IT Governance and Risk Management Analyst I

The IT Governance & Risk Management Analyst I assist management with development and execution of the Information Technology governance, risk assessment and security awareness programs and projects. 

Duties and Responsibilities:

• Support the continued operation of the IT Governance and Risk Management programs and processes, including the performance of third-party risk assessments in accordance with published policies, processes, and procedures. 
• Maintain awareness of and competency in the NIST Risk Management Framework, NIST Cybersecurity Framework, and evolving methodologies around security awareness and training.
• Document risk assessments including findings and recommendations.
• Maintain information systems assurance materials for efforts relating to the third-party risk management.
• Report on the status IT governance and risk management activities.
• Maintain program alignment to internal/external compliance requirements and identified gaps.
• Support local, regional, and global Information Security Awareness Program engagements and events.
• Support the IT Governance and Risk Management program as directed by management. 

Education and Qualifications:

• Minimum of 1 year of IT work experience.
• Capable of managing assignments and work with general supervision.
• Strong communication skills working within group and within Information Technology.
• Practical fundamental knowledge of IT and rudimentary Information Security principles and techniques, business unit products and services, industry standards, and government regulations preferred.