We use cookies. Find out more about it here. By continuing to browse this site you are agreeing to our use of cookies.
I agree and accept cookies
Main menu
Post a Job
Request a Demo
Yes
No
Both
Advanced search
#alert
Back to search results / More jobs like this
Back to search results
New
BankUnited jobs

Senior Technology Risk & Controls Analyst (Hybrid-Miami Lakes)

BankUnited
United States, Florida, Miami Lakes
Dec 03, 2025
SUMMARY: This position has primary responsibility for the build out, update and execution of the Company's Technology Risk Program for the first Line of Defense (1LOD). Individuals in this position provide risk expertise and assistance to make sure technology assets are suitably protected, receiving oversight and direction from the 2LOD IT Risk team. The incumbent will work with key technology stakeholders to facilitate technology risk analysis, assist with the identification and build-out of suitable controls so residual risk is within the Bank's Risk Appetite. This position will also support testing of technology controls, technology risk assessments, key risk indicators reporting, and technology projects as assigned.
ESSENTIAL DUTIES AND RESPONSIBILITIES include the following. Other duties and special projects may be assigned.

  • Identifies and assess technology risks across processes, applications, and infrastructure. Conduct risk assessments and maintain accurate risk documentation (e.g., risk registers, RCSA).
  • Collaborates with technology teams to design and implement effective controls based on industry-recognized frameworks such as NIST CSF, NIST SP 800-53, and RMF. Perform control testing and review IT control effectiveness, supporting remediation of gaps.
  • Serves as the primary liaison between IT (1LoD) and audit teams (Internal, External, SOX). Coordinate evidence collection, facilitate audit requests, and support issue owners in timely remediation. Track and report on open audit issues until closure.
  • Analyzes and report results of control testing, risk assessments, and technology-related metrics (KPIs and KRIs). Present findings and recommendations to 1LoD and 2LoD management.
  • Ensures adherence to internal policies and applicable regulations. Review and validate technology-related data transfers to external parties, ensuring secure and compliant processes.
  • Promotes risk awareness across IT teams and act as a trusted advisor for technology risk-related decisions. Provide guidance and training on IT risk and control practices.
  • Supports development and maintenance of IT risk policies, standards, and procedures. Apply frameworks such as NIST CSF and other best practices to strengthen IT governance.
  • Partners with IT process owners, 2LoD, and other stakeholders to ensure timely implementation of controls and remediation actions.
  • Provides support for the External Data Transfer process by tracking, reviewing, and validating data sent outside the Bank to ensure secure transmission and facilitate the timely closure of each request.
  • Partners with IT Process Owners to identify continuous improvement opportunities with emphasis on risk mitigation.
  • Explores application of AI in role to automate tasks or improve user experience.
  • Adheres to and complies with applicable, federal and state laws, regulations and guidance, including those related to anti-money laundering (i.e. Bank Secrecy Act, US PATRIOT Act, etc.).
  • Adheres to Bank policies and procedures and completes required training.
  • Identifies and reports suspicious activity.

EDUCATION
Bachelor's Degree in cybersecurity, computer science, or related field, or equivalent work experience preferred
EXPERIENCE

  • 4-6 years of progressive experience in IT risk management, IT Audit, or cybersecurity and technology controls, with a strong background in risk assessments, regulatory compliance, and governance frameworks

CERTIFICATES, LICENSES, REGISTRATIONS

  • Certifications in technology, security, and auditing, such as CISSP, CCSP, CISA, or CRISC, are a plus preferred

KNOWLEDGE, SKILLS AND ABILITIES

  • In-depth knowledge of risk management and technology controls frameworks and standards, such as NIST, CIS, PCI-DSS (High)
  • Strong understanding of IT infrastructure, cloud security, and data protection practices (High)
  • Knowledge of regulatory and compliance frameworks relevant to the financial industry (Medium)
  • Strong analytical and problem-solving skills (High)
  • Excellent communication and interpersonal skills (High)
  • Ability to work independently and as part of a team (High)
  • Ability to perform role with minimal supervision.

ADDITIONAL INFORMATION

  • Candidates residing in locations within BankUnited's footprint may be given preference.


#GoForMore
Applied = 0
MORE JOBS LIKE THIS

(web-df9ddb7dc-vp9p8)