Title: ICT Risk AnalystType:PermanentLocation:Cork (onsite 3 days a week)Role PurposeThe ICT Risk Analyst is responsible for identifying, assessing, monitoring, and reporting technology-related risks across the organisation. The role supports effective risk management, regulatory compliance, and the resilience of ICT systems by ensuring risks are understood, mitigated, and aligned with the organisation's risk appetite.Key ResponsibilitiesICT Risk ManagementIdentify and assess ICT risks across infrastructure, applications, data, third-party services, and cyber securityMaintain and update the ICT risk register in line with organisational frameworksPerform risk assessments for new systems, projects, and changes (e.g. cloud adoption, system upgrades)Monitor key risk indicators (KRIs) and emerging technology risksGovernance, Compliance & AssuranceSupport compliance with relevant standards and regulations (e.g. ISO 27001, NIST, COBIT, ITIL, GDPR, SOC2)Assist with internal and external audits, including evidence collection and remediation trackingReview and assess the adequacy of ICT controls and control effectivenessSupport policy development and regular reviews (e.g. information security, access management, incident response)Incident & Resilience SupportSupport ICT incident and cyber incident analysis from a risk perspectiveAssist with business continuity and disaster recovery risk assessments and testingTrack and report on control weaknesses and remediation progressReporting & Stakeholder EngagementPrepare clear risk reports and dashboards for senior management and risk committeesCommunicate ICT risk issues to both technical and non-technical stakeholdersWork closely with ICT, cyber security, compliance, and business teamsKey Skills & Competencies:Technical & Risk SkillsStrong understanding of ICT environments (networks, systems, cloud, applications, data)Knowledge of ICT risk management and control frameworksFamiliarity with cyber security principles and threatsExperience with risk assessment methodologiesAnalytical & Communication SkillsStrong analytical and problem-solving abilitiesAbility to translate technical risks into business impactHigh attention to detail with strong documentation skillsConfident written and verbal communicationQualifications & ExperienceEssentialDegree in Information Technology, Computer Science, Risk Management, or a related field (or equivalent experience)Experience in ICT risk, technology risk, cyber risk, IT audit, or information securityKnowledge of risk and control frameworks (e.g. ISO, NIST, COBIT)DesirableProfessional certifications such as CRISC, CISM, CISSP, ISO 27001 Lead Implementer/Auditor, or similarExperience working in a regulated environmentExposure to third-party or vendor risk management