Technical Risk Analyst

Overview

Performs the identification, documentation, and evaluation of security operational controls as part of Navy Federal's Security Governance, and Risk, program. Conducts formal assessments of controls following the Enterprise Risk Management Framework, directly supporting the planning and execution of assessment activities. Evaluates both the design and operational effectiveness of security controls by defining and completing comprehensive test plans and procedures. Collaborates with system owners, process owners, and technical teams to review assessment outcomes and communicate findings and recommendations effectively. Maintains a comprehensive understanding of industry leading practices and Navy Federal's internal security processes to confirm adherence to regulatory requirements. Works independently with minimal supervision and applies thorough knowledge of business goals to advance key operational initiatives.

Responsibilities

• Independently leads efforts to identify and assess technical risks related to security infrastructure, applications, systems, and data through comprehensive Risk and Control Self-Assessment (RCSA) testing.
• Evaluate the design and effectiveness of security controls, document findings, and confirm that controls meet regulatory and organizational standards.
• Identify security control gaps, weaknesses, and recommend improvements.
• Assess whether risk management practices within security control environments are consistent with applicable regulatory requirements and recognized industry standards (such as NIST, FFIEC, NCUA, and GLBA).
• Facilitates the incorporation of lessons learned, feedback, and new risk insights into future assessments of security controls.
• Prepare and present regular reports to senior management and stakeholders on the status of technical risks, trends, and improvement opportunities.
• Keep thorough and precise records of risk and control evaluations and confirm RCSA documentation is up to date within the organization's GRC platform.
• Analyze innovative technologies in relation to security business processes to assess associated risks.
• Function as a subject matter advisor on security operational risk and provide guidance to process owners and senior management.
• Actively identify opportunities to improve organizational risk assessment processes, reporting practices, and related tools by aligning with industry leading practices.
• Promote a culture of risk awareness and proactive risk management throughout the organization.
• Foster a collaborative, inclusive, and people-centered workplace that values and empowers every team member.

Qualifications

• Bachelor's degree in Information Technology, Computer Information Systems, Risk Management, or related field, or equivalent experience.
• Experience in the banking or financial services sector, concentrating on Information Security and Information Technology risk management.
• Hands-on experience testing, documenting, and reporting on risks and controls across information security, cybersecurity, and IT governance domains.
• Hands-on experience identifying and assessing risks specifically within information security and cybersecurity processes and procedures.
• Hands-on experience overseeing audit and control assessments in regulated settings.
• Hands-on experience collaborating with staff, management, stakeholders, and vendors at all levels.
• Advanced knowledge of regulatory requirements and industry standards, including NIST, FFIEC, NCUA, and GLBA.
• Advanced ability to build effective relationships through rapport, trust, diplomacy, and tact.
• Excellent analytical, problem-solving, and decision-making skills.
• Strong interpersonal and communication skills, with the ability to convey complex risk concepts to non-technical stakeholders.
• Ability to effectively manage multiple tasks while adjusting to evolving priorities.

Desired Qualifications

• Master's Degree in related field or equivalent combination of training, education, and experience.
• Relevant industry certifications (e.g., CRISC, CISA, CIA) are preferred.
• Working knowledge of Navy Federal's mission, objectives, functions, and policies

Hours: Monday - Friday, 8:00AM - 4:30PM

Location: 820 Follin Lane, Vienna, VA 22180

About Us
Navy Federal provides much more than a job. We provide a meaningful career experience, including a culture that is energized, engaged and committed; and fierce appreciation for our teams, who are rewarded with highly competitive pay and generous benefits and perks.

Our approach to careers is simple yet powerful: Make our mission your passion.

Fortune 100 Best Companies to Work For 2025

Yello and WayUp Top 100 Internship Programs

Computerworld Best Places to Work in IT

Newsweek Most Loved Workplaces

2025 PEOPLE Companies That Care

Newsweek Most Trustworthy Companies in America

Military Times 2025 Best for Vets Employers

Best Companies for Latinos to Work for 2024

Forbes 2025 America's Best Large Employers

Forbes 2025 America's Best Employers for New Grads

Forbes 2025 America's Best Employers for Tech Workers

2025 RippleMatch Campus Forward Award Winner for Overall Excellence

Military.com Top Military Spouse Employers 2025

2025 Handshake Early Talent Award

From Fortune . 2025 Fortune Media IP Limited. All rights reserved. Used under license. Fortune and Fortune Media IP Limited are not affiliated with, and do not endorse products or services of, Navy Federal Credit Union.

Equal Employment Opportunity: All qualified applicants will receive consideration for employment without regard to age, race, sex, color, religion, national origin, disability, veteran status, pregnancy, sexual orientation, genetic information, gender identity or any other basis protected by applicable law.

Disclaimers: Navy Federal reserves the right to fill this role at a higher/lower grade level based on business need. An assessment may be required to compete for this position. Job postings are subject to close early or extend out longer than the anticipated closing date at the hiring team's discretion based on qualified applicant volume. Navy Federal Credit Union assesses market data to establish salary ranges that enable us to remain competitive. You are paid within the salary range, based on your experience, location and market position. For additional details regarding compensation and benefits, review the Benefits page of the Navy Federal Career Site.

Protect Yourself from Job Scams: Navy Federal Credit Union jobs are posted on our career site, jobs.navyfederal.org and reputable job boards (e.g., LinkedIn, Indeed). We do not post jobs on social media marketplaces, messaging apps or unverified websites. We will never ask candidates for payment, bank details or personal financial information during the hiring process.

Bank Secrecy Act: Remains cognizant of and adheres to Navy Federal policies and procedures, and regulations pertaining to the Bank Secrecy Act.