Join our Talent Network
Talent Network
Skip to main content

IT Risk Analyst

Location: Rapid City, SD, United States
Job ID: 34338
Date Posted: Aug 3, 2022
Salary: $65700 to $98500 annually

Job Description

Job Specifications

Provide support for IT Risk procedures and processes to detail and assess risk in IT for Third Party and Asset related risks through working with all levels of the organization to acquire the accurate inputs for the assessments. The ideal candidate for this position is a confirmed problem solver and integrator of people and processes, as well as an effective internal consultant. The risk assessor must also possess demonstrated domain proficiencies in a number of IT-risk-related disciplines, including information technologies, security, business continuity management, privacy and compliance.

SALARY RANGE:   $65,700 - $98,500 (Determined by the knowledge, skills and abilities of the applicant.)

REPORTING RELATIONSHIP:   Manager IT Risk Management

LOCATION: Our Company Headquarters in Rapid City, South Dakota.

  • Relocation financial assistance is available, amount may vary based on individual circumstances.


  • Perform quantitative and qualitative analysis to support the prioritization of risk mitigation projects, measure progress of technology risk reduction initiatives, and identify areas with high residual risk.
  • Provide assessment, monitoring and coordination support for Policies and Controls related risk activities for the entire IT organization
  • Perform or assist functions within the Third-Party IT Risk Program such as performing assessments, detailing findings and monitoring overall security ratings of external companies.
  • Perform or assist with IT Risk assessments on various assets both inside IT and in other groups.
  • Review and analyze the efficiency of the company’s IT control activities and report on them with concrete  recommendations and findings
  • Follow up on findings in monitoring reviews, self-assessments, automated assessments, and internal and external audits to ensure that appropriate remediation measures have been taken


  • Acts as risk management liaison with all levels of the IT organization and with the lines of business and other internal groups and organizations


  • Minimum of (3) three years of IT experience in IT risk management or a related subject area (for example, security, privacy, business continuity management, audit or compliance) is required.
  • Bachelor’s Degree in Science with a focus on IT or IT-risk-related disciplines or equivalent combination of education and experience, required.


  • Knowledge or ability to learn information in CRMA, PMI-RMP, CGEIT, GRCP, FAIR or comparable certifications. 
  • Solid grasp of common standards and frameworks, such as ISO/IEC 27K Series, IT Infrastructure Library (ITIL), COBIT, CIS Top 20, NIST SP 800 Series and CSF, and Capability Maturity Model Integration.
  • Understanding of information technology concepts and cloud computing methodologies.
  • Knowledge and understanding of Cybersecurity
  • Excellent oral and written communication skills, including the ability to explain technology solutions in business terms, establish rapport to effectively communicate security and risk-related concepts to technical and nontechnical audiences
  • Efficiently handle multiple projects at varying stages of the process.
  • Knowledge of the regulated utility business is desired.
  • Solid skills as a negotiator, to facilitate dedication to, and sign-off on, appropriate levels of residual risk from line-of-business managers.
  • High level of personal integrity, with the ability to handle confidential and otherwise critical matters professionally and with the appropriate level of judgment and maturity.
  • High degree of initiative, dependability and ability to work with little supervision.


The mental and physical descriptions are representative of the activities an employee in an office job performs. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

Mental description: Understand, remember, apply oral and/or written instructions or other information, and communicate routine factual information. Apply common sense in performing job functions, usually within a set of rules or guidelines.

While performing the duties of this job, the employee continuously accesses, inputs, and retrieves electronic information and communicates regarding the information.  Employee frequently moves about the office space. Employee must be able to operate routine office equipment including computers and similar equipment. Must be able to routinely perform this work for an average of 6-8 hours per day and occasional extended hours as necessary. Must be capable of regular, reliable, and timely attendance.

Specific lifting abilities required by this job include: Light work. The employee is continuously moving about the job site or office space. Exerting up to 25 pounds of force occasionally, and/or up to 10 pounds of force frequently and/or a negligible amount of force constantly to move objects. If the use of reaching and moving controls exertion of forces greater than that for sedentary work and the worker sits most of the time, the job is rated for light work.

Work environment: Routinely perform work indoors in climate-controlled shared work area with moderate noise level.Willing to travel occasionally (less than 10 days per year) by automobile (as driver and passenger), commercial airlines, rental vehicles and public transportation and be able to lodge in public facilities. Must have proper licensing to operate a motor vehicle.

This description is not intended to be an all-inclusive list of responsibilities, duties, and requirements for employees in this position. Job descriptions may and do change periodically. Where positions are covered by a collective bargaining unit agreement, the terms and conditions of the agreement will apply.

About our Company: We are a customer, growth and safety focused utility company that is dedicated to our communities. We improve life with energy as an energy partner of choice. Our diverse culture fuels unique perspectives, opening doors to new insights and possibilities. Based in Rapid City, South Dakota, we have over 3000 employees and serve 1.3 million natural gas and electric utility customers across eight states (South Dakota, Montana, Wyoming, Colorado, Nebraska, Iowa, Kansas, and Arkansas).

Enjoy our Comprehensive Benefits Package!  Annual incentive program, 401(k) (6% company match and up to 9% company retirement contribution), tuition reimbursement, paid time off, additional Veteran PTO, paid holidays and annual floating holidays, company paid short term and long term disability, paid parental leave, health and wellness program, and competitive medical, dental and vision insurance.

Candidates must successfully pass a pre-employment drug screen and background check. 

Black Hills Energy does not sponsor applicants for work visas. All applicants must be legally authorized to work in the US.

We are an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, age, or status as a protected veteran.

Wage: 65700 to 98500
Share: mail

Thinking of Relocating?

Rapid City, South Dakota
You'll find that it is the ideal community to live, work and do business in. With hiking trails, the Black Hills, Mount Rushmore and Badlands National Park in your backyard, there are endless opportunities to enjoy nature.

IT Risk Analyst

Rapid City, SD, United States