Middlesex Savings Bank

  • Senior Risk Analyst

    Location US-MA-Westborough
    Req #
    Risk Management - Risk Management
    Position Type
    Full Time
    Standard Working Hours
    Monday - Friday 8:00am to 5:00pm
  • Overview

    Reporting to the Information Security Officer, the Senior Risk Analyst is responsible for assisting the Information Security Officer with maintaining and continually enhancing the Bank’s information security and vendor management programs.  In particular, responsibilities include assisting with the development, coordination, implementation and governance of enterprise-wide policy and controls.


    Assist with ensuring the Bank’s information security program remains in compliance with applicable standards and regulations, including evolving data privacy regulations.

    Assist with enhancement of control testing processes to ensure information security, risk, and vendor management policies are adhered to.

    Assist with compliance with  cyber security functions including reporting on gaps, variances, and the assessment and disposition of cyber risk.  Assist with completion and maintenance of the Bank’s FFIEC Cybersecurity Assessment

    Perform assessments of the current information security and vendor management framework and assist Information Security Officer with development of guidance that addresses gaps.

    Assist with adherence to vendor management, risk, and information security policies, standards, and procedures.  Assist with socialization of policy & control recommendations to stakeholders across the enterprise in order to gain acceptance.

    Help support the completion of risk assessments of business processes and products to ensure that they align with Bank policies and objectives.

    Participate in information security, vendor management, and risk related projects and initiatives. 

    Assist with the collection and review of vendor due diligence materials in line with GLBA and TSP regulatory guidance

    Assist with the resolution of internal audit and examination findings related to risk, information security, and vendor management.

    Effectively utilize the Bank’s Enterprise Risk Management Software System.

    Ensures full compliance with the Bank’s Information Systems Policies and Procedures.

    Performs related and unrelated duties as may be required.


    • Bachelor’s degree.
    • 2 - 4 of experience in Bank-specific information security, risk, and/or audit areas.
    • Ability to develop and maintain knowledge of applicable laws, regulations, and standards relating to information security and data privacy.
    • Knowledge of bank operations and bank technology applications.
    • Effective communicator, relationship builder, and advocate for sound risk mitigation practices.
    • Privacy and GLBA experience a plus.
    • Strong organizational skills.

    Middlesex Savings Bank is an EO/AA Employer: Min/Fem/Vet/Disabled


    Search Firm Representatives, Please Read Carefully: Middlesex Savings Bank does not accept unsolicited resumes from search firms for this or any employment opportunity



    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed

    Connect With Us!

    Not ready to apply? Connect with us for general consideration.