Technical Risk Analyst

The Technical Risk Analyst is responsible for identifying, assessing, and mitigating technical risks, cyber threats, and ensuring operational resilience across the enterprise. This role safeguards the organization's technology infrastructure, applications, and data by collaborating with cross-functional teams to implement effective risk management strategies.

The ideal candidate will possess a strong understanding of risk assessment frameworks, cybersecurity principles, and IT operations. This position involves conducting risk assessments, supporting compliance initiatives, and promoting risk awareness throughout the organization.

• Conduct risk assessments and vulnerability analyses on existing and emerging technologies.

• Collaborate with IT and Information Security teams to identify potential risks and develop mitigation strategies.

• Monitor and analyze security incidents and trends to strengthen risk management practices.

• Assist in the development, documentation, and implementation of risk management policies and procedures.

• Stay informed on industry regulations, standards, and best practices related to information security and risk management.

• Participate in audits and compliance assessments to ensure adherence to internal and external regulatory standards.

• Prepare and deliver risk reports for senior management, highlighting findings, trends, and mitigation progress.

• Work cross-functionally to promote risk awareness and foster a culture of proactive risk management.

• Assist with managing third-party/vendor risks by evaluating external service providers and ensuring compliance with enterprise standards.

• Support continuous improvement initiatives by identifying emerging risks and recommending process enhancements.

• Bachelor's degree in Computer Science, Information Technology, Risk Management, or a related field (or equivalent combination of training, education, and experience).

• 10+ years of experience in risk analysis, information security, or a related field.

• Hands-on experience with risk assessment frameworks (e.g., NIST, ISO 27001, or COBIT).

• Strong understanding of information technology, cybersecurity, network infrastructure, and cloud computing.

• Experience conducting risk identification, evaluation, and mitigation planning.

• Proven ability to interpret technical data and assess its impact on business operations.

• Strong analytical skills to assess risks and determine effective mitigation strategies.

• Excellent verbal and written communication skills for stakeholder reporting and cross-functional collaboration.

• Strong attention to detail when evaluating risk factors, control measures, and compliance issues.

• Ability to identify potential technical risks and propose practical, actionable solutions.

• Knowledge of regulatory compliance requirements related to cybersecurity and risk management.

• Experience contributing to or leading technical risk reviews within large-scale enterprise environments.

• Demonstrated ability to support audit readiness and control framework alignment (NIST, ISO, COBIT).