure the security, integrity, and compliance of IT systems within banking operations. This role is critical in evaluating IT governance, cybersecurity controls, data protection, and regulatory compliance across banking technology platforms. The ideal candidate will have a deep understanding of financial regulations (e.g., FFIEC, SOX, GLBA, PCI-DSS, Basel III) and best practices in IT risk management.
Key Responsibilities:

• Plan and execute IT audits focused on cybersecurity, cloud computing, IT governance, and data privacy in alignment with banking regulations.
• Assess the effectiveness of IT controls related to banking systems, payment platforms, fraud prevention, and core banking applications.
• Ensure compliance with banking industry regulations, including FFIEC, GLBA, SOX, PCI-DSS, Basel III, NIST, and ISO 27001.
• Evaluate cybersecurity measures to identify vulnerabilities in network security, access controls, and incident response.
• Collaborate with IT, risk management, and compliance teams to enhance security policies and mitigate risks.
• Provide recommendations to improve IT controls, reduce risk exposure, and enhance overall banking technology security.
• Prepare detailed audit reports for senior management, outlining risks, findings, and remediation strategies.
• Monitor and follow up on audit findings, ensuring timely resolution of identified issues.
• Stay updated on emerging IT risks and financial industry regulations to enhance audit methodologies.

Required Qualifications:

• Bachelor’s degree in information technology, Computer Science, Accounting, or a related field.
• 3+ years of experience in IT auditing, cybersecurity, or risk management within the banking or financial industry.
• Strong knowledge of banking regulations and IT frameworks, including FFIEC, SOX, GLBA, PCI-DSS, NIST, COBIT, and ISO 27001.
• Familiarity with banking technologies, such as core banking systems, payment networks (SWIFT, ACH), digital banking platforms, and cloud security.
• Proficiency in cybersecurity auditing, including penetration testing, access controls, and data encryption.
• Excellent analytical, problem-solving, and report-writing skills.
• Strong communication skills to work with technical and non-technical stakeholders.

Preferred Qualifications:

• Certified Information Systems Auditor (CISA) – Highly Preferred
• Other relevant certifications: CISSP, CRISC, CISM, CPA (with IT audit focus)
• Prior experience with regulatory audits from OCC, FDIC, or CFPB