Columbia Bank
Summary
The Enterprise Technology Risk Analyst identifies, assesses, and monitors technology risks across the organization. The role provides second-line oversight and independent challenge, helps maintain compliance with regulatory and industry standards, and strengthens the company’s overall security posture. You will work cross-functionally to execute risk assessments, maintain continuous monitoring, track issues and exceptions, and prepare clear reporting for management and committees. Job Responsibilities
Risk Assessment and Control Assurance Perform technology risk assessments to identify vulnerabilities and threats. Evaluate the effectiveness of controls, document results, and recommend improvements. Continuous Technology Monitoring and Reporting Maintain and improve technology risk indicators and control monitoring routines. Monitor and report on technology risk metrics and performance indicators. Compile assessment findings and produce dashboards, reports, and presentations for management and stakeholders. Compliance and ISMS Maintenance Maintain the process, risk, and control library Update policies, standards, and procedures aligned to ISO 27001. Support audits and regulatory examinations with timely evidence and responses. Technology Risk Monitoring and Reporting Provide second-line challenge on projects, changes, and new technologies. Contribute to materials for risk committees and senior management updates. Issue & Exception Management Log and track risk exceptions and issues, including documentation of mitigation plans. Monitor status, escalate delays, and verify remediation effectiveness. Performs other job-related duties as assigned. Other Responsibilities Performs other job-related duties as assigned. Job Requirements
Bachelor’s degree (or Associate’s with equivalent experience) in Information Technology, Cybersecurity, Risk Management, or related field. 2+ years of experience in IT risk management, internal/external audit, ITGC testing, or control assurance. Working knowledge of regulatory and industry frameworks (e.g., ISO 27001 & 27002, NIST CSF, Cyber Risk Institute Profile). Strong analytical, writing, and problem-solving skills. Effective communication and collaboration across first, second, and third lines. Preferred
Professional certifications such as CISSP, CISM, or CRISC are preferred Benefits
Medical, Dental, Vision and Rx which are contributory. Bonus programs. Employee Stock Option Program (ESOP). Life Insurance, Long Term Disability and Accidental Death and Dismemberment (LTD&AD&D). Paid Time Off (PTO) which includes Personal and Vacation Time. Paid Sick Time. Bank Holidays. Employees may participate in the 401k program. Schedule
This role is eligible for a hybrid schedule; 3 days in the office and 2 days work from home based on business need. Columbia Bank and its affiliates is an Equal Opportunity Employer, including individuals with disabilities and veterans.
#J-18808-Ljbffr
The Enterprise Technology Risk Analyst identifies, assesses, and monitors technology risks across the organization. The role provides second-line oversight and independent challenge, helps maintain compliance with regulatory and industry standards, and strengthens the company’s overall security posture. You will work cross-functionally to execute risk assessments, maintain continuous monitoring, track issues and exceptions, and prepare clear reporting for management and committees. Job Responsibilities
Risk Assessment and Control Assurance Perform technology risk assessments to identify vulnerabilities and threats. Evaluate the effectiveness of controls, document results, and recommend improvements. Continuous Technology Monitoring and Reporting Maintain and improve technology risk indicators and control monitoring routines. Monitor and report on technology risk metrics and performance indicators. Compile assessment findings and produce dashboards, reports, and presentations for management and stakeholders. Compliance and ISMS Maintenance Maintain the process, risk, and control library Update policies, standards, and procedures aligned to ISO 27001. Support audits and regulatory examinations with timely evidence and responses. Technology Risk Monitoring and Reporting Provide second-line challenge on projects, changes, and new technologies. Contribute to materials for risk committees and senior management updates. Issue & Exception Management Log and track risk exceptions and issues, including documentation of mitigation plans. Monitor status, escalate delays, and verify remediation effectiveness. Performs other job-related duties as assigned. Other Responsibilities Performs other job-related duties as assigned. Job Requirements
Bachelor’s degree (or Associate’s with equivalent experience) in Information Technology, Cybersecurity, Risk Management, or related field. 2+ years of experience in IT risk management, internal/external audit, ITGC testing, or control assurance. Working knowledge of regulatory and industry frameworks (e.g., ISO 27001 & 27002, NIST CSF, Cyber Risk Institute Profile). Strong analytical, writing, and problem-solving skills. Effective communication and collaboration across first, second, and third lines. Preferred
Professional certifications such as CISSP, CISM, or CRISC are preferred Benefits
Medical, Dental, Vision and Rx which are contributory. Bonus programs. Employee Stock Option Program (ESOP). Life Insurance, Long Term Disability and Accidental Death and Dismemberment (LTD&AD&D). Paid Time Off (PTO) which includes Personal and Vacation Time. Paid Sick Time. Bank Holidays. Employees may participate in the 401k program. Schedule
This role is eligible for a hybrid schedule; 3 days in the office and 2 days work from home based on business need. Columbia Bank and its affiliates is an Equal Opportunity Employer, including individuals with disabilities and veterans.
#J-18808-Ljbffr