IT Risk and Controls Analyst

The IT Risk and Controls Analyst will provide risk assessment and control assurance support for multiple subdivisions within our technology department.

To execute the enterprise risk management framework in accordance with the divisional implementation plan.

Duties and Responsibilities

1. Plans and performs risk assessments of all levels of complexity using the risk management framework to identify and evaluate risks, exposure, and controls relating to business processes and service/project initiatives.
2. Establishes and maintains relationships with mid-level management within the business.
3. Leads walk-throughs with the business to obtain an understanding of the process. Documents process workflows or narratives, where none exist, and highlights the risks, controls, and potential gaps.
4. Communicates progress of the assessment work and concerns that arise throughout the assessment process to Enterprise Risk Management and business leadership. Keeps management informed by communicating progress, issues, concerns, and opportunities.
5. Prepares and presents risk assessment reports to risk leadership and assists with presenting the reports to business management through research gained from relevant findings, trends, and exposures. Assists risk leadership with compiling an overall view of risk for the division by creating and maintaining risk exposure metrics for the division.
6. Reviews and ensures the accuracy of the analytical findings entered into SENTINEL by others within the division.
7. Provides guidance and motivation as needed to less experienced team members.
8. Works with the Core Enterprise Risk Management Team to stay current with the risk management framework and maintains current knowledge of advances in the field of risk management. Shares knowledge and champions the implementation of risk management best practices with the team.
9. Identifies opportunities to improve the risk management plan. Presents recommendations to manager/department head and implements solutions.
10. Participates in special projects and performs other duties as assigned.


  • Bachelor's degree is required with emphasis in business, finance or accounting preferred, related certification or equivalent combination of training and experience.
  • A minimum of three years of general business experience, with functional operations management, compliance, risk management, or auditing experience preferred.
  • Familiarity with/interest in risk management theory and risk management concepts.
  • Demonstrated facilitation and presentation skills.
  • Working knowledge of the divisional business preferred.
  • Demonstrated ability to execute critical independent thinking in order to make sound judgments.
  • Working knowledge of Excel, Word, PowerPoint, Access and flowcharting VISIO software (or other flowcharting software).
  • The ability to provide objective, independent thought in formal feedback.
  • The ability to complete a 'to be determined' risk management certification.

Special Factors

May require occasional travel.

Vanguard is not offering visa sponsorship for this position.

Back to top