<p>Company Details</p> <p>Company URL: https://www.berkleytechnologyservices.com/</p> <p>Berkley Technology Services (BTS) is the technology engine behind W. R. Berkley Corporation, a Fortune 400 insurance powerhouse. Work in a hybrid role with offices in Des Moines, IA | Wilmington, DE | Irving, TX | Manassas, VA. BTS delivers innovative software solutions, secure system connectivity, and world-class IT operations across the enterprise.</p> <p>We offer a collaborative, forward-thinking culture where tech professionals thrive. Our team enjoys a casual dress code, flexible work options, and a competitive benefits package.</p> <p>Responsibilities</p> <p>We're looking for a proactive and strategic Sr. IT & Security Risk Analyst to join our growing IT Governance, Risk, and Compliance (GRC) team. You'll play a key role in maturing our IT risk program, assist with implementing tools and procedures that improve risk assessment/analysis processes, consult on risk mitigation, help drive process and/or control enhancements, and partner with sr. leadership and teams across the organization to help drive continuous improvement.</p> <ul> <li>Lead and assist with efforts to mature the IT risk management program, identify and implement process improvements and explore automation opportunities where valuable. </li><li>Support the implementation and maturation of cyber risk quantification (CRQ) platforms and related processes. </li><li>Ensure organizational awareness, acknowledgement, and help facilitate informed decisions regarding identified risks and issues. </li><li>Conduct IT risk assessments across cloud and on-premise environments (network, infrastructure, applications, systems, and associated IT processes). </li><li>Collaborate with IT, InfoSec, and business teams to assess and communicate risk posture, mitigation recommendations, and facilitate the issue management lifecycle. </li><li>Perform top-down and bottom-up assessments of controls, processes, systems, and technologies </li><li>Help ensure compliance with regulations like NYDFS 500, GDPR, SOX, CCPA, PCI, DORA, and SWIFT. </li><li>Utilize tools and frameworks such as Archer, ServiceNow, CRQ platform, FAIR, NIST, CIS, ISO, and COBIT. </li><li>Partner with cross-functional teams to build scalable, sustainable GRC processes and foster a culture of risk awareness. </li></ul> <p>Qualifications</p> <ul> <li>Bachelor's degree in Computer Science, Information Technology, Engineering, Cybersecurity, or related field. </li><li>3+ years of hands-on experience in IT risk management, cybersecurity, or GRC operations. </li><li>Strong technical background in networking, systems, or application development. </li><li>Experience configuring or supporting GRC platforms and risk automation tools. </li><li>Familiarity with regulatory compliance and risk frameworks (NIST, CIS, ISO, COBIT, UCF). </li><li>Excellent communication, analytical, and organizational skills with the ability to communicate and collaborate with sr. leadership. </li><li>Preferred certifications: CISA, CISSP, CRISC, CGEIT, or similar. </li></ul> <p>Why Join BTS? Work with a Fortune 400 company</p> <ul> <li>Be part of a mission-driven, tech-forwardteam </li><li>Lead program maturity and innovationin IT risk </li><li>Access to career growth, training, and certification support </li></ul> <p>The Company is an equal employment opportunity employer.</p> <p>Sponsorship Details</p> <p>Sponsorship not Offered for this Role Responsibilities We're looking for a proactive and strategic Sr. IT & Security Risk Analyst to join our growing IT Governance, Risk, and Compliance (GRC) team. You'll play a key role in maturing our IT risk program, assist with implementing tools and procedures that improve risk assessment/analysis processes, consult on risk mitigation, help drive process and/or control enhancements, and partner with sr. leadership and teams across the organization to help drive continuous improvement. - Lead and assist with efforts to mature the IT risk management program, identify and implement process improvements and explore automation opportunities where valuable. - Support the implementation and maturation of cyber risk quantification (CRQ) platforms and related processes. - Ensure organizational awareness, acknowledgement, and help facilitate informed decisions regarding identified risks and issues. - Conduct IT risk assessments across cloud and on-premise environments (network, infrastructure, applications, systems, and associated IT processes). - Collaborate with IT, InfoSec, and business teams to assess and communicate risk posture, mitigation recommendations, and facilitate the issue management lifecycle. - Perform top-down and bottom-up assessments of controls, processes, systems, and technologies - Help ensure compliance with regulations like NYDFS 500, GDPR, SOX, CCPA, PCI, DORA, and SWIFT. - Utilize tools and frameworks such as Archer, ServiceNow, CRQ platform, FAIR, NIST, CIS, ISO, and COBIT. - Partner with cross-functional teams to build scalable, sustainable GRC processes and foster a culture of risk awareness.</p>