Analyst, IT Security

This position follows our hybrid workstyle policy: Expected to be in a Raymond James office location a minimum of 10-12 days a month. Please note: This role is not eligible for Work Visa sponsorship, either currently or in the future. Experience: Foundational knowledge of IT risk and control concepts Experience with programming, data analysis, or system testing Experience with data analysis, scripting, or programming (e.g., Python, SQL, PowerShell) Understanding of software development lifecycle (SDLC) and QA/testing methodologies (unit, integration, UAT) Ability to design and execute test cases, including edge cases and negative scenarios Experience working with data sets, normalization, and comparison/reconciliation techniques Familiarity with cybersecurity concepts and frameworks (e.g., vulnerability management, compliance standards) Strong analytical, problem-solving, and critical thinking skills Ability to document processes, testing results, and control narratives clearly for audit purposes Responsibilities: Gather information and analyze risk data for recommendations to the risk modeling and risk scenarios. Develop knowledge and understanding of the organization's policies and procedures and of relevant regulatory codes and codes of conduct to ensure own work adheres to those standards. Obtain authorization from a supervisor or manager for any exceptions from mandatory procedure. Interpret data and identify possible answers. Involves navigating a wide variety of processes, procedures, and precedents. Implement required security measures, such as firewalls or message encryption, monitoring performance to notify security experts of any problems. Skills: Identify, assess, prioritize and manage risks. Exposure to QA/testing practices or software development environments Strong interest in cybersecurity, risk, and control assurance Ability to analyze data, identify patterns, and troubleshoot discrepancies Strong communication skills with ability to document findings clearly Create reports, and review reports created by others, for various audiences as relevant, in a lucid and effective manner, keeping in mind the purpose of reports. Model, analyze, assess, and quantify the impact and probability of various risk scenarios, and select the most appropriate course of action for the given situation. Analyze potential solutions and create recommendations based on the expected benefits, costs, and overall value of the solution for key stakeholders.