IT Risk Analyst

Location: West Pittsburgh, PA

Job Type: Full Time / Permanent

The Information Technology (IT) Risk Analyst supports the risk identification and management process across all aspects of Information Technology. Responsibilities include assessing the current adequacy of the security strategy, business continuity /disaster recovery plans, threats to the systems, and then calculating the impact of potential adverse events. Audits and assessments must be continual, as the threat profiles change constantly.


  • Analyze data to better understand potential risks, concerns and outcomes of decisions
  • Assist with conducting IT Self Risk Assessments
  • Conduct IT Vendor Risk Assessments
  • Assist with the completion of Security Questionnaire/Assessments for customers
  • Participate in Customer on-site security assessments
  • Assist with the SSAE-18 SOC 2 audits by collecting and analyzing evidence before submission to external audits
  • Update existing IT Policies as needed
  • Track and monitor any findings from external audits through to remediation
  • Create reports, summaries, presentations and process documents to display results
  • Collaborate with other team members to effectively analyze and present data
  • Develop systems and processes for gathering and storing data for future analytic projects
  • Monitor internal and external data points that may affect the risk level of a decision

Education & Experience:

  • One to five years of experience as an analyst in a similar company or related field
  • Demonstrated ability to prioritize tasks and meet daily deadlines for projects
  • Strong written and verbal communication skills to inform managers and other stakeholders of results
  • Proficiency in Microsoft Excel, Access, Visio and other analysis programs
  • Ability to manage multiple projects and programs at the same time to complete work
  • Critical thinking skills with the ability to independently solve problems with data
  • Quantitative and analytical skills with a demonstrated ability to understand new analytical concepts
  • Basic knowledge of programming languages, such as SQL
  • Presentation skills, including public speaking and presentation creation using PowerPoint or a similar program
  • Excellent written and verbal communication skills
  • Ability to read, analyze and interpret common technical reports, and documentation
  • Present information to executive and senior management teams, sales department, internal groups and/or clients