IT Policy Exceptions Analyst

Job Summary:

Join our dynamic IT Policy Exceptions team and play a critical role in safeguarding technology standards across our independent financial branches. As a Senior Analyst, you will be the trusted expert who evaluates and manages IT Policy Exception requests, ensuring that deviations are properly assessed, documented, and mitigated. This position combines technical expertise with strong business acumen and client-facing skills, making it ideal for professionals who thrive at the intersection of cybersecurity and financial services.

Essential Duties and Responsibilities:

• Lead IT Policy Exception Management: Administer and track exception requests using ServiceNow, ensuring accuracy and compliance.
• Partner with Advisors: Collaborate with financial advisors and their technology teams to document requests and provide clear guidance.
• Risk Assessment & Mitigation: Analyze policy deviations, assess associated risks, identify compensating controls, and recommend remediation strategies.
• Communicate with Impact: Engage with advisors via email, chat, and phone to deliver exceptional support and clarity on IT security requirements.
• Drive Continuous Improvement: Troubleshoot issues, resolve challenges, and contribute to process enhancements that strengthen our risk posture.

Qualifications External Knowledge, Skills, and Abilities:

• Proven ability to interpret and communicate technical and non-technical policy requirements.
• Strong knowledge of IT Security principles, risk management, and controls.
• Exceptional organizational and project management skills to prioritize high-visibility requests.
• Ability to translate complex IT security concepts for audiences with varying technical backgrounds.
• Experience with ServiceNow policy or exception management (is a plus).
• Analytical mindset to identify issues, compare data, and recommend effective solutions.
• Collaborative approach to building relationships and delivering outstanding client service.

Education/Previous Experience:

• Minimum of a Bachelor's degree in Cybersecurity, Computer Science, MIS or related degree and three (3) to five (5) years of relevant experience or combination of education, training and experience.
• Experience in IT Risk Management and/or managing IT Policies and Standards Experience within a highly regulated environment like Financial Services preferred.
• Professional certifications such as, Certified Information Systems Security Professional (CISSP), GCCC or Certified Information Systems Auditor (CISA) or other cybersecurity certifications are differentiators.