Title
: Senior IT Risk Analyst
Type:
Permanent
Location:
Cork
The IT Risk Analyst will be responsible for identifying, assessing, and mitigating technology-related risks across the organisation. The role focuses on IT risk management, IT audit support, governance, risk and compliance (GRC), and data protection, ensuring alignment with regulatory requirements, industry standards, and internal policies.
THIS IS A BRAND NEW ROLE WITHIN A BRAND NEWLY FORMED TEAM
THIS IS VERY MUCH A IT RISK / GRC FOCUSED ROLE
THIS ROLE IS CORK BASED
ONSITE 2-3 DAYS PER WEEK
Key Responsibilities:
IT Risk Management
* Identify, assess, and monitor IT and cyber risks across systems, applications, and third-party services
* Maintain and enhance the IT risk register, including risk ratings, controls, and remediation plans
* Support risk assessments for new technologies, systems, and business initiatives
* Track and report on risk treatment plans and key risk indicators (KRIs)
Governance, Risk & Compliance (GRC)
* Support the design, implementation, and operation of the organisation's IT GRC framework
* Ensure alignment with standards and frameworks such as ISO 27001, NIST, COBIT, and ITIL
* Assist with policy development, review, and maintenance (e.g. information security, access control, data protection)
* Prepare risk and compliance reporting for senior management and governance forums
IT Audit
* Support internal and external IT audits, including SOX (if applicable) and regulatory reviews
* Perform control testing and evidence gathering for IT general controls (ITGCs)
* Track audit findings and support remediation activities to closure
* Act as a key liaison between IT teams, auditors, and risk stakeholders
Data Protection & Privacy
* Support compliance with data protection regulations such as GDPR and other applicable privacy laws
* Assist with data protection impact assessments (DPIAs) and privacy risk assessments
* Work closely with legal, compliance, and security teams on data protection controls and incidents
* Contribute to awareness and training initiatives related to data privacy and information security
Stakeholder Engagement
* Partner with IT, security, legal, compliance, and business teams to embed risk management practices
* Provide advice and guidance on IT risk, controls, and regulatory requirements
* Contribute to continuous improvement of IT risk and compliance processes
Skills & Experience:
* Proven experience in an IT Risk Analyst, IT Auditor, or GRC-related role
* Strong knowledge of IT audit, risk management, and control frameworks
* Hands-on experience with GRC processes and tools
* Solid understanding of data protection and privacy regulations (e.g. GDPR)
* Experience assessing IT controls, risks, and remediation actions
* Strong analytical, documentation, and reporting skills
* Ability to communicate risk clearly to technical and non-technical stakeholders