Company: City National Bank
Location: NC
Career Level: Associate
Industries: Banking, Insurance, Financial Services
Description
CYBER & TECHNOLOGY RISK LEAD
WHAT IS THE OPPORTUNITY? The Cyber and Technology Risk Lead will identify, analyze and report enterprise technology & cyber risks for IT Risk management (ITRM) and Technology and Cyber security leadership. This role can be an individual contributor or serve as a team lead over a small group of SMEs. The primary focus of this role is to provide thought leadership and guidance on the current technological environment (systems, processes, and controls) related to best practices and regulatory requirements commensurate of large financial institutions to aide the bank maintain a high level of risk focus and drive actions to ensure risk reduction is managed within defined limits. The Manager will also perform challenge and oversight of the First Line of Defense as a member of the Second Line of Defense, and will provide advice and guide, engage and stayed informed and collect and report information to help provide effective and proactive identification of technology risks. The work product will be shared with the Audit and Risk Committee, Royal Bank of Canada, and CNB's regulators. Position will also perform quantitative and qualitative analysis to support the prioritization of risk mitigation projects, measure progress of technology risk reduction initiatives, and identify areas with high residual risk.
What you will do
- Oversee the identification and execution of IT & Cyber risk assessments leveraging defined IT and Operational Risk Mgmt. practices through independent review and challenge of the technology businesses management practices and the testing of controls. Coverage can include but is not limited to applications, databases, and infrastructure.
- Ensure our credible and timely challenge and oversight of the first line of defense (the business functions) as a member of the second line of defense.
- Perform independent categorization and aggregation of technology risks identified by the first line of defense, and provide a thematic view of risk across the enterprise.
- Helps to develop and communicate key messages to Senior Managers/Leaders and Regulators (Office of Comptroller of the Currency (OCC); Federal Reserve Board (FRB etc.)
- Coordinate with business and technology business units to ensure controls are effective and appropriately address the relevant regulatory and security requirements.
- Translate complex technology and cyber risks into clear, easily understood language that can be understood by both technical and non-technical audiences.
- Provide briefings and communications on technology risk issues for a variety of internal and external stakeholders.
- Coordinate with other compliance functions – like Audit, Legal, Enterprise Risk, and Privacy to be aware and assess relevant regulatory requirements that relate to our technology and cyber practices.
- Supervise staff and provide guidance on deliverables and projects as needed
Must-Have*
- Bachelor's Degree or equivalent
- Minimum 10 years of experience working in Cyber and Technology & Cyber field
- Minimum 3 years of experience in Technology Risk Mgmt. role or equivalent experience in a consulting capacity
Skills and Knowledge
- Experience working for a bank or financial institution or equivalent experience in a consulting capacity
- Strong preference for experience in the technology and cyber profession within the first line of defense at some point in your career. E.g. development, infrastructure, or cyber and technology risk oversight
- Prefer experience with internal control frameworks for information technology, information security, IT governance frameworks, and conducting and analyzing cyber and technology risk assessments
- Demonstrate knowledge and aptitude for methods for scoring, calculating, and quantifying risk
- Prefer certifications: CISSP, CISA, CSIM, CGEIT, CRISC, FAIR or related certifications
- Experience analyzing and applying regulatory requirements (ex, FFIEC) and security practices associated with NIST/CRI, ITIL, COBIT and/or related other industry standard best practices
- Experience in evaluating controls for design effectiveness, operating effectiveness, and efficiency
- Must be able to effectively articulate ideas through verbal and written communications
- Experience with MS Excel, Word, PowerPoint, and eGRC systems, such as Archer or RSAM
- Demonstrated ability to lead and execute across a range of businesses and functions with differing issues and interdependencies
*To be considered for this position you must meet at least these basic qualifications
The preceding job description has been designed to indicate the general nature and level of work performed by employees within this classification. It is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities, and qualifications required of employees assigned to this job.
Benefits and Perks At City National, we strive to be the best at whatever we do, including the benefits and perks we offer our colleagues. Get an inside look at our Benefits and Perks.
INCLUSION AND EQUAL OPPORTUNITY EMPLOYMENT
City National Bank is an equal opportunity employer committed to diversity and inclusion. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status or any other basis protected by law.'
ABOUT CITY NATIONAL
We start with a basic premise: Business is personal. Since day one we've always gone further than the competition to help our clients, colleagues and community flourish. City National Bank was founded in 1954 by entrepreneurs for entrepreneurs and that legacy of integrity, community and unparalleled client relationships continues to drive phenomenal growth today. City National is a subsidiary of Royal Bank of Canada, one of North America's leading diversified financial services companies.
Apply on company website
Find Connections via Linkedin
