Technology Risk Analyst

The Technology Risk Analyst serves as a Governance Risk and Compliance subject matter professional responsible for ensuring enterprise adherence to regulatory requirements internal policies and compliance program standards. This role provides lead responsibilities over Governance function including Policy Governance Policy Exception Management Metrics and Risk Monitoring while partnering with senior stakeholders to assess risk influence control design and strengthen the organizations overall compliance posture.

• Compliance &Controls Validation

• Serve as a subject matter expert for SOC PCI SOX NYDFS and other regulatory compliance frameworksprovidingstrategic guidance to business and technology leadership.

• Leadcompliancerisk assessments and influence control design decisions across complex business processes and systems.

• Partner with senior leadership to align compliance initiatives with organizational risk tolerance and businessobjectives.

• Audit Support

• Act as the primary liaison for external auditors and third-party assessors for assigned audits.

• Lead audit walkthroughs represent management positions and provide risk-basedchallengeto audit findings whenappropriate.

• Drive enterprise-level remediation efforts ensuring sustainable corrective actions rather than one-time fixes.

• Policy & Process

• Own the lifecycle management of compliance policiesstandard and procedures including governance approval and enterprise rollout.

• Own Policy Exception Management process including intake reviewreportingand periodic renewal process

• Translate regulatory and audit requirements into actionable business and technical controls.

• Influencegovernance practices across multiple business organizations to improve compliance maturity.
• Establish a repeatable Metrics & Monitoring capability to give leadership visibility into technology risk posture while also formalizing our Policy Exception Management process
• Reporting

• Develop executive-level reporting on compliance posture risk trends and remediation progress.

• Present compliance insights and recommendations to senior management and cross-functional leadership.

• Continuous Improvement

• Proactivelymonitorregulatory changes and assess business impact drivingtimelyprogram updates.

• Mentor and provide guidance to junior compliance analysts reviewing workproductfor quality and consistency.

• Own the administrationconfigurationand optimization of GRC tooling and workflows to support scalable risk control and issue management.

• Champion automation and data-driven approaches to reduce fragmentation of risk and control information and improve operational usability at scale.

• Identifyopportunities to reduce compliance burden whilemaintainingstrong control environments.

• Bachelors degree inBusiness Information Systems or related field.

• Experience:4 years in compliance internal audit or risk management roles.

• Certifications:Preferred CISA CISM or equivalent.

• Strong knowledge of SOX SOC PCI and IT governance frameworks.

• Excellent analytical communication and stakeholder management skills.