Principal IT Risk Analyst- Infrastructure

DescriptionPrincipal IT Risk Analyst (Infrastructure)The Principal IT Risk Analyst (Infrastructure) is responsible for providing oversight and governance of technology risks to ensure the organization operates in a safe and sound manner within regulatory expectations. This position is a backfill and will join a first-line risk team working directly with enterprise technology enablement teams (e.g., Cloud based Infrastructure, Storage, IT Operations) to proactively identify, assess, and mitigate risk aligned with the enterprise risk appetite framework and industry best practices.ResponsibilitiesServe as a technical Subject Matter Expert on projects and working groups, identifying risks and controls inherent in cloud hosted infrastructure, storage, and IT Operations.Collaborate with technical teams to document process maps, procedures, control adequacy worksheets, control test steps, and job aids using Visio, Confluence, and other enterprise documentation tools.Respond to internal and external audits, regulatory exams, and other requests for information. Assist in evaluating findings and implementing corrective actions.Identify risk issues, document them in GRC Archer, manage action plans, and provide evidence for closure.Engage in Third Party Risk Management Program activities to manage technology risk for related service providers in assigned areas.Analyze and interpret risk and security data from tools such as GRC, Splunk, DataDog, ServiceNow, Nexus, and Qualys to identify trends and gaps.Partner with risk colleagues to complete RCSAs, ad-hoc risk assessments, procedure updates, and other risk management activities.Develop well-written, data-driven risk reports within deadlines.Act as a liaison with business stakeholders to identify, track, and manage technology risk exposure.Manage multiple time-sensitive workloads using Jira and other productivity tools.Stay current on changes to infrastructure processes, internal policies, and industry trends to assess potential risk impacts.Build strong relationships with business partners, Audit, Governance teams, and SMEs to support risk mitigation.Experience and SkillsTechnical knowledge in Infrastructure, Storage, and Cloud Infrastructure.Familiarity with:Storage solutions and cyber recovery best practicesOperating systems: RHEL, Windows, VMware ESXSecurity tools: Qualys, Wiz, Splunk, CyberArkNetwork and infrastructure security best practicesExperience with tools like Excel, ServiceNow, DataDog, Tableau, or Grafana for data analysis and reporting.Understanding of control frameworks (NIST, CoBIT, ITIL) and risk self-assessment.Strong interpersonal, analytical, and writing skills.Ability to work in a fast-paced, ambiguous environment with multiple priorities.Education* Minimum 7-10 years in IT, risk management, or internal audit with increasing responsibility.* Bachelor's degree (IT/Security/Business) required; Master's preferred.Preferred CertificationsCISA, CISM, CISSP, CRISC, AWS Cloud Practitioner, Azure Fundamentals.Work ScheduleHours per Week: 40Work Schedule: M-FHybrid: 4 days per week onsite at a Citizens corporate office#LI-Citizens1Some job boards have started using jobseeker-reported data to estimate salary ranges for roles. If you apply and qualify for this role, a recruiter will discuss accurate pay guidance.Equal Employment OpportunityCitizens, its parent, subsidiaries, and related companies (Citizens) provide equal employment and advancement opportunities to all colleagues and applicants for employment without regard to age, ancestry, color, citizenship, physical or mental disability, perceived disability or history or record of a disability, ethnicity, gender, gender identity or expression, genetic information, genetic characteristic, marital or domestic partner status, victim of domestic violence, family status/parenthood, medical condition, military or veteran status, national origin, pregnancy/childbirth/lactation, colleague's or a dependent's reproductive health decision making, race, religion, sex, sexual orientation, or any other category protected by federal, state and/or local laws. At Citizens, we are committed to fostering an inclusive culture that enables all colleagues to bring their best selves to work every day and everyone is expected to be treated with respect and professionalism. Employment decisions are based solely on merit, qualifications, performance and capability.Background CheckAny offer of employment is conditioned upon the candidate successfully passing a background check, which may include initial credit, motor vehicle record, public record, prior employment verification, and criminal background checks. Results of the background check are individually reviewed based upon legal requirements imposed by our regulators and with consideration of the nature and gravity of the background history and the job offered. Any offer of employment will include further information.BenefitsWe offer competitive pay, comprehensive medical, dental and vision coverage, retirement benefits, maternity/paternity leave, flexible work arrangements, education reimbursement, wellness programs and more.View BenefitsAwards We've ReceivedAge-Friendly Institute's Certified Age-Friendly EmployerThe Banker'sUS Bank of the YearDave Thomas Foundation's Best Adoption-Friendly WorkplaceDisability:IN Best Places to Work for Disability InclusionHuman Rights Campaign Corporate Equality Index 100 Award