IT RISK ANALYST SKILLS, EXPERIENCES, AND JOB REQUIREMENTS

Published: Nov 20, 2025 - The Information Technology (IT) Risk Analyst supports regulatory and audit readiness by performing SOX ITGC testing, RCSA activities, SOC report evaluations, and evidence gathering for exams and assessments. This role requires applying industry frameworks such as COBIT, ISO, NIST, and FFIEC while managing issues, exceptions, and GLBA-related activities to strengthen governance and control effectiveness. The analyst also enhances risk visibility by analyzing technology controls, understanding banking processes, and communicating findings clearly in both written and verbal form.

Essential Hard and Soft Skills for an IT Risk Analyst Resume
  • Risk Assessment
  • Control Testing
  • Risk Reporting
  • Data Analysis
  • Risk Monitoring
  • Regulation Compliance
  • Vulnerability Management
  • Audit Facilitation
  • Model Simulation
  • Documentation Management
  • Stakeholder Collaboration
  • Risk Communication
  • Problem Solving
  • Trend Awareness
  • Process Support
  • Team Collaboration
  • Expectation Management
  • Risk Education
  • Business Partnership
  • Risk Visibility

Summary of IT Risk Analyst Knowledge and Qualifications on Resume

1. BS in Data Analytics with 6 years of Experience

  • Working experience in IT policy, controls, assessment, GRC, or audit 
  • Knowledge of various compliance regulations such as FFIEC, PCI, GLBA, SOX, etc.
  • Knowledge of enterprise technology infrastructure, application security, database security, and information systems
  • Ability to interpret complex technical concepts, align them to compliance requirements, and articulate the information in guidelines and bulletins
  • Strong organizational skills, ability to balance multiple tasks simultaneously
  • Excellent interpersonal skills, comfortable dealing with a large span of people from middle-tier management to business analysts
  • Capable of working independently, as well as in team / collaborative settings
  • Professional proficiency in spoken English 
  • Knowledgeable about frameworks such as NIST 800, ISO 27000, Financial Services' Regulatory guidelines and best practices
  • Possess general ability to understand technology, controls framework, financial regulations, 3rd party relations, etc.
  • Proficient in the use of Excel functions, pivot tables, graphs, charts, etc.

2. BA in Economics with 7 years of Experience

  • Experience predominantly in application delivery
  • Experienced Business Analyst / Technical Analyst with knowledge of the Credit Risk domain
  • Business knowledge of financial systems including ideally exposure to Lombard / Private and Corporate loans
  • Experience in large-scale IT migration projects with a particular focus on Cloud technologies
  • Knowledge of Big Data technologies on any cloud platforms, Data Lakes (ADLS), Spark (Databricks), Scala / Java, Python
  • Strong experience in data analysis and running complex queries in SQL
  • Prior experience with SCRUM/Agile methodologies with enterprise-level application development projects
  • Strong analytical, problem-solving and synthesizing skills
  • Strong methodological skills, data modelling experience and application of related techniques
  • Curious to understand business needs and processes end-to-end, tenacious to find the best possible solutions
  • Excellent written and verbal communication skills and ability to work as part of a global team
  • Exposure to the BDD test framework and automation tools for end-to-end testing 
  • Flexible and resilient team player with strong interpersonal skills, taking initiative to drive things forward

3. BS in Cybersecurity with 5 years of Experience

  • Experience in Information Security and risk areas
  • Experience with and working knowledge of Risk Management Frameworks and NIST Standards
  • Working experience in Cloud security 
  • Experience in working with tools to handle security tools and performing third-party risk assessment
  • Strong communication and writing skills
  • Sound understanding of ISO 27001, ISO 31000, ISO 22301, ITIL
  • Knowledge of Information Security concepts related to Governance, Risk and Compliance
  • Knowledge of the standards ISO/IEC 27000-series (and others)
  • Good knowledge of Risk management and analysis methods, IT Risk and Cyber
  • Knowledge of GDPR requirements and IT Systems
  • Knowledge of Audit procedures for evidence analysis

4. BS in Information Technology with 3 years of Experience

  • Experience with business analysis methodologies and applicable IT architectures
  • Experienced in stakeholder management
  • Excellent oral and written communication skills in English and Dutch 
  • Experience in agile environment, experience with DevOps, SCRUM and LEAN
  • Good documentation skills, interpersonal skills
  • Structured thinking and analytical skills
  • Basic understanding of basic security concepts
  • Proficiency in Excel including creating and using macros

5. BS in Data Analytics with 6 years of Experience

  • Advanced level experience in Microsoft Office skills, including Word, Excel, Access and PowerPoint
  • Experience developing business controls
  • Demonstrated experience with regulations impacting consumer banking and/or business unit functions
  • Demonstrated strong and sound decision-making abilities regarding compliance risks and recommended corrective action
  • Ability to work well in a time-sensitive environment and handle a variety of matters or projects simultaneously
  • Proficiency in analyzing diverse business functions and processes to identify key risks and demonstrated success with implementing control improvement recommendations
  • Ability to interact with federal regulatory agencies
  • Excellent organizational and analytical skills
  • Ability to communicate clearly and professionally with all levels of an organization
  • Proficiency in multi-tasking and prioritizing projects
  • Excellent time management skills and accustomed to working with deadlines

6. BS in Computer Engineering with 7 years of Experience

  • Experience in or exposure to a Business Continuity / Disaster Recovery / Risk role
  • Good project management skills 
  • Able to apply an IT Risk operating model developed by senior leadership
  • Possess advanced knowledge of network and application vulnerability assessment, IT practices, risk assessment practices, Identity and Access Management, change control, data privacy, and business continuity, among other key processes
  • Broad IT audit experience across various areas of IT, including databases, operating systems, and applications
  • Strong proficiency and skills with database applications, including Oracle, Cloud applications, Microsoft Office and other related technologies
  • Strong ability to give attention to detail, in addition to organization and project management skills
  • Possess sound judgment, business risk awareness, and an inquisitive personality
  • Ability to think critically and critic events and outcomes professionally
  • Strong ability to research and gather information from both business and IT functions
  • Strong analytical and problem-solving skills to resolve issues promptly as they occur
  • Ability to work collaboratively and cooperatively with all employees, irrespective of their status in the organization
  • Strong presentation, verbal and written communication skills

7. BA in Business Administration with 5 years of Experience

  • Must have IT Risk, BC and/or DR industry certification
  • Basic ITIL experience in an enterprise environment across a broad application base
  • Previous experience in BCP, DR and Risk processes 
  • Strong knowledge of the various auditing standards recognized in the industry, including ISACA IS Audit and Assurance Standards and Guidelines
  • Ability to work independently, handle multiple tasks simultaneously, and adapt quickly to changes
  • Experience in risk assessments and in auditing IT processes and control effectiveness
  • Experience in Financial Services 
  • Experience working with remote offshore teams
  • Experience in developing KRIs and KPIs for IT processes
  • Certification in the industry, such as the Certified Information Systems Auditor (CISA) or the Certified in Risk and Information Systems Control (CRISC)

8. BS in Computer Science with 7 years of Experience

  • Working experience in SOX IT control testing or IT auditing 
  • Working experience in participating in Risk and Control Self Assessments (RCSA), Audits, or exams for technology or information security
  • Experience using Workiva Wdesk
  • Demonstrated experience with SOX ITGC testing and compliance
  • Demonstrated experience evaluating SOC 1 and SOC2 reports (CUECs, Exceptions, Sub-servicers)
  • Demonstrated experience with Risk and Control Self Assessments (RCSA)
  • Experience in gathering evidence for regulatory exams, internal audit, and/or due diligence assessments for technology or information security
  • Experience with the execution of GLBA assessments
  • Experience with issue and exception management process
  • Understand Governance, Risk and Control frameworks, and systems for technology and information security
  • Understand Industry standard frameworks for technology, such as COBIT, ISO, NIST, SANS, FFIEC, and others
  • Understanding of banking business processes
  • Strong verbal and written communication skills
Relevant Information
IT Financial Analyst Skills, Experiences, and Job Requirements
IT Support Analyst Skills, Experience, and Job Requirements
IT Technical Analyst Skills, Experience, and Job Requirements
IT Security Analyst Skills, Experiences, and Job Requirements