IT Risk & Compliance Analyst

Currently we are unable to Sponsor. We Encourage to apply USC & GC****Job Title: IT Risk & Compliance AnalystLocation: New York, NY (Hybrid)Experience: 10+ YearsPosition: (Full Time)Job Summary:We are seeking an IT Risk & Compliance Analyst with a strong background in Third-Party Risk Assessment, Internal Security Controls, and Network Security Cyber Background. This role will focus on identifying, assessing, and mitigating cybersecurity risks across internal systems and external vendors while ensuring compliance with industry standards.Key Responsibilities:Lead third-party/vendor risk assessments (SOC 1/SOC 2, security questionnaires, due diligence)Manage and maintain risk register, risk assessments, and remediation trackingEvaluate and strengthen internal security controls and governance processesSupport audit & compliance efforts (PCI DSS, NIST, ISO 27001)Monitor security threats, vulnerabilities, and incident response activitiesConduct security control gap assessments across infrastructure and applicationsCollaborate with cross-functional teams to drive risk mitigation strategiesSupport disaster recovery and business continuity planning Required Skills:7+ years in IT Risk, Cybersecurity, or IT AuditStrong experience in Third-Party Risk Management (TPRM)Hands-on knowledge of network security, vulnerability management, and threat monitoringExperience with internal controls, risk frameworks, and compliance standards (PCI DSS, NIST, ISO 27001)Exposure to incident response and security operationsCertifications like CISA, CRISC, or CISSP (preferred)Please share your resumes to naresh@rsatechgroup.com