New 
IT Risk & Governance Specialist
 Dollar Bank, FSB | |
 United States, Pennsylvania, Pittsburgh | |
 Mar 11, 2026 | |
|
Do you enjoy helping organizations understand and manage IT risk? If so, this may be the position for you. This role will support the Bank's IT risk management and governance efforts by performing and monitoring control testing, documenting results, assisting with remediation of identified issues, and supporting compliance initiatives. The incumbent will collaborate with IT teams, business representatives and audit to help ensure systems and processes align with internal policies, regulatory expectations, and industry standards. This is a hybrid position that requires in office hours.
Education and Experience Requirements: Bachelor's degree in computer science, management information systems, or related area. Will consider commensurate experience. Minimum of five (5) years of IT systems auditing or IT Risk management. Experience in working with reviews of internal controls, functions, audits, and processes (e.g., regulatory examinations, external audits (SOX), and reporting). Preferred IT System Management Preferred: Experience with the FFIEC IT Handbook Preferred Certificate, Licenses and Registration: SCCM, GIAC, CISSP, CISA, or CRISC Knowledge, Skill, and Ability Requirements: Practical knowledge of the following regulations, frameworks, guidelines, and best practices: Sarbanes-Oxley 302/404 (application controls is a plus), ITIL, COBIT, CIS, and NIST relevant to IT Systems Validation. Thorough and demonstratable understanding of risk management practices Demonstrated ability to communicate complex technical and risk concepts clearly and professionally to a wide range of stakeholders, including executive leadership, technical teams, auditors, and non-technical business partners. Strong presentation skills with the ability to confidently deliver information, recommendations, and risk insights to both small and large audiences. Excellent written communication skills, including the ability to develop clear and well-structured reports, risk assessments, governance documentation, and risk mitigation plans. Proven ability to translate technical findings into actionable business recommendations and strategic risk management guidance. Ability to interact professionally with internal and external stakeholders while representing IT Risk and Governance in meetings, committees, and formal presentations Flexible work style to effectively partner with multiple teams and work on an array of projects. Demonstrated ability to effectively manage time and prioritize competing initiatives to meet project deliverables, quality standards and established deadlines. Self-motivated with the ability to work independently, take initiative, and drive projects forward while proactively navigating obstacles and challenges. Essential Functions: Serve as the primary point of contact for IT Risk and Governance. Work with IT, Information Security Governance, and business personnel to conduct ADHOC and recurring risk assessments. Identify, assess, and document technology risks and control effectiveness across systems, processes, and projects. Prepare clear and concise risk reports, dashboards, and briefing materials. Present risk findings, recommendations, and mitigation strategies to various stakeholder groups. Track identified risks and remediation efforts to ensure appropriate resolution and documentation. Assist in the creation, development, and maintenance of IT policies, controls, standards, procedures, and governance documentation. Develop and monitor the IT control environment and recommend improvements to strengthen governance and risk mitigation. Facilitate meetings, risk discussions, and governance forums related to technology risk oversight. Liaison between IT and Internal/External Auditors as well as Regulators including the OCC. Collaborate with Enterprise Risk Management to ensure alignment and enterprise-wide risk activities or deliverables are conducted accordingly within the IT environment. Conduct IT operational risk assessments to identify risk and control gaps and participate in group efforts to find sustainable solutions for executing resultant risk mitigation projects. Contribute to the Architecture Working Group, Vulnerability Management Committee, and Information Security Committee, interfacing with technical staff to assist in understanding, scoring, prioritizing, and remediating risk associated with products and initiatives presented to the group. Identify areas of IT risk and approaches to address those risks (systems, processes, and practices). Chair the IT Risk Working Group Plan, perform, and report the results of internal compliance assessments and audits against the existing systems. Ensure IT Controls are maintained and updated in accordance with FFIEC CAT, CIS, GLBA, ITIL, COBIT, and other frameworks as needed. Coordinate between IT, IT Governance, and Internal/External audit on IT and IT Governance Audit findings. Collect management responses, track and guide the progress of open IT Audit findings and ensure deadlines are met. Actively assist and advise business unit management on how to evaluate and mitigate risks associated with third-party vendors. Maintain and mature the IT Risk Tracker and provide updates for/to the Information Security Risk Register via collaboration with IS Governance Assist with documentation and review of risk and security configurations of applications including but not limited to application entitlements and secure configurations for all applications. Assist with maturation of risk-based culture throughout the bank. Continue to perform self-assessments against the IT environment to ensure all risks are being identified and remediated accordingly. All employees have the responsibility and the accountability to serve as risk managers for their businesses by understanding, reporting, responding to, managing, and monitoring the risk they encounter daily as required by Dollar Bank's risk management program. Compliance with regulatory laws and company procedures is a required component of all position descriptions. | |