Technology Risk Analyst
About this role
Overview
This role (Analyst Level III/IV) reports into Technology GRC leadership and focuses on Policy Exception Management and Metrics & Monitoring. The GRC Analyst executes defined processes, gathers and validates evidence, and produces recurring metrics and reporting under the guidance of senior team members.
The role works alongside AI agents in a human-in-the-loop model, using AI-assisted workflows to streamline exception intake, evidence collection, and metrics production while reviewing results for accuracy.
Responsibilities
Policy Exception Management- Operate the policy exception intake process, ensuring exceptions are logged, risk-rated, time-bound, and routed for appropriate approval.- Track exception status and maintain alignment to approved policies and standards to support regulatory defensibility.
Metrics & Monitoring- Collect, validate, and produce recurring GRC metrics (KRIs, KCIs, KPIs) and dashboards that provide visibility into risk posture, remediation progress, and compliance health.- Support trend analysis and prepare inputs for governance and committee reporting.
AI-Augmented Delivery- Use AI-assisted workflows (human-in-the-loop) to streamline exception processing, evidence collection, and metrics production, reviewing outputs for accuracy.
Evidence Collection & Compliance Support- Collect and validate control evidence, support audit requests, and help track compliance obligations and remediation tasks across frameworks (SOC 2, PCI DSS, SOX ITGC).- Maintain accurate documentation in the GRC platform to support audit-ready reporting.
Qualifications
- - Bachelor's degree in Information Technology, Cybersecurity, Risk Management, Business, or a related field, or equivalent experience.- Minimum 2+ years in GRC, IT audit, compliance, or a related analytical role.- Working knowledge of policy/exception processes and metrics or reporting production.- Comfort using AI-assisted tools to support data gathering and documentation, with attention to validating output.- Familiarity with NIST CSF 2.0, COBIT 2019, and COSO ERM concepts.- Strong attention to detail, organization, and written communication.- Progress toward relevant certifications a plus (e.g., CRISC, CISA).- Exposure to GRC tooling (e.g., ServiceNow IRM, AuditBoard, Vanta, Drata) and evidence collection.- Foundational knowledge of compliance frameworks (SOC 2, PCI DSS, ISO 27001) and control concepts; CompTIA Security+ or progress toward GRC certifications a plus.- Preferred experience in the Property Management, Multifamily Housing, SaaS, FinTech, or PropTech industries.
Frequently Asked Questions
Is the salary disclosed for the Technology Risk Analyst position at international-realpagepms?
Where is the Technology Risk Analyst position at international-realpagepms located?
Is the Technology Risk Analyst role at international-realpagepms full-time or part-time?
Which team or department does the Technology Risk Analyst at international-realpagepms belong to?
How do I apply for the Technology Risk Analyst position at international-realpagepms?
When was the Technology Risk Analyst job at international-realpagepms posted?
You'll be redirected to international-realpagepms's official application page on icims.