Title: Senior IT Risk AnalystType:PermanentLocation:CorkThe IT Risk Analyst will be responsible for identifying, assessing, and mitigating technology-related risks across the organisation. The role focuses on IT risk management, IT audit support, governance, risk and compliance (GRC), and data protection, ensuring alignment with regulatory requirements, industry standards, and internal policies.THIS IS A BRAND NEW ROLE WITHIN A BRAND NEWLY FORMED TEAMTHIS IS VERY MUCH A IT RISK / GRC FOCUSED ROLETHIS ROLE IS CORK BASEDONSITE 2-3 DAYS PER WEEKKey Responsibilities:IT Risk ManagementIdentify, assess, and monitor IT and cyber risks across systems, applications, and third-party servicesMaintain and enhance the IT risk register, including risk ratings, controls, and remediation plansSupport risk assessments for new technologies, systems, and business initiativesTrack and report on risk treatment plans and key risk indicators (KRIs)Governance, Risk & Compliance (GRC)Support the design, implementation, and operation of the organisation's IT GRC frameworkEnsure alignment with standards and frameworks such as ISO 27001, NIST, COBIT, and ITILAssist with policy development, review, and maintenance (e.g. information security, access control, data protection)Prepare risk and compliance reporting for senior management and governance forumsIT AuditSupport internal and external IT audits, including SOX (if applicable) and regulatory reviewsPerform control testing and evidence gathering for IT general controls (ITGCs)Track audit findings and support remediation activities to closureAct as a key liaison between IT teams, auditors, and risk stakeholdersData Protection & PrivacySupport compliance with data protection regulations such as GDPR and other applicable privacy lawsAssist with data protection impact assessments (DPIAs) and privacy risk assessmentsWork closely with legal, compliance, and security teams on data protection controls and incidentsContribute to awareness and training initiatives related to data privacy and information securityStakeholder EngagementPartner with IT, security, legal, compliance, and business teams to embed risk management practicesProvide advice and guidance on IT risk, controls, and regulatory requirementsContribute to continuous improvement of IT risk and compliance processesSkills & Experience:Proven experience in an IT Risk Analyst, IT Auditor, or GRC-related roleStrong knowledge of IT audit, risk management, and control frameworksHands-on experience with GRC processes and toolsSolid understanding of data protection and privacy regulations (e.g. GDPR)Experience assessing IT controls, risks, and remediation actionsStrong analytical, documentation, and reporting skillsAbility to communicate risk clearly to technical and non-technical stakeholders