Technology Risk Analyst
Remote / Online - Candidates ideally in
Ware, Hampshire County, Massachusetts, 01082, USA
Listed on 2026-06-02
Ware, Hampshire County, Massachusetts, 01082, USA
Listing for:
Country Bank for Savings
Full Time, Part Time, Remote/Work from Home
position Listed on 2026-06-02
Job specializations:
-
IT/Tech
IT Business Analyst, Information Security, Cybersecurity, IT Consultant
Job Description & How to Apply Below
- Medical, dental and vision insurance, a 401(k) Plan with a generous employer contribution plus match;
- Income protection benefits;
- Educational assistance and tuition reimbursement benefits;
- Remote work and flexible scheduling options;
- Generous total paid time off, and more!
About the Job:
We're excited to announce an opportunity for the position of Technology Risk Analyst! This position supports the risk management and information security functions to ensure compliance with the Bank's Vendor Management Program, IT Risk Management Program, and Information Technology Risk Assessment process. This position works closely with the IT Security Department and all business areas to ensure that the appropriate level of vendor and application oversight is maintained throughout the Bank.
Within the department, the Technology Risk Analyst collaborates directly with the Operational Risk Analyst and provides support and back-up when opportunities arise.
The hiring range for this position is $60,000 to $75,000. Starting pay determined based on candidate's qualifications and experience.
This position is Full Time, 40 hours weekly.
Essential Duties and Responsibilities (Other Duties May be Assigned):
- Coordinates with business areas/vendor owners and assist with new third-party vendor onboarding reviews and with continued due diligence reviews based on vendor risk rating. Set review dates, tracks review progress, ensure appropriate documentation is maintained and follows up with the vendor/business area as needed. Review and evaluate the adequacy of reports received for critical and essential vendor oversight to ensure exceptions are resolved, impact analyses are performed, and control considerations are addressed by business areas.
Monitors Google alerts for Critical and Essential vendors in the event of an acquisition or data breach. Retrieve quarterly OFAC reports for the Financial Investigation Department. Collaborates with Accounts Payable to onboard new vendors through the new vendors report. Works collaboratively with business areas to analyze new and renewing vendor contract terms and provides recommended changes to be in line with policy. - Oversee the Bank's Information Technology Risk Assessment process in close collaboration with IT Security. Works with System Owners to identify and understand the applications the Bank uses. Reviews application risk assessments and is responsible for identifying, analyzing, monitoring, reporting, and minimizing information technology risks. Facilities AI reviews for applications that leverage AI with IT Security. Provides administrative oversight for application-specific security.
Works closely with System Owners to understand the applications the Bank uses and to keep application security forms up to date. Ensures User Access Reviews, Generic User Reviews, Independent User Access Reviews, Independent Admin Activity Reviews, and Quarterly Password Changes are completed in line with the Network Security Program. When application-specific exemptions arise, works with IT Security to appropriately report and approve exemptions. - Creates, updates, and generates procedures and reports for Vendor management and Applications management to be in line with banks policies.
- Perform policy reviews during the Annual Corporate Policy review process for applicable policies. Communicates results/recommendations/issues for any third-party vendor/application effectively to all levels of management. Generates monthly reports and memos for Risk Management Committee.
- Develops and maintains a "system of truth" that identifies employee access to applications. Assists managers in identifying access levels that need to be removed when roles change or terminate.
- Performs periodic reviews of the GLBA, Authentication & Access to FI Services and Systems, and other risk assessments. Works closely with business areas and IT Security to ensure reviews are completed in alignment with guidance and key controls are monitored appropriately. Assists impacted departments with creating action and remediation plans.
- Manages the onboarding and off-boarding of vendors and applications in Logic Manager. Supports the management of the centralized third-party risk management platform.
- Provides support, education, and training to staff to build vendor and application risk awareness within the company.
- Assist in audit, compliance, and pre-exam requests…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
Search for further Jobs Here:
×