Position: IT Risk Controls Associate Analyst

Location: Charlotte, NC
Pay: $55-60/hr
Duration: Through 08/21/2026 (high possibility for extension) 

Overview

The IT Risk Controls Associate Analyst is a subject-area specialist with specialized training, methods, and analytic techniques to create recommendations and direction for cyber risk mitigation in a complex technical environment.

Key focus areas include third-party security and overall security program effectiveness in mitigating risk. The goal of the ITRC Associate is to create actionable information for IT and business leadership, while providing objective assessments of cybersecurity risks for auditors, regulators, and external parties.

This role requires routinely authoring detailed reports and gathering metrics to ensure stakeholders receive accurate and complete information. The analyst stays current on external cybersecurity trends, technologies, and cyber risk management approaches, and collaborates with cross-functional teams on cyber risk initiatives to provide subject-matter recommendations aligned with the bank’s overall risk appetite.

This position involves developing professional expertise and continuing to acquire higher levels of knowledge and skill within the discipline. The role works on problems of limited to moderate scope, where analysis of situations or data is required.

Key Responsibilities

• Define analysis objectives, collect data from internal and external sources, and evaluate/analyze data to provide objective insights on cyber risks for IT and business management (both summary and detailed reporting)
• Assess risk within subject specialty areas to evaluate the design and effectiveness of security controls
• Provide insight and guidance on IT software and hardware upgrades and other projects to ensure production environments meet and exceed minimum security standards and effectively counter cyber threats
• Create and maintain process and procedural documentation for risk analysis and risk assessment activities
• Highlight and apply industry-based methodologies, techniques, or standards (e.g., FAIR, NIST, FFIEC) as the basis for analysis efforts
• Participate in additional security support projects and duties as needed

Required & Preferred Qualifications

Core Qualifications

• Demonstrated experience analyzing complex cybersecurity data sets within a subject area specialty
• Demonstrated knowledge of the cybersecurity landscape, including threats, trends, and technologies
• Demonstrated knowledge of financial regulation and control frameworks applicable to cybersecurity or IT risk
• Demonstrated knowledge of control frameworks applicable to cybersecurity or IT risk
• Excellent communication and interpersonal skills, with a strong ability to build positive and professional relationships with internal stakeholders
• Strong commitment to teamwork and providing excellent customer service

Preferred Qualifications

• Exposure to banking or a highly controlled technology environment
• Experience in the banking/financial industry
• Security certifications such as CISSP, GSEC, or similar
• Experience with industry or subject-specific frameworks (e.g., FAIR, NIST CSF)
• Formalized training in cybersecurity analysis or assessment techniques

Information collected and processed through your application with INSPYR Solutions (including any job applications you choose to submit) is subject to INSPYR Solutions’ Privacy Policy and INSPYR Solutions’ AI and Automated Employment Decision Tool Policy: https://www.inspyrsolutions.com/policies/. By submitting an application, you are consenting to being contacted by INSPYR Solutions through phone, email, or text.

26-156447