Job title : Risk Associate
Location : New York, NY
Type : Full time
Our client is hiring a Senior Associate to join our Technology & Risk Management team, focusing on Risk and Control Self-Assessment (RCSA) validation. This role is ideal for professionals with strong analytical, technical, and project management skills who can ensure accuracy and compliance in technology and cybersecurity risk assessments.
What You’ll Do:
- Validate technology and cybersecurity RCSAs, including IT general controls, infrastructure, applications, and cyber-specific controls.
- Review and challenge control design, test results, and effectiveness assessments.
- Coordinate with technology teams and risk stakeholders to manage validation activities.
- Document findings, escalate material issues, and ensure timely remediation.
- Apply structured project management to track and deliver validation activities.
- Prepare dashboards, reports, and metrics for governance forums and senior leadership.
What We’re Looking For:
- Bachelor’s degree in IT, Cybersecurity, Risk Management, or related field (Master’s preferred).
- Certifications such as CISA, CRISC, CISSP, CISM, CCAK, PMP are highly desirable.
- 5–10+ years in Technology Risk Management, Cybersecurity Risk, IT Audit, or Operational Risk.
- Hands-on experience validating technology and cyber controls within RCSA frameworks.
- Strong knowledge of IT and cybersecurity risks, frameworks (NIST, ISO 27001, COBIT, ITIL), and regulatory expectations.
- Excellent communication, stakeholder engagement, and project management skills.
