Platform Risk & Compliance Analyst - MTBNY

IT - NY - Amherst, NY
Amherst, New York

Locations: Amherst, Dansville, Dunkirk, Kenmore
Posted On: November 05, 2025
Last Day to Apply: November 12, 2025
Pay: $80.00 to $105.00 per hour

Platform Risk & Compliance Analyst

The Platform Risk & Compliance Analyst will assess, document, and mitigate technology and operational risks across core banking platforms and modernization programs. This role ensures that infrastructure and applications comply with stringent financial regulations and cybersecurity standards, while enabling innovation and operational agility.

The analyst will work closely with legal, cybersecurity, architecture, and platform engineering teams to establish and maintain governance over critical banking systems, including payment processing, treasury operations, lending platforms, regulatory reporting, and customer-facing digital channels.

Key Responsibilities:

Conduct formal risk assessments across enterprise platforms (mainframe, distributed, and cloud) supporting core banking, payment rails, fraud monitoring, and customer services.
Evaluate platform modernization efforts for compliance risks, including migration from Hogan/Voyager to cloud-native systems.
Validate adherence to PCI DSS, SOX, FFIEC, GLBA, and NYDFS regulations, including third-party vendor risk components.
Partner with information security to define and enforce platform hardening standards, logging requirements, and access control models.
Use GRC tools to document risk findings, assign ownership, track remediation, and produce regular reports for governance boards and executive leadership.
Collaborate with enterprise architecture teams to ensure resiliency, data privacy, encryption, and segregation of environments align with regulatory expectations.
Support regulatory examinations and internal/external audits by providing evidence of controls, testing results, and risk mitigation plans.
Develop metrics and dashboards to provide visibility into control effectiveness and technology risk posture.
Anticipate and document risks introduced by emerging financial technology (e.g., open banking APIs, real-time payments, cloud transformations).

Required Skills:

7+ years in IT risk, cybersecurity compliance, or technology audit roles.
Strong understanding of financial regulatory frameworks: PCI DSS, SOX, FFIEC, GLBA, NYDFS, NIST 800-53.
Hands-on experience with GRC platforms such as Archer, ServiceNow GRC, or OneTrust.
Deep knowledge of core banking system architectures and their operational risks.
Proven ability to interface with regulators, internal audit teams, and executive stakeholders.
Strong written and verbal communication skills with ability to translate technical risk into business impact.
Familiarity with cloud governance (Azure, AWS) and hybrid legacy systems.