IT Risk Analyst

Rockland Trust is a full‑service commercial bank and financial services company committed to helping our neighbors reach their financial goals. Founded in 1907 and headquartered in Massachusetts, we proudly serve individuals, families, and businesses throughout New England with a strong emphasis on personal relationships, local decision‑making, and community impact.

With a broad range of banking, wealth management, and investment solutions, Rockland Trust combines the resources of a growing financial institution with the personalized service of a community bank.

Our long‑standing philosophy—Where Each Relationship Matters®—guides how we work with our customers, colleagues, and communities every day.

At Rockland Trust, our employees are at the heart of our success. We foster a collaborative, inclusive, and values‑driven culture that encourages professional growth, innovation, and work‑life balance. We are deeply committed to community involvement, financial education, and creating a workplace where individuals can build meaningful, long‑term careers.

We are currently seeking a BO/IT Risk Analyst to enhance our growing IT Risk Management team. As a member of the team, this position will provide practical and technical IT risk assessment expertise.

The IT Risk Analyst’s primary responsibility will be to conduct various risk assessments, including control design assessments, and control operating effectiveness testing for core IT processes, and devices, among other things. The details of assessment and testing performed will be recorded in the Bank’s systems of record, and results will be communicated to the appropriate stakeholders. The IT Risk Analyst will play a significant role in engaging various IT owners and contacts across business areas while assessing risk. This role will require close collaboration with application and infrastructure teams to define and assess risks, document and evaluate control design, and test control operating effectiveness. Further, the IT Risk Analyst will participate in the design and evaluation of proposed remediation plans for noted issues to support compliance with prescribed requirements.

The IT Risk Analyst will be encouraged to identify opportunities to automate the risk assessment process across the Bank and implement other compliance automation tools. The IT Risk Analyst may work on other regulatory and process risk assessment programs as well. Assessment duties assigned to this role require continuous development of knowledge regarding specific requirements, risks, and controls across a range of technologies, applications, processes, and infrastructure.

Responsibilities:

• Assist with the development and enhancement of Bank-wide technology risk assessment programs, by way of understanding regulations, rules, and requirements to which the Bank is subject, assessing risk against those standards, assessing control design against specified risks, and executing control operating effectiveness testing to determine overall control effectiveness as it relates to specific risks
• Conduct application and device risk assessments to gather risk specific information about technology applications and across various infrastructure components (network, storage, voice, etc.) to allow for risk assessment, design assessment, and control operating effectiveness testing
• Conduct initial interviews/walkthroughs with key stakeholders to establish understanding of controls that exist within the application or process to ensure that relevant controls are accurately documented and inventoried
• Frequent close collaboration with a wide range of stakeholders, both IT and non-IT, to perform the IT Risk Analyst’s duties, including walkthroughs, evidence gathering, and testing
• Partner with key stakeholders to identify and assess proposed plans to remediate identified issues and/or deficiencies and provide relevant input
• Participate in communications between IT/IS and the levying entity to serve as point of contact for issues handling (as agreed upon)
• In conjunction with the rest of the team, inform key stakeholders of assessment results based on the procedures performed, and the impact those results have on the Bank
• Document work performed, including supporting evidence, and results thereof in the Bank’s system of record
• Participate in the continuous improvement efforts of the IT Risk Assessment Team to enhance the risk assessment process and continue adding value to the overall program
• Demonstrate a proactive mindset for security education, awareness, and the IT environment

Requirements:

• Bachelor's degree, preferably in Accounting, Cybersecurity (Information Assurance), Computer Science, Information Technology, or similar
• 2-4 years of internal or external technology audit or risk assessment experience, including design assessment and control operating effectiveness testing
• Financial services industry experience, or previous history of successfully navigating a highly regulated and matrixed environment
• Detail oriented with the ability to examine and evaluate processes, controls, and issues to contribute to the successful and appropriate assessment of risk, while understanding how this applies to the holistic performance of the company
• Articulate and support responses to audit or other types of findings
• Ability to both work independently and collaborate effectively within a broader team and organization
• Excellent verbal and written communication skills, including the ability to effectively participate in discussions and meetings with internal management, key stakeholders, team members, and other groups involved in the technology risk assessment process
• Basic project and time management skills and ability to meet deadlines
• Exposure to risk frameworks such as NIST, CIS, COBIT, or ISO preferred
• CRISC, IT Risk Assessment/ Audit, CISSP, CISA, CISM or other industry-recognized risk and information assurance certifications preferred

Benefits & Culture

Our goal is to offer our colleagues the most generous benefits package possible. We provide a comprehensive suite of benefits designed to support your health, financial security, and overall, well‑being. Benefits include: competitive compensation with performance‑based incentive awards, health and dental insurance, a 401(k) and DC retirement plan, LTD and life insurance, paid vacation, day care reimbursement, tuition assistance for undergraduate and graduate programs, an award‑winning wellness program, and much more!

At Rockland Trust, you’ll find a respectful and inclusive environment where everyone has the opportunity to succeed. We are an equal opportunity employer, and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status, or any other characteristic protected by law.

Pay Transparency

Compensation for this role will be based on a variety of factors, including skills, experience, education, and internal equity. The salary range posted reflects the company’s good‑faith estimate of the range for this position at the time of posting. Actual compensation may vary. In addition to base salary, certain positions may be eligible for additional compensation, including commissions, incentive awards or stipends.

Accessibility & Accommodations

We are committed to providing reasonable accommodations to enable individuals with disabilities to perform the essential functions of their roles.