IT Risk Management Analyst (13-month contract)
Role Introduction
Reports To: IT Risk Management Senior Lead
This role is part of our global Information Technology team, dedicated to safeguarding the organization’s digital ecosystem through proactive and strategic risk management.
As the IT Risk Management Analyst, you will play a key role in identifying, assessing, and mitigating technology-related risks across the business. You will be responsible for ensuring our IT risk posture remains resilient and aligned with industry best practices.
You will own and continuously enhance the end-to-end IT risk management process, providing hands-on support in risk assessments, mitigation planning, and reporting. Your strong analytical and quantitative skills will be essential in interpreting complex data and translating it into actionable insights that protect our operations and enable informed decision-making.
With your expertise, you will collaborate across teams to embed a risk-aware culture and contribute to a structured career development path within the Information Technology department.
Key Responsibilities
- Support overall risk management process for the organisation, including analysis of financial impact when risks occur
- Perform risk assessment by analysing current risks and identifying potential risks affecting the company
- Provide inputs for risk evaluation
- Support risk management tool
- Input risks into the risk management tool
- Collaborate with extended team for risk reviews
- Support audit processes and follow up on remediation items
- Follow up with risk owners on risk status
- Update risk register
Requirements
- Relevant tertiary education
- Minimum 6 years of IT experience, including 3+ years in IT security
- Professional certifications such as CRISC or CISSP preferred
- Familiarity with IT risk management tools
- Strong team collaboration skills, problem-solving and analytical abilities
- Ability to capture, understand, and communicate risks to stakeholders across the organization
- Skilled in tailoring risk reports to suit different audiences
- Excellent verbal and written communication skills across internal and external teams
- Experience in supporting the development and management of IT risk management processes
- Capability to promote risk awareness within IT and business units and to provide support to all team members
Personal & Application Information
Cathay Pacific is an Equal Opportunities Employer. Personal data provided by job applicants will be used strictly in accordance with our Applicant Personal Information Collection Statement and for recruitment purposes only. Candidates not notified within eight weeks may consider their application unsuccessful. We keep records of your data for no longer than is necessary for the purpose for which we obtained them and any other permitted linked purposes. If your application is unsuccessful, we will keep your details on file for as long as is necessary to process your application or for the purposes of further job opportunities if you agree to such longer periods.
