Citizens Logo

Citizens

ETS Risk Analyst II

Posted 26 Days Ago
In-Office or Remote
Hiring Remotely in United States
Mid level
In-Office or Remote
Hiring Remotely in United States
Mid level
Execute technology and cybersecurity control monitoring and testing, assess control design and operating effectiveness, document audit-ready results, support remediation validation and issue management, analyze trends and KRI data, participate in RCSAs and process mapping, and drive automation and analytics to improve control coverage and risk insight.
The summary above was generated by AI

ETS Risk Analyst II – Monitoring and Testing

Role Overview

The Enterprise Technology & Security (ETS) Risk Analyst II plays a critical role in the identification, assessment, and mitigation of technology and security related risks across the organization. Working within a first-line risk team, this role partners directly with Risk Managers to execute control monitoring and testing that aligns with the bank's risk appetite framework, regulatory expectations, and industry standards including Cybersecurity Risk Institute (CRI) Profile, NIST 800-53, and NIST Cybersecurity Framework. You will independently assess control effectiveness, monitor key risk indicators, and analyze results to identify trends, control gaps, and areas for improvement. This role requires strong professional judgment, high quality documentation, and timely communication to support a resilient control environment and informed risk decisions. This is an excellent opportunity for an early-career risk professional looking to build foundational expertise in technology and security risk within a growing regulated financial institution.

Responsibilities

  • Partner with Risk Managers to execute the control monitoring and testing program across multiple complex technology and cybersecurity processes.

  • Independently perform control design and operating effectiveness testing in accordance with established methodologies and timelines.

  • Assess material controls and determine whether enhanced controls are effective to support issue validation and closure.

  • Document testing results clearly and accurately in the system of record and supporting tools, producing audit ready documentation suitable for QA, Internal Audit, and Regulatory review.

  • Support the analysis of monitoring and testing results to identify themes, trends, root causes, and emerging issues.

  • Escalate control deficiencies, emerging risks, and potential delays in a timely and professional manner.

  • Support issue management activities, including testing to validate remediation and support issue closure 

  • Participate in Risk and Control Self Assessments (RCSAs), including creation and validation of process maps that reflect key processes, risks, and controls 

  • Maintain awareness of emerging risks and evolving technologies (e.g., artificial intelligence, automation, and data driven processes) and assess their impact on control design, effectiveness, and monitoring approaches.

  • Contribute to the continuous monitoring program by leveraging automated testing, key control metrics, and trend analysis to improve risk insight and control coverage.

  • Identify, evaluate, and prioritize opportunities to enhance control testing through automation, data analytics, and improved key control metrics, partnering with stakeholders to support implementation.

  • Build effective working relationships with business and technology stakeholders to stay informed of process changes and emerging risks.

  • Develop understanding of internal policies, infrastructure processes, and evolving industry risk trends.

  • Proactively pursue ongoing professional development, including relevant certifications, industry training, etc. to maintain current knowledge in a rapidly evolving field.

Experience & Skills

Required:

  • 3–5 years of experience in IT, information security, risk management, or internal audit.

  • Foundational understanding of technology risk concepts, control frameworks (NIST 800-53, NIST CSF, CRI Profile, COBIT, or ITIL), and risk management lifecycle.

  • Familiarity with GRC platforms (e.g., Archer) and IT service management tools (e.g., ServiceNow, Jira).

  • Ability to analyze and interpret data from security and operational monitoring tools.

  • Strong written and verbal communication skills, with the ability to translate technical risk findings into clear documentation.

  • Demonstrated ability to manage multiple priorities in a fast-paced environment with attention to detail.

  • Proficiency in Microsoft Office Suite (Excel, Word, PowerPoint).

 

Preferred:

  • Experience in a regulated financial services or banking environment.

  • Familiarity with cloud environments (AWS, Azure) or infrastructure risk concepts.

  • Exposure to audit response, regulatory exam support, or corrective action tracking.

 

Education

  • Bachelor's degree in Information Technology, Cybersecurity, Business, or a related field required.

  • One or more of the following certifications are preferred:
  • CompTIA Security+
  • AWS Cloud Practitioner or Microsoft Azure Fundamentals

  • CISA (Certified Information Systems Auditor)

  • CRISC (Certified in Risk and Information Systems Control)

Hours & Work Schedule

  • Hours per Week: 40
  • Work Schedule: Monday - Friday
  • Hybrid: 4 days per week onsite
About Us

Equal Employment Opportunity

Citizens, its parent, subsidiaries, and related companies (Citizens) provide equal employment and advancement opportunities to all colleagues and applicants for employment without regard to age, ancestry, color, citizenship, physical or mental disability, perceived disability or history or record of a disability, ethnicity, gender, gender identity or expression, genetic information, genetic characteristic, marital or domestic partner status, victim of domestic violence, family status/parenthood, medical condition, military or veteran status, national origin, pregnancy/childbirth/lactation, colleague’s or a dependent’s reproductive health decision making, race, religion, sex, sexual orientation, or any other category protected by federal, state and/or local laws. At Citizens, we are committed to fostering an inclusive culture that enables all colleagues to bring their best selves to work every day and everyone is expected to be treated with respect and professionalism. Employment decisions are based solely on merit, qualifications, performance and capability.

Equal Employment and Opportunity Employer

Job Applicant Data Privacy Policy

Background Check

Any offer of employment is conditioned upon the candidate successfully passing a background check, which may include initial credit, motor vehicle record, public record, prior employment verification, and criminal background checks. Results of the background check are individually reviewed based upon legal requirements imposed by our regulators and with consideration of the nature and gravity of the background history and the job offered. Any offer of employment will include further information.


Citizens Boston, Massachusetts, USA Office

28 State St, Boston, MA, United States, 02109

Citizens Dedham, Massachusetts, USA Office

Dedham, United States

Citizens Westwood, Massachusetts, USA Office

Westwood, United States

Similar Jobs

32 Minutes Ago
Remote or Hybrid
105K-130K Annually
Senior level
105K-130K Annually
Senior level
AdTech • Cloud • Digital Media • Information Technology • News + Entertainment • App development
Lead cross-functional program management for Ad Sales Technology initiatives, overseeing multiple concurrent programs from planning through launch. Create integrated program plans, manage dependencies, risks, and resources, drive readiness and launch activities, and coordinate Product, Engineering, Data, QA, and Ad Sales. Provide executive reporting, KPI dashboards, and governance; facilitate cross-functional alignment and decision-making; and use data and retrospectives to improve delivery predictability and operational effectiveness.
Top Skills: ConfluenceExcelJIRAOutlookPowerPointSmartsheetWord
32 Minutes Ago
Remote or Hybrid
United States
245K-280K Annually
Expert/Leader
245K-280K Annually
Expert/Leader
Enterprise Web • Fintech • Payments • Software • Financial Services
Lead finance and accounting functions including strategic finance, FP&A, accounting/controllership, audit, tax, treasury, fundraising support, and investor relations. Partner with founders, board, and cross-functional leaders on planning, forecasting, pricing, M&A readiness, and scaling the finance team while maintaining strong controls and GAAP compliance.
32 Minutes Ago
Remote or Hybrid
Mississippi, USA
79K-135K Annually
Mid level
79K-135K Annually
Mid level
Aerospace • Hardware • Information Technology • Security • Software • Cybersecurity • Defense
Provide hands-on administration and support for high-performance computing networks: configure and maintain switches, routers, and firewalls; ensure STIG compliance; perform backups and disaster recovery; monitor performance; troubleshoot hardware/software issues; document configurations and maintenance.
Top Skills: AristaBackup And Recovery SoftwareCiscoFirewall SoftwareJuniperStig

What you need to know about the Boston Tech Scene

Boston is a powerhouse for technology innovation thanks to world-class research universities like MIT and Harvard and a robust pipeline of venture capital investment. Host to the first telephone call and one of the first general-purpose computers ever put into use, Boston is now a hub for biotechnology, robotics and artificial intelligence — though it’s also home to several B2B software giants. So it’s no surprise that the city consistently ranks among the greatest startup ecosystems in the world.

Key Facts About Boston Tech

  • Number of Tech Workers: 269,000; 9.4% of overall workforce (2024 CompTIA survey)
  • Major Tech Employers: Thermo Fisher Scientific, Toast, Klaviyo, HubSpot, DraftKings
  • Key Industries: Artificial intelligence, biotechnology, robotics, software, aerospace
  • Funding Landscape: $15.7 billion in venture capital funding in 2024 (Pitchbook)
  • Notable Investors: Summit Partners, Volition Capital, Bain Capital Ventures, MassVentures, Highland Capital Partners
  • Research Centers and Universities: MIT, Harvard University, Boston College, Tufts University, Boston University, Northeastern University, Smithsonian Astrophysical Observatory, National Bureau of Economic Research, Broad Institute, Lowell Center for Space Science & Technology, National Emerging Infectious Diseases Laboratories

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account