Navy Federal Credit Union

Senior Technical Risk Analyst

Navy Federal Credit Union$100K — $130K *
Information Technology
8 - 10 years of experience
Job Overview by Ladders

Qualifications

  • Bachelor's degree in IT, Computer Science, Risk Management, or equivalent experience
  • 8+ years in IT audit, risk management, or cybersecurity
  • Strong knowledge of IT General Controls and audit methodologies
  • Experience in technical risk management and compliance frameworks
  • Hands-on experience with risk assessments and mitigation strategies
  • Excellent analytical, problem-solving, and communication skills

Responsibilities

  • Lead identification of technical risks in IT infrastructure and applications
  • Perform detailed risk assessments of IT projects and vendors
  • Analyze emerging technologies for associated risks
  • Develop and implement risk management frameworks and policies
  • Prioritize risks based on business impact and implement mitigation strategies
  • Collaborate with IT and business teams to embed risk management processes
  • Prepare and present reports on the status of technical risks to senior management

Benefits

  • Health, dental, and vision insurance
  • Retirement savings plans with employer matching
  • Paid time off and holiday pay
  • Tuition assistance and professional development programs
  • Flexible spending accounts for healthcare and dependent care
  • Employee assistance programs and wellness initiatives
Full Job Description
Job Description

Navy Federal Credit Union currently does not provide sponsorship for this role. Applicants must be authorized to work in the United States without the need for current or future sponsorship.

Responsible for assessing and managing technical risks across the organization's IT and operational environments. Works closely with cross-functional teams to identify and analyze emerging technology risks, implement risk management strategies, and maintain compliance with industry standards and regulations. Plays a key role in developing frameworks for risk identification, reporting, mitigation, and control. Responsible for understanding the technological landscape, implementing risk management frameworks, and ensuring that the organization adheres to industry standards and regulatory requirements. Work under minimal supervision and use complete understanding of business needs and objectives to support projects that have impact on the achievement of operational goals. Advanced skill set and proficiency with procedures and techniques.

Responsibilities

  • Lead efforts to identify technical risks related to IT infrastructure, applications, systems, and data
  • Perform detailed risk assessments of IT projects, vendors, and systems to identify vulnerabilities and potential threats
  • Analyze new technologies and business processes to determine associated risks
  • Stay informed about emerging cybersecurity threats and vulnerabilities that could affect the organization
  • Develop and implement risk management frameworks, policies, and procedures
  • Prioritize risks based on business impact, and work with stakeholders to design and implement mitigation strategies
  • Work with IT and business teams to embed risk management into technology projects, operational processes, and product development
  • Manage the remediation of technical vulnerabilities and track risk reduction efforts
  • Ensure that risk management processes align with internal policies, regulatory requirements, and industry standards (e.g., ISO 27001, NIST, GDPR, SOX, etc.)
  • Lead internal and external audits by providing risk assessments, compliance reports, and documentation
  • Partner with compliance and legal teams to monitor adherence to regulatory changes impacting technology risks
  • Lead or assist in investigating technical incidents and breaches, conducting root cause analyses, and recommending corrective actions
  • Collaborate with security and IT teams to develop response strategies for cybersecurity incidents
  • Prepare and present post-incident reports and lessons learned to management
  • Prepare and present regular reports to senior management and stakeholders on the status of technical risks, trends, and mitigation efforts
  • Maintain accurate and comprehensive documentation of all risk assessments, controls, and mitigation strategies
  • Assist in the creation of technical risk dashboards for ongoing monitoring
  • Act as a subject matter expert on technical risk and provide guidance to other teams across the organization
  • Facilitate workshops and training sessions to enhance risk awareness and promote best practices
  • Collaborate with internal teams such as IT, cybersecurity, compliance, legal, and audit to ensure a cohesive approach to risk management
  • Continuously evaluate and enhance risk management frameworks and tools
  • Monitor the evolving threat landscape and emerging technologies to update risk strategies and frameworks accordingly
  • Promote a culture of risk awareness and proactive risk management throughout the organization


Qualifications

  • Bachelor's degree in Information Technology, Computer Science, Risk Management, or a related field or equivalent combination of training, education and experience
  • 8+ years of experience in IT audit, internal/external audit, risk management, or security controls testing
  • Strong experience with IT General Controls (ITGCs), control frameworks, and audit methodologies (SOX or internal audit)
  • Complete knowledge and understanding of business area/specialization
  • Experience in technical risk management, cybersecurity, or IT governance
  • Hands-on experience with risk assessments, risk frameworks, and mitigation strategies
  • Proven experience in managing and mitigating cybersecurity risks
  • Advanced knowledge of risk management principles, frameworks (e.g., ISO, NIST, COSO), and regulatory compliance requirements
  • Advanced understanding of IT systems, network architecture, cloud technologies, and cybersecurity
  • Excellent analytical, problem-solving, and decision-making skills
  • Strong interpersonal and communication skills, with the ability to convey complex risk concepts to non-technical stakeholders
  • Experience in working with incident management, disaster recovery, and business continuity planning
  • Ability to work in a fast-paced environment with tight deadline


Desired Qualifications
  • Master's Degree in related field or equivalent combination of training, education and experience
  • Professional certifications such as CISA, CISSP, CRISC, CPA, or similar
  • Experience with GRC tools such as ServiceNow or LogicManager
  • Knowledge of Enterprise Risk Management (ERM) frameworks and risk taxonomy
  • Experience leading cross-functional projects and mentoring team members
  • Experience supporting regulatory exams or acting as a primary liaison for auditors
  • Experience improving audit efficiency and standardizing testing approaches

Additional Information

Hours:
  • Monday - Friday, 8:00AM - 4:30PM


Location:
  • 820 Follin Lane, Vienna, VA 22180
  • 5510 Heritage Oaks Drive, Pensacola, FL 32526
  • 141 Security Drive, Winchester, VA 22602

About Navy Federal Credit Union

Navy Federal Credit Union is a credit union that serves members of the military and their families. The credit union offers a range of financial products and services, including checking and savings accounts, loans, and credit cards. Navy Federal Credit Union was founded in 1933 and is headquartered in Vienna, Virginia. The credit union has more than 9 million members and operates more than 300 branches across the United States and around the world.
Learn more about Navy Federal Credit Union
Size
18,000 employees
Industry
Founded
1933

Similar Jobs

More Jobs at Navy Federal Credit Union

More Information Technology Jobs

Find similar Senior Technical Risk Analyst jobs: