Manager Cyber Security Risk Analyst Jobs in Iowa

Job Summary:
Athene is a company driven to do more for its customers and financial professionals. They are seeking a Sr. Governance, Risk & Compliance (GRC) Analyst to enhance enterprise technology risk management, cybersecurity governance, and regulatory compliance while collaborating with various teams to assess risks and improve governance practices.
Responsibilities:
• Conduct technology and cybersecurity risk assessments to identify risks, control gaps, and opportunities for program enhancement.
• Manage and maintain the enterprise technology risk register, including risk tracking, reporting, and remediation oversight.
• Partner with technology and cybersecurity teams to strengthen controls, policies, standards, and governance processes aligned to industry frameworks (e.g., NIST) and regulatory requirements (e.g., BMA, NYDFS, SOX).
• Evaluate IT governance and compliance processes to support ongoing program maturity and operational effectiveness.
• Develop and enhance cybersecurity metrics, KPIs, and executive reporting to support governance and risk-informed decision making.
• Provide risk advisory support to technology and business stakeholders on governance, control, and compliance considerations.
• Help shape Athene’s governance approach for AI and emerging technologies by partnering across technology, legal, compliance, and risk functions.
• Assess AI and emerging technology use cases for risk, control effectiveness, regulatory alignment, and operational readiness.
• Contribute to the development and operationalization of AI governance standards, controls, and risk management practices.
• Monitor adherence to AI governance requirements, including documentation, control evidence, and risk management procedures.
• Support internal and external audit inquiries related to AI usage, data governance, and technology risk oversight.
• Perform technology and cybersecurity due diligence assessments for key vendors and third parties, including review of SOC 1 and SOC 2 reports.
• Monitor third-party risk ratings and coordinate remediation or follow-up activities related to identified concerns.
• Partner with business and technology teams to evaluate vendor risk exposure and strengthen third-party governance practices.
• Respond to client, partner, and vendor security assessments and questionnaires, clearly communicating Athene’s security controls and governance practices.
• Serve as a key liaison for technology risk, audit, and regulatory activities, helping streamline evidence collection, remediation tracking, and control maturity efforts.
• Partner with Internal Audit, External Audit, and Technology teams to support technology audits and SOX IT control testing.
• Track and manage remediation activities related to audit findings, risk assessments, and compliance initiatives.
• Monitor evolving cybersecurity and technology regulations and support readiness efforts across the organization.
• Partner with cybersecurity teams to track vulnerability remediation efforts and support enterprise risk reduction initiatives.
• Coordinate and facilitate cyber incident response exercises, disaster recovery activities, and tabletop simulations.
• Support the enterprise security awareness program, including annual training initiatives and phishing simulation activities.
• Develop governance, risk, and compliance educational materials to increase awareness and strengthen risk culture across the organization.
• Maintain and enhance Athene’s GRC platform and supporting workflows as the program evolves.
• Identify opportunities to improve processes, reporting, automation, and control visibility across governance and compliance activities.
• Collaborate with technology leadership, cybersecurity teams, and risk management stakeholders to develop and track remediation action plans and strategic initiatives.
Qualifications:
Required:
• Bachelor’s degree in Accounting, Management Information Systems, Computer Science, Cybersecurity, or related field (or equivalent experience) and 5+ years of experience in IT risk management, cybersecurity governance, IT audit, GRC, compliance, consulting, or professional services environments.
• Strong understanding of IT risk frameworks, governance practices, and internal control methodologies, including SOX IT controls.
• Experience assessing technology and cybersecurity risks, evaluating control effectiveness, and supporting remediation efforts.
• Ability to communicate effectively with both technical and non-technical stakeholders across all levels of the organization.
• Strong analytical, problem-solving, and organizational skills with the ability to manage multiple priorities independently.
• Experience working in a regulated industry or financial services environment.
Preferred:
• Professional certifications such as CRISC, CISA, CISSP, or similar.
• Experience supporting AI governance, emerging technology risk, or cybersecurity compliance initiatives.
• Experience with ServiceNow IRM/GRC or similar governance and risk management platforms.
• Familiarity with regulatory frameworks and standards such as NIST, NYDFS, BMA, ISO 27001, or COBIT.
Company:
Athene Holding is a life insurance company that provides retirement savings products for individuals and institutions. Founded in 2009, the company is headquartered in West Des Moines, USA, with a team of 1001-5000 employees. The company is currently Late Stage.