IT Risk Associate

Our Company

Explore how you can contribute at AmeriLife.

For over 50 years, AmeriLife has been a leader in the development, marketing and distribution of annuity, life and health insurance solutions for those planning for and living in retirement.

Associates get satisfaction from knowing they provide agents, marketers and carrier partners the support needed to succeed in a rapidly evolving industry.

Job Summary

The IT Risk Associate will support the organization's technology risk management and cybersecurity compliance programs. Reporting to the Senior Director of IT and Cybersecurity Risk, this position helps identify, assess, and mitigate IT-related risks across the enterprise.
This is a hands-on, cross-functional role that provides broad exposure to IT risk assessments, cybersecurity risk analysis, governance activities, issue management, and policy support. The position is well- suited for a detail-oriented professional who is eager to learn, comfortable collaborating across departments, and motivated to build a career in risk and compliance.

Job Description

Key Responsibilities

• Assist in planning and conducting technology risk assessments for systems, applications, and business processes. Help identify potential security vulnerabilities, control gaps, and emerging technology risks; evaluate their likelihood and impact; and contribute to developing mitigation plans.
• Document risk assessment findings, recommendations, and remediation plans for review by senior leaders. Help maintain and update the organization's risk and control inventory, including inherent risk ratings, control mappings, and residual risk calculations, in alignment with the Cyber Risk Management Framework.

• Support maintaining and improving the governance framework for information security and IT risk.
• Assist in drafting, reviewing, and updating risk management policies, procedures, and standards to align with best practices and regulatory requirements.

• Log, monitor, and follow- up on identified risk issues, control exceptions, and cybersecurity incidents. Coordinate with issue owners in IT and business units to drive remediation actions and risk mitigation plans to completion.
• Help develop and track Key Risk Indicators (KRIs) and other risk metrics to measure the organization's technology risk posture.

• Stay current on IT and cybersecurity risk trends, emerging threats, and best-practice frameworks (such as NIST CSF, ISO 27001, COBIT) and applicable regulations. Proactively suggest enhancements to risk assessment processes, tools, and controls.

Qualifications

• Education: Bachelor's degree in Information Technology, Computer Science, Cybersecurity, Information Systems, or a related field. An equivalent combination of education, training, and relevant experience will be considered.
• Experience: 3-5 years of experience (including internships or co-op placements) in IT risk management, cybersecurity, IT audit, compliance, or a related area. Exposure to risk assessment or compliance processes in a corporate or regulated environment is highly valued.
• Technical Knowledge: Basic understanding of IT systems, networks, and security principles (e.g., access controls, vulnerability management, business continuity, data protection). Awareness of risk management and security frameworks or standards such as NIST, ISO 27001, CIS Controls, and regulatory compliance requirements (e.g., NY DFS 23 NYCRR 500, HIPAA) is a plus.
• Analytical Skills: Strong analytical and problem-solving abilities. Capable of interpreting data and technical information to evaluate risk levels and remediation priorities. High attention to detail in documentation and analysis.
• Communication Skills: Excellent written and verbal communication skills. Able to prepare clear reports and presentations on risk findings and convey technical information in business-friendly language. Comfortable engaging with employees at various levels, from technical IT staff to business managers.
• Organizational Skills: Strong time management abilities with the capacity to manage multiple tasks and priorities in a fast-paced environment. Proactive in meeting deadlines and following up on outstanding items.

• Tools: Proficiency with Microsoft Excel, Word, and PowerPoint for analysis, documentation, and reporting. Ability to learn and use risk management or GRC software and other security tools quickly.

 

What AmeriLife Offers

A comprehensive benefits package that includes PTO, medical, dental, vision, retirement savings, disability insurance, and life insurance.

Equal Employment Opportunity Statement

We are an Equal Opportunity Employer and value diversity at all levels of the organization. All employment decisions are made without regard to race, color, religion, creed, sex (including pregnancy, childbirth, breastfeeding, or related medical conditions), sexual orientation, gender identity or expression, age, national origin, ancestry, disability, genetic information, marital status, veteran or military status, or any other protected characteristic under applicable federal, state, or local law. We are committed to providing an inclusive, equitable, and respectful workplace where all employees can thrive.

 

Americans with Disabilities Act (ADA) Statement

We are committed to full compliance with the Americans with Disabilities Act (ADA) and all applicable state and local disability laws. Reasonable accommodations are available to qualified applicants and employees with disabilities throughout the application and employment process. Requests for accommodation will be handled confidentially. If you require assistance or accommodation during the application process, please contact us at HR@AmeriLife.com.

 

Pay Transparency Statement

We are committed to pay transparency and equity, in accordance with applicable federal, state, and local laws. Compensation for this role will be determined based on skills, qualifications, experience, and market factors. Where required by law, the pay range for this position will be disclosed in the job posting or provided upon request. Additional compensation information, such as benefits, bonuses, and commissions, will be provided as required by law. We do not discriminate or retaliate against employees or applicants for inquiring about, discussing, or disclosing their pay or the pay of another employee or applicant, as protected under applicable law. Pay ranges are available upon request.

 

Background Screening Statement

Employment offers are contingent upon the successful completion of a background screening, which may include employment verification, education verification, criminal history check, and other job-related inquiries, as permitted by law. All screenings are conducted in accordance with applicable federal, state, and local laws, and information collected will be kept confidential. If any adverse decision is made based on the results, applicants will be notified and given an opportunity to respond.