Citizens Logo

Citizens

ETS Risk Analyst II

Reposted 4 Days Ago
In-Office or Remote
Hiring Remotely in United States
Mid level
In-Office or Remote
Hiring Remotely in United States
Mid level
Execute technology and cybersecurity control monitoring and testing, assess control design and operating effectiveness, document audit-ready results, support remediation validation and issue management, analyze trends and KRI data, participate in RCSAs and process mapping, and drive automation and analytics to improve control coverage and risk insight.
The summary above was generated by AI

ETS Risk Analyst II – Monitoring and Testing

Role Overview

The Enterprise Technology & Security (ETS) Risk Analyst II plays a critical role in the identification, assessment, and mitigation of technology and security related risks across the organization. Working within a first-line risk team, this role partners directly with Risk Managers to execute control monitoring and testing that aligns with the bank's risk appetite framework, regulatory expectations, and industry standards including Cybersecurity Risk Institute (CRI) Profile, NIST 800-53, and NIST Cybersecurity Framework. You will independently assess control effectiveness, monitor key risk indicators, and analyze results to identify trends, control gaps, and areas for improvement. This role requires strong professional judgment, high quality documentation, and timely communication to support a resilient control environment and informed risk decisions. This is an excellent opportunity for an early-career risk professional looking to build foundational expertise in technology and security risk within a growing regulated financial institution.

Responsibilities

  • Partner with Risk Managers to execute the control monitoring and testing program across multiple complex technology and cybersecurity processes.

  • Independently perform control design and operating effectiveness testing in accordance with established methodologies and timelines.

  • Assess material controls and determine whether enhanced controls are effective to support issue validation and closure.

  • Document testing results clearly and accurately in the system of record and supporting tools, producing audit ready documentation suitable for QA, Internal Audit, and Regulatory review.

  • Support the analysis of monitoring and testing results to identify themes, trends, root causes, and emerging issues.

  • Escalate control deficiencies, emerging risks, and potential delays in a timely and professional manner.

  • Support issue management activities, including testing to validate remediation and support issue closure 

  • Participate in Risk and Control Self Assessments (RCSAs), including creation and validation of process maps that reflect key processes, risks, and controls 

  • Maintain awareness of emerging risks and evolving technologies (e.g., artificial intelligence, automation, and data driven processes) and assess their impact on control design, effectiveness, and monitoring approaches.

  • Contribute to the continuous monitoring program by leveraging automated testing, key control metrics, and trend analysis to improve risk insight and control coverage.

  • Identify, evaluate, and prioritize opportunities to enhance control testing through automation, data analytics, and improved key control metrics, partnering with stakeholders to support implementation.

  • Build effective working relationships with business and technology stakeholders to stay informed of process changes and emerging risks.

  • Develop understanding of internal policies, infrastructure processes, and evolving industry risk trends.

  • Proactively pursue ongoing professional development, including relevant certifications, industry training, etc. to maintain current knowledge in a rapidly evolving field.

Experience & Skills

Required:

  • 3–5 years of experience in IT, information security, risk management, or internal audit.

  • Foundational understanding of technology risk concepts, control frameworks (NIST 800-53, NIST CSF, CRI Profile, COBIT, or ITIL), and risk management lifecycle.

  • Familiarity with GRC platforms (e.g., Archer) and IT service management tools (e.g., ServiceNow, Jira).

  • Ability to analyze and interpret data from security and operational monitoring tools.

  • Strong written and verbal communication skills, with the ability to translate technical risk findings into clear documentation.

  • Demonstrated ability to manage multiple priorities in a fast-paced environment with attention to detail.

  • Proficiency in Microsoft Office Suite (Excel, Word, PowerPoint).

 

Preferred:

  • Experience in a regulated financial services or banking environment.

  • Familiarity with cloud environments (AWS, Azure) or infrastructure risk concepts.

  • Exposure to audit response, regulatory exam support, or corrective action tracking.

 

Education

  • Bachelor's degree in Information Technology, Cybersecurity, Business, or a related field required.

  • One or more of the following certifications are preferred:
  • CompTIA Security+
  • AWS Cloud Practitioner or Microsoft Azure Fundamentals

  • CISA (Certified Information Systems Auditor)

  • CRISC (Certified in Risk and Information Systems Control)

Hours & Work Schedule

  • Hours per Week: 40
  • Work Schedule: Monday - Friday
  • Hybrid: 4 days per week onsite
About Us

Equal Employment Opportunity

Citizens, its parent, subsidiaries, and related companies (Citizens) provide equal employment and advancement opportunities to all colleagues and applicants for employment without regard to age, ancestry, color, citizenship, physical or mental disability, perceived disability or history or record of a disability, ethnicity, gender, gender identity or expression, genetic information, genetic characteristic, marital or domestic partner status, victim of domestic violence, family status/parenthood, medical condition, military or veteran status, national origin, pregnancy/childbirth/lactation, colleague’s or a dependent’s reproductive health decision making, race, religion, sex, sexual orientation, or any other category protected by federal, state and/or local laws. At Citizens, we are committed to fostering an inclusive culture that enables all colleagues to bring their best selves to work every day and everyone is expected to be treated with respect and professionalism. Employment decisions are based solely on merit, qualifications, performance and capability.

Equal Employment and Opportunity Employer

Job Applicant Data Privacy Policy

Background Check

Any offer of employment is conditioned upon the candidate successfully passing a background check, which may include initial credit, motor vehicle record, public record, prior employment verification, and criminal background checks. Results of the background check are individually reviewed based upon legal requirements imposed by our regulators and with consideration of the nature and gravity of the background history and the job offered. Any offer of employment will include further information.


Similar Jobs

4 Hours Ago
Remote or Hybrid
Junior
Junior
Consumer Web • eCommerce • Information Technology • Retail • Software • Analytics • App development
Coordinate end-to-end installation projects: track progress, schedule service providers, arrange deliveries, ensure compliance, document all interactions in systems (Installation Management System, myRedVest, Salesforce), resolve work order issues, and provide inbound/outbound customer support to deliver consistent service.
Top Skills: Installation Management SystemMyredvestSalesforce
4 Hours Ago
Remote or Hybrid
Junior
Junior
Consumer Web • eCommerce • Information Technology • Retail • Software • Analytics • App development
The Services Project Coordinator facilitates customer installation jobs, manages communications with all stakeholders, and ensures projects meet timelines and compliance requirements while providing excellent customer service.
Top Skills: Installation Management SystemMyredvestSalesforce
4 Hours Ago
Remote or Hybrid
Junior
Junior
Consumer Web • eCommerce • Information Technology • Retail • Software • Analytics • App development
The Services Project Coordinator manages installation jobs, coordinating with customers and service providers to ensure timely project execution and issue resolution.
Top Skills: Installation Management SystemSalesforce

What you need to know about the Seattle Tech Scene

Home to tech titans like Microsoft and Amazon, Seattle punches far above its weight in innovation. But its surrounding mountains, sprinkled with world-famous hiking trails and climbing routes, make the city a destination for outdoorsy types as well. Established as a logging town before shifting to shipbuilding and logistics, the Emerald City is now known for its contributions to aerospace, software, biotech and cloud computing. And its status as a thriving tech ecosystem is attracting out-of-town companies looking to establish new tech and engineering hubs.

Key Facts About Seattle Tech

  • Number of Tech Workers: 287,000; 13% of overall workforce (2024 CompTIA survey)
  • Major Tech Employers: Amazon, Microsoft, Meta, Google
  • Key Industries: Artificial intelligence, cloud computing, software, biotechnology, game development
  • Funding Landscape: $3.1 billion in venture capital funding in 2024 (Pitchbook)
  • Notable Investors: Madrona, Fuse, Tola, Maveron
  • Research Centers and Universities: University of Washington, Seattle University, Seattle Pacific University, Allen Institute for Brain Science, Bill & Melinda Gates Foundation, Seattle Children’s Research Institute

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account