×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Information Security IT Business Analyst IT Consultant

Senior Risk Analyst - IT & Cyber Risk Assurance

Job in Friday Harbor, San Juan County, Washington, 98250, USA
Listing for: Popular Bank
Full Time position
Listed on 2026-02-28
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security, IT Business Analyst, IT Consultant
Salary/Wage Range or Industry Benchmark: 80000 - 100000 USD Yearly USD 80000.00 100000.00 YEAR
Job Description & How to Apply Below
Location: Friday Harbor

Position Title: Senior Risk Analyst - IT & Cyber Risk Assurance

Date: Feb 12, 2026

Location: San Juan, PR

Company: Popular Bank

General Description

The Senior Risk Analyst will play a key role in advancing the second‑line IT and Cyber Risk Monitoring and Assurance Program. This position provides independent oversight and effective challenge across technology and cybersecurity risk domains, partnering with first line and control functions to strengthen risk governance, and supports senior management and committees through actionable risk insights, reporting, and regulatory readiness.

Essential Duties and Responsibilities

IT & Cyber Risk Framework & Governance:

  • Lead the ongoing enhancement and governance of the IT & Cyber Risk and Control Matrix, ensuring alignment with regulatory requirements and industry frameworks such as NIST, COBIT, FFIEC, CCM, PCI, and others.
  • Serve as a trusted second‑line advisor to IT and Cybersecurity leadership to ensure risk management practices are implemented consistently across the organization.
  • Prepare, generate, and provide materials (e.g., risk scorecards, dashboards, and metrics) required for various Risk Committees, Senior Management Team and Executives by the required due dates.
  • Independently monitor remediation commitments and provide credible challenge on timeliness, sustainability of remediation, and residual risk calculation and escalates concerns when risks remain outside of the organization’s risk appetite.

Risk Oversight & Advisory:

  • Perform second‑line review and challenge of policies, standards, risk acceptances, risk escalations, and control implementations to ensure alignment with control expectations and the IT & Cyber Risk and Control Matrix.
  • Lead the execution of the IT and Cyber Risk and Control Self‑Assessments (RCSAs), including scoping, control evaluation, issue identification, action‑plan development, and residual risk assessments.
  • Translate control weaknesses into clear risk statements, validate root cause, and recommend solutions aligned with the organization’s risk appetite.
  • Support regulatory exams and audits by coordinating activities, reviewing evidence packages, ensuring consistent narratives, and tracking commitments and responses through closure.
  • Develop and deliver targeted training for business and technology stakeholders (e.g., RCSA processes, risk acceptance standards, key controls, evidence expectations, etc.).

Key Risk Indicators (KRIs):

  • Design, enhance, and govern KRIs, including metric definitions, thresholds, data lineage, data quality controls, and exception handling.
  • Perform trends analysis to identify potential issues and perform root cause analysis to provide recommendations to Management on how to better manage their IT & Cyber risk posture.
Education

Bachelor’s degree in Business Administration, Information Technology, Computer Engineering, Computer Science, Cybersecurity or related field.

Experience
  • At least 5 years of working experience in IT controls testing, IT Risk, IT Audit and/or Cybersecurity positions; or in a consulting IT/Cyber role with a broad view of Information Technology or Information Security controls.
  • Demonstrated experience applying IT and cybersecurity frameworks and regulatory expectations (e.g., NIST, COBIT, FFIEC, CRI, CCM, etc.) including Policy and Standards review and control design assessments.
  • Experience with risk governance processes such as RCSAs, Issue Management, Risk Acceptances, and committee/board level reporting.
  • IT or Cyber certifications preferred (e.g. CISA, CISM, CISSP, CGEIT, CRISC)
Other Qualifications
  • Strong analytical skills with ability to synthesize complex technical topics into clear risk narratives for executives.
  • Advanced Excel skills preferred; experience with reporting/dashboard tools is a plus.
  • Excellent written and verbal communication in English and Spanish, including executive‑level communication.
  • Strong judgement, critical thinking, and ability to operate independently with minimal direction.
  • Excellent organizational skills are required to establish priorities, multitask, work under pressure, and meet deadlines.
  • Excellent interpersonal skills and teamwork.
  • Proficient in Microsoft Office:
    Wor…
Position Requirements
10+ Years work experience
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search