IT Risk Management Analyst

Job Responsibilities:

• Identify and analyze IT risks, security threats, and vulnerabilities within the organization's infrastructure, applications, and systems.
• Conduct IT risk assessments and develop risk treatment plans.
• Maintain a risk register to track identified risks and remediation progress.
• Ensure compliance with standard frameworks such as ISO 27001, NIST, etc.
• Support the development and maintenance of IT risk policies, procedures, and best practices.
• Recommend and implement risk mitigation strategies to protect critical assets.
• Work with Information Security, IT Infrastructure team, BCM team to assess and strengthen risk monitoring and security controls.
• Monitor IT control effectiveness and suggest improvements where needed.
• Support the organization’s incident response process by analyzing potential IT incidents and recommending risk-based corrective actions.
• Prepare IT risk reports and dashboards for senior management and stakeholders.
• Work closely with IT, Information Security, Compliance, and business teams to integrate risk management into daily operations.
• Conduct IT risk awareness training for employees and management.

Job Requirements:

• Bachelor’s degree in Information Technology, Cybersecurity, Risk Management, or a related field.
• 2+ years of experience in IT risk management or cybersecurity.
• Experience in IT audits, security assessments, or regulatory compliance is a plus.
• Good knowledge of IT risk frameworks (NIST, ISO 27001, COBIT, etc.).
• Understanding of cybersecurity principles and vulnerability management.
• Proficiency in cloud security (AWS, Azure, Google Cloud, etc) is a plus.
• Strong analytical and problem-solving skills.
• Excellent communication and reporting abilities.
• Ability to work collaboratively across teams and adapt to changing priorities.
• Certifications (Preferred but Not Required): CISA, CISSP, CompTIA Security+, etc.