Sr. IT Risk Assurance Analyst

1 month ago

Jersey City, United States Brown Brothers Harriman Full time

At BBH we value diverse backgrounds, so if your experience looks a little different from what we've outlined and you think you can bring value to the role, we will still welcome your application

What You Can Expect At BBH:

If you join BBH you will find a collaborative environment that enables you to step outside your role to add value wherever you can. You will have direct access to clients, information and experts across all business areas around the world. BBH will provide you with opportunities to grow your expertise, take on new challenges, and reinvent yourself-without leaving the firm. We encourage a culture of inclusion that values each employee's unique perspective. We provide a high-quality benefits program emphasizing good health, financial security, and peace of mind. Ultimately we want you to have rewarding work with the flexibility to enjoy personal and family experiences at every career stage. Our BBH Cares program offers volunteer opportunities to give back to your community and help transform the lives of others.

Join us as a Sr. IT Risk Assurance Analyst

The Senior IT Risk Governance Analyst leads the Cyber Risk Assessment (CRA) and NYDFS programs, while supporting the SOC 2 and Risk and Control Self-Assessment (RCSA) programs for BBH. In this role, you'll advise key stakeholders to ensure the risk assurance process flows smoothly end-to-end within your area of responsibility. Additionally, you'll interpret detailed technical standards and regulations, comparing them to actual practices, including analyzing audit or policy compliance reports.

Key responsibilities include:

Cyber & Technology Risk Assurance Program

  • Lead and execute the annual CRA in accordance with industry best practices.
  • Lead and perform ongoing monitoring and assessments to facilitate the NYDFS regulatory program.
  • Execute and facilitate SOC 2 for technical and non-technical controls.
  • Actively participate in and champion the RCSA program in accordance with the Enterprise Risk Management requirements.
  • Work closely with IT and other control areas to ensure the initial design and enhancement of IT products, processes and best practices are in line with the risk profile of the Firm.
  • Apply risk management processes to identify risk findings, enable control evaluation, recommend solutions, validate remediation plans, facilitate implementation and residual risk acceptance.
  • Support and develop metrics and measurement systems that identify weaknesses in controls and drive remediation.
  • Measure progress of IT control improvements, based on business value and risk mitigation through KPIs and KRIs.
  • Lead and coordinate risk mitigation projects, as needed.
Incident Management and Analysis
  • Track, compile, and review materials for external and internal IT audit/regulatory and compliance incidents.
  • Support investigations and accurately report the details of data privacy and fraud incidents as well as track related remediation activity. Reporting includes the ability to inquire and communicate to varying audiences the discovery, triage, containment, scope, remediation, and long-term prevention of events.
Management Reporting and Communication
  • Effectively communicate with IT and lines of business to ensure that the IT related policies, standards, and procedures are implemented as required by the firm.
  • Deliver and enhance management level reports on the progress and state of Cyber & Technology Risk Governance program and initiatives.
Qualifications:
  • Bachelor's degree or equivalent work experience/specialized training required.
  • 7-10+ years of relevant IT work experience which may include Information Security, cybersecurity, IT enterprise architecture, IT assurance and / or IT governance, risk, and compliance areas.
  • 5+ years experience in the financial services industry.
  • Hands-on experience or working knowledge in multiple technical and security domains: IAM, firewall, network, secure solution design, VPN, encryption, vulnerability & code review, Windows/Unix/Linux server security, SSO, MFA, industry security framework and standards, various protocols (e.g., TCP/IP, UDP, MPLS, SSL/TLS, SSH, HTTPS, FTP, RDP, ICA, BGP, LDAP, etc.).
  • Strong working knowledge of IT related regulatory requirements such as NYDFS Part 500 and industry frameworks including ITIL, FFIEC, COBIT, ISO, and NIST CSF 2.0
  • CISSP, CISM, CISA, CRISC preferred
  • Certification or working knowledge of GRC tools such as Archer.
  • Strong awareness of the current IT security threat landscape.
  • Ability to give presentations at all levels of management.
  • Self-starter with attention to detail that believes in continuous learning and improvement in all areas.
  • Flexibility to adjust quickly to multiple demands, shifting priorities, ambiguity, and rapid change.
  • Must be able to work independently and with minimal direct supervision.
  • Strong ability to communicate technical information to non-technical team members.
  • Excellent collaboration and influencing skills.
  • Strong analytical and writing skills, with the ability to clearly present and articulate ideas.
  • Highly motivated and proactive, with demonstrated initiative, problem-solving abilities, and a drive to propose solutions.


This role can be based in either our Jersey City or Boston locations and will be a hybrid role, with three days in office.

We are an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, gender, national origin, age, genetic information, creed, marital status, sexual orientation, gender identity, disability status, protected veteran status, or any other protected status under federal, state or local law.

Salary Range

Jersey City: $110k-$150k base salary + annual bonus target

BBH's compensation program includes base salary, discretionary bonuses, and profit-sharing. The anticipated base salary range(s) shown above are only for the indicated location(s) and may differ in other locations due to cost of living and labor considerations. Base salaries may vary based on factors such as skill, experience and qualification for the role. BBH's total rewards package recognizes your contributions with more than just a paycheck-providing you with benefits that enhance your experience at BBH from long-term savings, healthcare, and income protection to professional development opportunities and time off, our programs support your overall well-being.

  • Sr. Business Analyst

    4 weeks ago

    Jersey City, United States Artmac Soft LLC Full time

    Job DescriptionJob DescriptionWho We Are Artmac Soft is a technology consulting and service-oriented IT company dedicated to providing innovative technology solutions and services to customers.Job Description: Job Title : Sr. Business Analyst Risk Management & GRCJob Type : W2 Experience : 5-30 years Location : Jersey City, New JerseyResponsibilities :6-8...

  • Senior Cyber Risk Assurance Specialist

    2 weeks ago

    Jersey City, New Jersey, United States COMbridge IT Consulting GmbH Full time

    COMbridge IT Consulting GmbH is dedicated to delivering exceptional services to sophisticated clients in the realms of Private Banking, Investment Management, and Investor Services. At COMbridge, we embrace diverse backgrounds and experiences. If your qualifications differ from our expectations but you believe you can contribute meaningfully to the role, we...

  • Lead IT Risk Governance Analyst

    2 weeks ago

    Jersey City, New Jersey, United States COMbridge IT Consulting GmbH Full time

    COMbridge IT Consulting GmbH is dedicated to delivering exceptional services to sophisticated clients, including individuals and institutions, with expertise in Private Banking, Investment Management, and Investor Services. At COMbridge, we embrace diverse backgrounds, so if your experience varies from what we've outlined and you believe you can contribute...

  • IT Risk Management Senior Analyst

    2 weeks ago

    Jersey City, New Jersey, United States COMbridge IT Consulting GmbH Full time

    COMbridge IT Consulting GmbH is dedicated to delivering exceptional services to sophisticated clients, including individuals and institutions, with a focus on Private Banking, Investment Management, and Investor Services. At COMbridge, we appreciate diverse backgrounds, so if your experience differs from our outlined requirements, we still encourage you to...

  • Business Data Analyst

    1 day ago

    Jersey City, New Jersey, United States Codebase Inc Full time

    About the RoleWe are seeking a highly skilled Business Data Analyst to join our team at Codebase Inc. as a Sr Business Data Analyst.This is a full-time opportunity that requires a strong background in business data analysis, risk management, and compliance.Key ResponsibilitiesAnalyze and interpret complex business data to identify trends and insights that...

  • Senior Information Assurance Risk Analyst

    2 weeks ago

    Elizabeth City, North Carolina, United States MILVETS Systems Technology, Inc. Full time

    Senior Security Risk Management Framework (RMF) Audit AnalystMILVETS Systems Technology, Inc. is in search of a dedicated full-time Senior Security Risk Management Framework (RMF) Audit Analyst. Established in 1986, our firm excels in delivering high-quality information and technology services tailored for both commercial and governmental sectors. As a...

  • Sr Risk yst Contractor

    7 days ago

    Alexander City, United States Fedtec Full time

    FedTec Overview: FedTec is a WomanOwned Small Business with headquarters in Reston VA. However FedTec is more than just a company we are a dedicated team of visionary individuals who understand the power of transformation. With our unwavering commitment to innovative technology and forwardfocused methods we empower government agencies to fulfill...

  • Compliance Risk Analyst

    2 weeks ago

    Jersey City, New Jersey, United States MetaOption LLC Full time

    Key Competencies: Risk Assessment, Compliance Oversight, Operational Enhancements: Team Collaboration, Effective Communication SkillsProfessional Background: Mid-senior Level Experience: 5 Years Educational Requirement: Bachelor's Degree Job Function: Information Technology Relocation Analyst, Business Operations, Regulatory Affairs, Technology Management,...

  • IT Risk Analyst

    4 months ago

    Jersey City, United States Saxon Global Full time

    MUST HAVES: -Tableau -3+ years of Risk Analyst experience -Bachelor's Degree -Alteryx or SAS -Create Reports or Dashboards -Strong Query exp. with SQL -Experience joining relational databases and understand the business problems -Good data manipulation experience , and getting data to useable set -Story telling with data, and understanding...

  • Operational Risk Analyst

    3 weeks ago

    Jersey City, New Jersey, United States Sumitomo Mitsui Banking Corp Full time

    Company OverviewSumitomo Mitsui Banking Corp (SMBC) is a leading global financial institution with a rich history spanning over 400 years. Headquartered in Tokyo, SMBC offers a comprehensive suite of financial services, including banking, leasing, securities, credit cards, and consumer finance. With a presence in nearly 40 countries and a workforce of over...

  • IT Risk Assurance Consultant

    2 weeks ago

    Jersey City, New Jersey, United States Resources Global Professionals (RGP) Full time

    Position Overview As an IT Risk Assurance Consultant, you will play a crucial role in delivering comprehensive IT advisory services to our diverse clientele across various sectors. Your expertise will focus on enhancing internal controls, managing risks, and ensuring compliance with industry standards such as Sarbanes-Oxley, FISCAM, FISMA, NIST, and COBIT. ...

  • Risk Manager/TRM Business Analyst

    3 months ago

    Jersey City, United States ZAR IT Solutions Full time

    Job DescriptionJob DescriptionThe Embedded Risk Specialist role (ERM)Location:  Jersey or Tampa- hybridA first line of defense (FLOD) which consists of the businesses and functional units, including Product Management, Operations Management, IT and other areas critical to daily operation and functioning. Partner and liaise with the CLIENT...

  • Global Risk 2025 Analyst

    1 month ago

    Jersey City, United States Bank of America Full time

    Global Risk Development Program (GRMAP) - 2025 What would you like the power to do? At Bank of America, we value being a Great Place to Work®. We recognize that talented, engaged and satisfied employees are the foundation to help make the financial lives of our customers and clients better. Bank of America provides a diverse range of banking and nonbanking...

  • Financial Risk Analyst

    3 weeks ago

    Jersey City, New Jersey, United States Bank of America Full time

    Financial Risk AnalystLocation: Jersey City, New Jersey; Charlotte, North CarolinaPosition Overview:At Bank of America, our mission is to enhance financial well-being through every connection we foster. We are committed to Responsible Growth, which reflects our dedication to our clients, employees, communities, and shareholders alike.We prioritize creating a...

  • Sr. Security Operations Analyst

    1 month ago

    Jersey City, United States Career Developers Full time

    Refer a friend: Referral fee program Career Developers Inc., a distinguished staffing and consulting firm, is proud to celebrate 30 years of service excellence. As a GSA Contract holder, we offer comprehensive staffing solutions for both commercial and government sectors nationwide. By selectively partnering with clients who share our values, we ensure...

  • Sr. Security Operations Analyst

    6 days ago

    Jersey City, United States Career Developers Full time

    Refer a friend: Referral fee program Career Developers Inc., a distinguished staffing and consulting firm, is proud to celebrate 30 years of service excellence. As a GSA Contract holder, we offer comprehensive staffing solutions for both commercial and government sectors nationwide. By selectively partnering with clients who share our values, we ensure...

  • Compliance Risk Analyst

    2 weeks ago

    Jersey City, New Jersey, United States MetaOption LLC Full time

    Position Overview: As a Sanctions Analyst at MetaOption LLC, you will play a crucial role in ensuring adherence to regulatory standards and managing risk effectively.Key Responsibilities: - Conduct thorough risk assessments and evaluations to identify potential compliance issues. - Collaborate with cross-functional teams to enhance compliance processes and...

  • Sr. Murex Analyst

    3 days ago

    New York City, United States SBC Solutions Full time

    No C2CVISA:USCWe are seeking Sr Murex Analyst - financial services to join our NYC, NY (onsite 3 days a week is a must in Hybris) long-term contract.We are looking for a Murex Analyst with a specialized focus on data quality and risk model validation. The ideal candidate will be instrumental in generating and assessing critical financial data within the...

  • Agency Operations Analyst

    4 months ago

    Jersey City, United States MUFG - Mitsubishi UFJ Financial Group, Inc. Full time

    The Agency Operations Analyst has responsibility for managing a portfolio of lending facilities where MUFG acts as Administrative Agent. Major Responsibilities:Comprehensive knowledge of the Syndicated Loan Market, especially as an Administrative Age Operations Analyst, Risk, Operations, Analyst, Control, Total Rewards, Manufacturing

  • Compliance Risk Analyst

    2 weeks ago

    Jersey City, New Jersey, United States MetaOption, LLC Full time

    Job OverviewPosition: Compliance Risk AnalystEssential Skills: Risk Assessment, Regulatory Adherence, Process Optimization, Team Collaboration, Effective CommunicationExperience Level: Mid-SeniorRequired Experience: 5 YearsEducational Background: Bachelor's DegreeJob Function: Information TechnologyRelocation Assistance: Not AvailableLocation: Hybrid Work...