Job Description
We are driven to do more. More for our customers and the financial professionals who offer our products. If you are driven to do more and love the challenge of pursuing more, Athene is your kind of company. You will find we offer more than the basics to create an inclusive and dynamic work environment at our various locations.
Purpose: Athene is seeking a Governance Risk & Compliance Analyst III to support enterprise technology risk management and IT audit/compliance activities. This role partners closely with IT, Cybersecurity, Internal Audit, and Risk Management to assess risk, strengthen controls, and ensure regulatory and audit readiness in a highly regulated financial services environment. This position offers the opportunity to make a measurable impact in a fast-paced, collaborative environment while helping to advance Athene's security posture and regulatory compliance.
This position is ideal for an experienced professional with a balanced background in IT risk, governance, and IT audit, who can operate independently while influencing stakeholders across the organization.
Accountabilities: IT Risk Management & Governance - Conduct internal cyber risk assessments to identify risks, control gaps, and improvement opportunities.
- Manage, track, and report on enterprise technology risks, maintaining an up-to-date risk register.
- Maintain and enhance IT and cybersecurity controls, policies, and standards aligned to industry frameworks (e.g., NIST) and regulatory requirements (e.g., BMA, NYDFS).
- Facilitate ongoing assessments of IT governance and compliance processes.
- Support cybersecurity metrics, KPIs, and reporting for governance and leadership review.
AI & Emerging Technology Risk - Support the identification, assessment, and ongoing monitoring of risks associated with artificial intelligence (AI) and emerging technology use cases.
- Partner with technology, legal, compliance, and risk stakeholders to assess AI use cases for governance, control design, and regulatory readiness.
- Monitor adherence to AI governance standards, policies, and risk management practices, including documentation and control evidence.
- Support audit and regulatory inquiries related to AI usage, data governance, and technology risk controls.
Third-Party & Vendor Risk - Perform due diligence on key vendors, including assessment of SOC 1 and SOC 2 reports.
- Monitor third-party risk scores (e.g., BitSight) and coordinate follow-up on relevant findings.
- Respond to security questionnaires and assessments from business partners, providing clear insight into Athene's security controls and processes.
Audit & Regulatory Compliance - Partner with Internal Audit and IT teams on technology audits, including scoping, evidence collection, and remediation tracking.
- Coordinate with external auditors to support SOX IT control testing and request fulfillment.
- Monitor compliance with key regulatory requirements (e.g., NYDFS) and support readiness for emerging cybersecurity regulations.
Cybersecurity Program Support - Track vulnerabilities identified through Athene's threat and vulnerability management program and support remediation efforts.
- Coordinate and facilitate cyber incident response exercises, disaster recovery, and tabletop drills.
- Assist with the security awareness program, including annual training updates and phishing simulations.
- Develop governance, risk, and compliance (GRC) educational and training materials.
Tools & Process Enablement - Maintain and update Athene's GRC platform, recommending enhancements as the program evolves.
- Work closely with technology leadership, cybersecurity teams, and risk management to develop and track remediation action plans.
Qualifications and Experience: - Bachelor's degree in Accounting, Management Information Systems, Computer Science, or related field, or equivalent experience.
- 4+ years of experience in IT risk management, IT audit, GRC, or compliance roles.
- Strong knowledge of IT risk frameworks and internal control methodologies, including SOX.
- Ability to independently assess risk, evaluate controls, and partner effectively with auditors and technology teams.
- Experience working in a regulated or financial services environment.
Preferred - CRISC, CISA, CISSP, or similar certification.
- IT audit or professional services experience.
- Experience with ServiceNow IRM module or similar platforms.
Drive. Discipline. Confidence. Focus. Commitment. Learn more about working at Athene.
Athene is a Military Friendly Employer! Learn more about how we support our Veterans.
Athene is committed to inclusion and is proud to be an Equal Opportunity Employer. We do not discriminate on the basis of race, color, religion, sex, national origin, age, disability, marital status, sexual orientation, veteran status or any other status protected by federal, state or local law.
Job Tags
Local area,