Risk and Controls Analyst

Career Guide

A Risk and Controls Analyst helps an organization identify what could go wrong, evaluates how well current controls prevent issues, and supports improvements that reduce financial, operational, and compliance risks. The role typically partners with business teams, audit, security, and compliance to document processes, test controls, and track fixes.

Browse All Roles

Key Responsibilities

Document key business processes and the controls that support them
Identify risks and control gaps through interviews, walkthroughs, and evidence reviews
Test controls for design quality and operating effectiveness
Support risk assessments and maintain risk and control registers
Track issues, corrective actions, and deadlines to completion
Prepare clear reports for managers and stakeholders
Coordinate with internal audit and external audit during reviews
Help improve policies, procedures, and control documentation
Monitor control changes after system or process updates
Support training and awareness on control expectations

Top Skills for Success

Risk Assessment

Control Testing

Process Mapping

Issue Management

Evidence Review

Regulatory Awareness

Policy Writing

Stakeholder Management

Clear Business Writing

Data Analysis

Attention to Detail

Project Coordination

Career Progression

Can Lead To

Senior Risk and Controls Analyst

Risk Manager

Controls Manager

Internal Audit Senior

Compliance Manager

Operational Risk Manager

Transition Opportunities

Enterprise Risk Analyst

Information Security Risk Analyst

Fraud Risk Analyst

Third Party Risk Analyst

Governance Analyst

Common Skill Gaps

Often Missing Skills

Control DesignRisk ReportingAudit ReadinessChange ManagementAutomation BasicsTool ProficiencyExecutive Communication

Development SuggestionsStrengthen fundamentals by learning how controls are designed, how evidence is evaluated, and how results are communicated. Practice writing short risk summaries with clear impact and recommended actions. Build comfort with common risk and controls tools and basic automation to reduce manual testing effort. Seek feedback from audit and compliance partners to improve clarity and consistency.

Salary & Demand

Median Salary Range

Entry LevelUSD 60,000 to 80,000

Mid LevelUSD 80,000 to 110,000

Senior LevelUSD 110,000 to 150,000

Growth Trend

Steady demand, driven by regulatory expectations, cybersecurity needs, and increased focus on operational resilience. Hiring is strongest in financial services, healthcare, technology, and regulated industries.

Companies Hiring

Major Employers

JPMorgan ChaseBank of AmericaWells FargoCitigroupGoldman SachsMorgan StanleyAmerican ExpressVisaMastercardUnitedHealth GroupCVS HealthAmazonMicrosoftGoogleDeloittePwCEYKPMG

Industry Sectors

BankingInsuranceAsset ManagementPaymentsHealthcareTechnologyRetailManufacturingEnergyProfessional Services

Recommended Next Steps

Build a portfolio of two to three examples of process maps, control descriptions, and test plans using realistic scenarios

Learn a recognized risk and controls framework and use it to structure your documentation

Improve spreadsheet skills for sampling, tracking issues, and summarizing test results

Practice concise reporting by writing one page summaries of findings and recommendations

Partner with internal audit on a project to learn evidence expectations and review standards

Volunteer to support a control update after a process or system change to gain hands on experience