IT Risk Analyst

About Davy

Davy has spent a century building its reputation through the strength of its people and their contribution to the business. Founded in 1926, the Davy Group is central to wealth and capital in Ireland, serving high-net-worth clients, self-directed investors, SMEs, credit unions, corporates, and domestic as well as international institutional investors.

The organisation’s culture is guided by three core values: client success, One Davy, and building a proud legacy. With a team of more than 900 people, Davy encourages professional growth, personal development, and collaboration.

Role overview

This opportunity sits within the IT division and focuses on identifying, assessing, and helping manage technology-related and cyber security risks across systems, applications, infrastructure, and processes. The position reports into the IS Risk Manager and supports the continued development and operation of a strengthened technology risk framework.

Working closely with domain specialists and subject matter experts, the analyst will help monitor technology risk exposure, support risk analysis, and contribute to the effective management of control and issue processes.

Key duties

• Follow Davy’s conduct standards to safeguard the firm, its clients, and its people.
• Agree clear SMART objectives for the role and help cascade them where needed.
• Perform detailed risk reviews to uncover weaknesses in IT applications and infrastructure.
• Oversee the effectiveness of IT risk management activities, including risk logs, issue handling, and control testing.
• Build, keep up to date, and report risk and control measures on a regular basis.
• Identify cyber and technology threats and assess their potential impact.
• Track IT operations and projects, carry out risk audits, and highlight vulnerable areas.
• Gather and review information from multiple sources to spot emerging threats, trends, issues, and process improvement opportunities.
• Work with IT and business stakeholders to implement mitigation actions and assess how well they work.
• Maintain risk registers and ensure updates are accurate and current.
• Partner with domain experts to identify, assess, and document key risk scenarios while supporting reporting needs.
• Recommend practical, cost-effective controls or compensating measures for major technology risks.
• Compile and challenge data used for key risk indicators.
• Prepare risk reports and status updates for committee review.
• Support the risk event workflow, including tracking and reporting.
• Assist programmes where technology-enabled change could introduce new risk.
• Contribute to continuous improvement initiatives within the team.
• Support client-focused work that strengthens service quality, regulatory adherence, and risk framework compliance.

Risk and compliance expectations

• Understand the risks relevant to the role and the legal and regulatory obligations that apply in a heavily regulated environment.
• Help create a strong risk-aware and compliant culture within the area of responsibility.
• Work in line with the Davy Risk Management Framework, policies, and procedures.
• Follow reporting and escalation rules for risk events, policy breaches, and emerging issues.
• Meet any fitness and probity requirements connected to statutory directorship responsibilities, both initially and on an ongoing basis.
• Act in line with Central Bank of Ireland conduct standards and any additional standards required under the Individual Accountability Framework.
• Stay current with regulatory changes and make sure relevant updates are implemented or escalated appropriately.

Candidate profile

The ideal candidate will bring strong experience in an IT environment, with a preference for financial services exposure. The role also calls for confidence engaging senior stakeholders, strong presentation ability, and a solid background in leading risk reviews.

Technical understanding is important, as is the ability to apply structured problem-solving approaches and communicate clearly in both writing and speech.

Requirements

• Deep understanding of IT business environments.
• Prior experience in financial services is preferred.
• Experience working with senior stakeholders and delivering presentations.
• At least 4 years of experience as an IT Risk Analyst.
• Strong track record in planning and delivering successful risk reviews.
• Risk management certification.
• Ability to apply creative and practical problem-solving methods.
• Strong technical knowledge of infrastructure environments and related business needs.
• Ability to identify business drivers and respond effectively to varied situations.
• Comfort building professional relationships.
• Excellent verbal, written, and presentation communication skills.

Benefits

Davy offers a benefits package designed to support employees through different life stages, including health and wellness support, flexible working options, a flexible benefits allowance, learning and development opportunities, and retirement planning assistance.

Additional offerings include an Employee Assistance Programme, mental health first aid, sports and social activities, competitive pay, bonus, pension, and other benefits for employees and their families.

The workplace is inclusive and diverse, and the company supports a hybrid working model while encouraging ongoing learning and personal development.

Equal opportunity and application notes

Davy is an equal opportunities employer and welcomes applicants from a wide range of backgrounds and experiences. Candidates are encouraged to apply even if they do not meet every requirement listed.

Reasonable accommodations can be provided during the interview process where needed to ensure accessibility.

Appointment to the role is subject to eligibility to work in Ireland. Recruitment agencies are asked not to submit unsolicited CVs or profiles for this position.

Davy Group is part of the Bank of Ireland Group.