Sr. IT and Security Risk Analyst

Company Details

Company URL: https://www.berkleytechnologyservices.com/

Berkley Technology Services (BTS) is the technology engine behind W. R. Berkley Corporation, a Fortune 400 insurance powerhouse. Work in a hybrid role with offices in Des Moines, IA| Wilmington, DE | Irving, TX | Manassas, VA. BTS delivers innovative software solutions, secure system connectivity, and world-class IT operations across the enterprise.

We offer a collaborative, forward-thinking culture where tech professionals thrive. Our team enjoys a casual dress code, flexible work options, and a competitive benefits package.

Responsibilities

We’re looking for a proactive and strategicSr. IT & Security Risk Analystto join our growingIT Governance, Risk, and Compliance (GRC)team. You’ll play a key role inmaturing our IT risk program, assist with implementing tools and procedures that improve risk assessment/analysis processes, consult on risk mitigation, help drive process and/or control enhancements, and partner with sr. leadership and teams across the organization to help drive continuous improvement.

• Lead and assist with efforts tomature the IT risk management program, identify and implement process improvements and explore automation opportunities where valuable.
• Support the implementation and maturation ofcyber risk quantification (CRQ)platforms and related processes.
• Ensure organizational awareness, acknowledgement, and help facilitate informed decisions regarding identified risks and issues.
• ConductIT risk assessmentsacross cloud and on-premise environments (network, infrastructure, applications, systems, and associated IT processes).
• Collaborate with IT, InfoSec, and business teams to assess and communicate risk posture, mitigation recommendations, and facilitate the issue management lifecycle.
• Perform top-down and bottom-up assessments of controls, processes, systems, and technologies
• Help ensure compliance with regulations likeNYDFS 500,GDPR,SOX,CCPA, PCI, DORA, andSWIFT.
• Utilize tools and frameworks such asArcher,ServiceNow,CRQ platform, FAIR,NIST, CIS,ISO, andCOBIT.
• Partner with cross-functional teams tobuild scalable, sustainable GRC processesand foster a culture of risk awareness.

Qualifications

• Bachelor’s degree in Computer Science, Information Technology, Engineering, Cybersecurity, or related field.
• 3+ years of hands-on experience inIT risk management,cybersecurity, orGRC operations.
• Strong technical background innetworking,systems, orapplication development.
• Experience configuring or supportingGRC platformsandrisk automation tools.
• Familiarity withregulatory complianceandrisk frameworks(NIST, CIS, ISO, COBIT, UCF).
• Excellent communication, analytical, and organizational skills with the ability to communicate and collaborate with sr. leadership.
• Preferred certifications:CISA,CISSP,CRISC,CGEIT, or similar.

Why Join BTS?Work with aFortune 400company

• Be part of amission-driven, tech-forwardteam
• Leadprogram maturity and innovationin IT risk
• Access tocareer growth,training, andcertification support

The Company is an equal employment opportunity employer.

Sponsorship Details

Sponsorship not Offered for this RoleWe’re looking for a proactive and strategicSr. IT & Security Risk Analystto join our growingIT Governance, Risk, and Compliance (GRC)team. You’ll play a key role inmaturing our IT risk program, assist with implementing tools and procedures that improve risk assessment/analysis processes, consult on risk mitigation, help drive process and/or control enhancements, and partner with sr. leadership and teams across the organization to help drive continuous improvement. - Lead and assist with efforts tomature the IT risk management program, identify and implement process improvements and explore automation opportunities where valuable. - Support the implementation and maturation ofcyber risk quantification (CRQ)platforms and related processes. - Ensure organizational awareness, acknowledgement, and help facilitate informed decisions regarding identified risks and issues. - ConductIT risk assessmentsacross cloud and on-premise environments (network, infrastructure, applications, systems, and associated IT processes). - Collaborate with IT, InfoSec, and business teams to assess and communicate risk posture, mitigation recommendations, and facilitate the issue management lifecycle. - Perform top-down and bottom-up assessments of controls, processes, systems, and technologies - Help ensure compliance with regulations likeNYDFS 500,GDPR,SOX,CCPA, PCI, DORA, andSWIFT. - Utilize tools and frameworks such asArcher,ServiceNow,CRQ platform, FAIR,NIST, CIS,ISO, andCOBIT. - Partner with cross-functional teams tobuild scalable, sustainable GRC processesand foster a culture of risk awareness.Mid-Senior Level