It Risk Manager Jobs in Florida (NOW HIRING)

IT Risk Associate

For over 50 years, AmeriLife has been a leader in the development, marketing, and distribution of annuity, life, and health insurance solutions for those planning for and living in retirement. Associates get satisfaction from knowing they provide agents, marketers, and carrier partners the support needed to succeed in a rapidly evolving industry.

The IT Risk Associate will support the organization's technology risk management and cybersecurity compliance programs. Reporting to the Senior Director of IT and Cybersecurity Risk, this position helps identify, assess, and mitigate IT-related risks across the enterprise. This is a hands-on, cross-functional role that provides broad exposure to IT risk assessments, cybersecurity risk analysis, governance activities, issue management, and policy support. The position is well-suited for a detail-oriented professional who is eager to learn, comfortable collaborating across departments, and motivated to build a career in risk and compliance.

Key Responsibilities

• Assist in planning and conducting technology risk assessments for systems, applications, and business processes. Help identify potential security vulnerabilities, control gaps, and emerging technology risks; evaluate their likelihood and impact; and contribute to developing mitigation plans.
• Document risk assessment findings, recommendations, and remediation plans for review by senior leaders. Help maintain and update the organization's risk and control inventory, including inherent risk ratings, control mappings, and residual risk calculations, in alignment with the Cyber Risk Management Framework.
• Support maintaining and improving the governance framework for information security and IT risk.
• Assist in drafting, reviewing, and updating risk management policies, procedures, and standards to align with best practices and regulatory requirements.
• Log, monitor, and follow-up on identified risk issues, control exceptions, and cybersecurity incidents. Coordinate with issue owners in IT and business units to drive remediation actions and risk mitigation plans to completion.
• Help develop and track Key Risk Indicators (KRIs) and other risk metrics to measure the organization's technology risk posture.
• Stay current on IT and cybersecurity risk trends, emerging threats, and best-practice frameworks (such as NIST CSF, ISO 27001, COBIT) and applicable regulations. Proactively suggest enhancements to risk assessment processes, tools, and controls.

Qualifications

• Education: Bachelor's degree in Information Technology, Computer Science, Cybersecurity, Information Systems, or a related field. An equivalent combination of education, training, and relevant experience will be considered.
• Experience: 3-5 years of experience (including internships or co-op placements) in IT risk management, cybersecurity, IT audit, compliance, or a related area. Exposure to risk assessment or compliance processes in a corporate or regulated environment is highly valued.
• Technical Knowledge: Basic understanding of IT systems, networks, and security principles (e.g., access controls, vulnerability management, business continuity, data protection). Awareness of risk management and security frameworks or standards such as NIST, ISO 27001, CIS Controls, and regulatory compliance requirements (e.g., NY DFS 23 NYCRR 500, HIPAA) is a plus.
• Analytical Skills: Strong analytical and problem-solving abilities. Capable of interpreting data and technical information to evaluate risk levels and remediation priorities. High attention to detail in documentation and analysis.
• Communication Skills: Excellent written and verbal communication skills. Able to prepare clear reports and presentations on risk findings and convey technical information in business-friendly language. Comfortable engaging with employees at various levels, from technical IT staff to business managers.
• Organizational Skills: Strong time management abilities with the capacity to manage multiple tasks and priorities in a fast-paced environment. Proactive in meeting deadlines and following up on outstanding items.

• Tools: Proficiency with Microsoft Excel, Word, and PowerPoint for analysis, documentation, and reporting. Ability to learn and use risk management or GRC software and other security tools quickly.