Compliance & Operational Risk Testing Analyst IT Audit & Cybersecurity

Compliance & Operational Risk Testing Analyst IT Audit & Cybersecurity

We are seeking a Compliance & Operational Risk Testing Analyst to support independent testing and control validation activities within a highly regulated enterprise environment. This role sits within the second line of defense and focuses on assessing compliance with cybersecurity, IT risk, operational risk, and regulatory requirements.

The ideal candidate brings a combination of IT audit, cybersecurity, compliance testing, and risk management experience within large enterprise or financial services organizations.

• Execute independent compliance and operational risk testing activities under established testing methodologies
• Develop and document testing procedures for complex policies, controls, regulations, and operational processes
• Perform test of design and test of operating effectiveness for IT and cybersecurity controls
• Review compliance with enterprise policies, regulatory requirements, and security standards
• Prepare detailed work papers, supporting evidence, and formal testing documentation
• Identify control weaknesses, process gaps, and operational risks
• Develop root cause analysis and recommend corrective actions
• Partner with internal audit, cybersecurity, compliance, and business stakeholders
• Present findings, testing results, and remediation recommendations to leadership
• Maintain organized audit and testing documentation for regulatory and governance purposes

• 4+ years of experience in: IT Audit, Operational Risk, Compliance Testing, Cybersecurity Risk, Internal or External Audit
• Experience interpreting and applying:
  Federal regulations, State regulations, IT compliance standards, Cybersecurity requirements
• Experience performing:
  Control testing, Risk assessments, Operational effectiveness reviews, Compliance validation
• Advanced knowledge of testing methodologies and control frameworks
• Strong documentation, analytical, and communication skills
• Advanced Microsoft Office skills including Excel, Word, and Power Point
• Bachelor s degree or equivalent experience

• 6+ years of IT Audit or Cybersecurity experience within large financial institutions
• Certifications preferred: CISA, CISSP, CISM, CRISC, CIA, CDPSE
• Experience supporting second line of defense functions
• Knowledge of enterprise cybersecurity governance and risk frameworks
• Familiarity with regulatory and audit environments in banking, insurance, or financial services

• Strong risk and controls mindset
• Comfortable working independently in highly regulated environments
• Able to communicate effectively with technical and executive stakeholders
• Detail-oriented with strong investigative and documentation skills
• Experienced balancing multiple testing engagements simultaneously