Technology Risk & Operations Analyst

Responsibilities:

Operational Support & Reporting

. Prepare project status reports, management reports, and dashboards for all scope areas (projects, operations, risk, vendor management).

. Deliver ad hoc reports for urgent leadership decisions and audits, ensuring clarity, accuracy, and actionable insights.

. Track operational metrics (e.g., SLAs, incident/defect rates, lifecycle KPIs) and provide insights for decision-making.

. Maintain reporting cadences and data quality standards automate recurring reports where feasible.

. Support process standardization and governance across technology operations, including documentation, templates, and SOPs.

Audit & Risk Management

. Manage internal and external audits and reviews, including GRC updates, RFIs, and audit observations.

. Provide risk oversight and governance for technology domains.

. Lead audit readiness activities: evidence management, engagement coordination, remediation tracking, and closure.

. Monitor risks and track resolution of issues from breaches, incidents, reviews, and inspections ensure timely updates and escalations.

. Maintain knowledge artifacts: playbooks, control catalogs, FAQs, and micro-learning content

Digital Workplace & Vendor Management

. Oversee TPRA, vendor management, BCM, annual KRCSA, and risk reduction initiatives.

. Manage technology asset lifecycle (hardware, software, licenses): refresh planning, obsolescence tracking, and decommissioning.

. Coordinate procurement operations and vendor/contract enablement: intake, sourcing, onboarding, renewals, and compliance.

. Partner with Vendor Management to track performance, SLAs, and contract obligations support third-party risk assessments.

Technology Governance & Vulnerability Management

. Oversee vulnerability management, remediation, and ISRA renewals.

. Liaise with application domains on ORSA submissions, including obsolescence scope, budgeting, and delivery timelines.

. Act as liaison for Tech Obsolescence task force and provide reporting.

. Manage RTB Capex projects: budget tracking/approval, memo approvals, and escalation handling.

Key Deliverables

. Management reports and dashboards for leadership and governance (including ad hoc requests).

. Operational reporting with actionable insights.

. Governance dashboards and risk reduction plans.

. Compliance evidence (audit reports, remediation tracking, certification renewals).

. Security assessment reports and vulnerability test results.

. Lifecycle and obsolescence compliance validation.

. Procurement documentation and vendor performance tracking

Requirements:

Core Skills & Competencies

. Operational Reporting: KPI design, data quality, dashboarding, storytelling with data.

. Risk & Controls: Control design/effectiveness, risk assessments, issue management.

. Audit Readiness: Evidence management, walkthroughs, remediation tracking, stakeholder coordination.

. Process Governance: SOP creation, standardization, continuous improvement.

. Vendor & Asset Management: Lifecycle planning, procurement coordination, third-party risk awareness.

. Stakeholder Management: Cross-functional orchestration, facilitation, conflict resolution.

. Tools: Power BI, Excel (advanced), Jira, SharePoint/Confluence

Education:

. Bachelor's degree in a relevant discipline (CS, IT, Info Systems, Cybersecurity, Engineering)

. Preferred: Enhanced Credentials: Industry-recognized certifications such as CISA, CISM, CISSP, etc)

. At least 8-12 years relevant experience preferably in a Finance Institution.

Essential:

Experience

8-12 years in technology operations, risk/governance, or PMO support roles within banking or large enterprise environments.

1. Operational Reporting & Data Analysis

. 3-5 years experience in preparing management reports, dashboards, and KPIs.

. Strong ability to interpret complex operational data and present it in a clear, concise, and actionable format.

. Experience with ad hoc reporting under tight timelines for senior leadership.

2. Risk & Audit Management

. Hands-on experience in audit readiness, evidence management, and remediation tracking.

. Familiarity with risk frameworks, issue management, and compliance processes.

. Exposure to GRC tools and regulatory requirements in technology or banking environments.

. CISSP or CISA certification preferred

3. Vendor & Procurement Management

. Preferably with experience in vendor lifecycle management, including onboarding, renewals, and performance tracking.

. Knowledge of procurement processes, contract compliance, and third-party risk assessments.

4. Technology Lifecycle & Governance

. Understanding of technology asset lifecycle (hardware, software, licenses), refresh planning, and obsolescence tracking.

. Experience supporting vulnerability management and compliance validation.

5. Tools & Technical Skills

. Proficiency in Power BI, advanced Excel (pivot tables, macros), Jira, and SharePoint/Confluence.

. Ability to automate recurring reports and maintain data quality standards.

6. Stakeholder Management

. Experience working in cross-functional teams and managing multiple priorities.

. Strong communication skills for presenting data to senior leadership.

Key Domain/ Technical Skills
. Proficiency in Power BI, advanced Excel (pivot tables, macros), Jira, and SharePoint/Confluence.

. Ability to automate recurring reports and maintain data quality standards

. CISSP or CISA certification preferred