Risk & Control Analyst

Risk & Control Analyst: Blockchain and AWS Platforms

Join our team as a Technology Risk & Control Analyst, responsible for maintaining a strong control environment for applications built on Blockchain/Distributed Ledger Technology (DLT) and deployed on AWS cloud infrastructure. This role involves continuous monitoring, evidence validation, audit coordination, and ensuring compliance with internal and regulatory standards.

Key Responsibilities

  • Monitor control performance, security alerts, and compliance dashboards for Blockchain/DLT-based applications hosted on AWS.
  • Analyze alerts to detect control deviations or vulnerabilities in cryptographic key management, smart contracts, and cloud security configurations (IAM, network access, storage policies, etc.).

Evidence Gathering & Compliance Evaluation

  • Collaborate with Engineering and Operations teams to collect and validate evidence such as access logs, configuration snapshots, and change documentation.
  • Evaluate evidence against control frameworks, policies, and regulatory requirements.
  • Document, track, and follow through on remediation for control gaps or deficiencies.

Audit & Regulatory Liaison

  • Serve as the key point of contact between Technology, Internal Audit, External Audit, and Compliance teams.
  • Prepare audit documentation, control narratives, and supporting evidence packages.
  • Facilitate audit fieldwork, respond to auditor queries, and oversee closure of findings.

Reporting & Communication

  • Prepare and deliver periodic reports on risk posture, control effectiveness, and audit issue status to senior leadership.
  • Communicate risk insights, control expectations, and compliance requirements effectively to both technical and non-technical stakeholders.

Required Qualifications, Capabilities, and Skills Experience & Knowledge

  • 5+ years in Technology Risk Management, IT Audit, Information Security, or IT Compliance, ideally within financial services.
  • Strong foundational understanding of risk management, control testing, and evidence collection techniques.
  • Familiarity with AWS security components (VPC, IAM, EC2, S3, CloudTrail, etc.).
  • Basic understanding of Blockchain/DLT concepts including decentralization, immutability, smart contracts, and related risk considerations.

Technical & Analytical Skills

  • Ability to review logs, reports, and configurations to assess control compliance.
  • Proficiency with documentation, analytics, and issue-tracking tools.

Communication

  • Excellent verbal and written communication skills, with the ability to translate technical risks into clear, business-friendly language.

Preferred Qualifications, Capabilities, and Skills

  • Experience supporting DevOps/Agile engineering teams with integrated control monitoring.
  • Knowledge of regulatory frameworks (e.g., SOX, GLBA, NYDFS) relevant to cloud and emerging technologies.
  • Certifications such as CISA, CRISC, Security+, AWS Cloud Practitioner, or other related credentials.
Job Category: Risk/Technology
Job Type: Full Time
Job Location: On-site

Apply for this position

Allowed Type(s): .pdf, .doc, .docx