IT Risk Operations - Sr Analyst

About the Job:

As an IT Risk Operations Senior Analyst, you lead the identification, assessment, and optimization of information security risks and controls. You lead enterprise cyber maturity and IT risk assessments, serving as a trusted advisor on complex and ambiguous risk matters. As a subject matter expert for the IT Risk team, you track and manage all discovered risks and follow up on treatment plans.

You have excellent presentation and communication skills and are skilled at Service Now as a GRC tool. You are committed to excellence, accuracy, and discretion in all aspects of your work.

• Execute complex GRC initiatives and assessments to ensure compliance with internal policies and external regulations
• Conduct ad-hoc IT risk and compliance assessments across technical and non-technical domains and define effective risk mitigation strategies
• Conduct an annual comprehensive IT Risk Assessment in compliance with applicable regulatory requirements using a combination of interviewing and data analysis
• Deliver to and advise senior management on risk assessment results and associated responses
• Partner with stakeholders to resolve GRC issues and strengthen governance and risk management practices
• Provide guidance and mentorship to junior team members to support their professional development

• Bachelor’s degree in MIS, Business, or a related field, or equivalent relevant experience
• 6–8 years of experience in information systems or systems audit with strong knowledge of technologies and processes
• Impeccable oral presentation skills, with the ability to effectively engage, influence, and build trusted relationships with senior leadership
• Demonstrated experience designing and implementing monitoring strategies for IT general controls
• A self-starter mentality with strong ambition, intellectual curiosity, and the ability to proactively tackle new challenges with minimal supervision
• Strong analytical and problem-solving skills, with the ability to navigate complex and ambiguous situations
• Experience with Service Now IRM (Information Risk Management Module)
• Excellent relationship management, influence, and communication skills, with sound judgment and diplomacy

• Adaptive Communication:
  Formulates strategies to convey complex information to targeted audiences; communicates and liaises between technical and non-technical audiences
• Cross Functional Partnering & Planning:
  Facilitates collaboration, communication, coordination, and planning with individuals and teams from different functions to achieve common goals
• Negotiation & Managing Objection:
  Compromises in a cooperative effort to reach mutually satisfactory conclusions and results; navigates challenging conversations
• Process Improvement:
  Assesses current processes and impact to analyze, design, and manage potential improvement areas for more efficient, effective workflow
• Risk Assessment & Identification:
  Leverages industry knowledge to determine and seek hazards that could prevent the program, enterprise, or investment from achieving objectives; designs systematic processes for identifying severity and evaluating impacts
• Risk Consulting:
  Identifies, understands, and facilitates discussions and provides recommendations to manage risk in collaboration with business and process owners

Pay Range
- Start: $98,320.00

Pay Range
- End: $

Northwestern Mutual is an equal opportunity employer that welcomes talented individuals of all backgrounds. We are committed to creating and maintaining an environment in which each employee can contribute creative ideas, seek challenges, assume leadership and continue to focus on meeting and exceeding business and personal objectives.