At Bank of the West, our people are having a positive impact on the world. We’re investing where we feel we can make the most impact, like advancing diversity and women entrepreneurship programs, financing for more small businesses, and promoting programs for sustainable energy. From our locations across the U.S., Bank of the West is taking action to help protect the planet, improve people’s lives, and strengthen communities. We are part of BNP Paribas, a global leader supporting the UN Sustainable Development Goals (SDGs). Yes, we’re a bank, but as the bank for a changing world, we are continually seeking to improve the ways we help our customers, while contributing to more sustainable and equitable growth.

Job Description Summary


 

The Governance, Risk, and Compliance (GRC) Sr. Cybersecurity Risk Analyst is responsible for performing assessments of the Bank’s information security controls through inspections of policies and evidence of security and cyber-resiliency controls to validate operational effectiveness and identify gaps. Responsible for coordinating, developing, and managing controlling workflow activities and deadlines; maintaining, organizing, and gathering information. Collaborates with colleagues, management and business partners to identify risks within the Bank to enhance the security controls and protect the Bank’s sensitive data.

Essential Job Functions

  • Maintain methodology and facilitate execution of inherent and residual IT application risk assessments and other technology risk assessments.
  • Oversee/challenge risk control self-assessments (RCSAs) for risks related to the achievement of Bank of the West’s cybersecurity objectives.
  • Maintain the technology- and information-related risk management framework/taxonomy, including identification and reporting of IT risks and Key Risk Indicators (KRIs) and ensure integration with Enterprise Risk Management (ERM) framework.
  • Ensures work effort dependencies, assumptions, risks and issues are defined, documented and communicated to the appropriate lead and/ stakeholder.
  • Leads risk assessments to identify risks to security and cyber resiliency controls. Documents overall effectiveness of operational controls within the Bank.
  • Track and report Cybersecurity maturity against NIST Cybersecurity Framework (CSF) and FFIEC CAT.
  • Directs, counsels, and instructs Jr Analysts assigned to assist on GRC projects and review their work for technical proficiency, reasonableness and adequacy of documentation
  • Reviews internal and external security and technical processes (audit, vulnerability and penetration test results, cyber resiliency plans, etc.) to validate the effectiveness of operational controls.

#LI-WJ1


Required Experience

Education

  • Bachelor's Degree Business, Computer Science, Information Assurance, Management Information Systems or related field

Work Experience  

  • 7 years in Risk Management, Business Analytics, Information Security, IT Audit, or related field.
  • Prior IT audit experience in public accounting or internal audit preferred

Skills

  • CISA, CISM, CRISC or CISSP certification(s) required
  • Strong written and verbal communication skills for report writing, business requirement proposals, technical policies, and methodology documentation.
  • Sound interpersonal, negotiation, and influencing skills; ability to facilitate discussions around complex issues and bring them to resolution
  • Solid analytical and problem-solving skills coupled with thoroughness and attention to detail is highly desired.
  • Good understanding of industry practices and metric reporting fundamentals.
  • Ability to adjust to rapidly changing security environment, prioritize deliverables and manage workflow.
  • Ability to exercise sound judgment and make effective recommendations to management
  • Ability to optimize and condense information and transform data into easily understandable concepts.
  • Solid understanding of financial industry, risk management, and/or corporate security.
  • Basic technical skills in MS Excel, PowerPoint, Word, and Project
  • Knowledgeable in various cybersecurity areas such as: Identity and Access Management, Threat Intelligence,  Vulnerability Management, Information Risk and Governance, Security Architecture, Monitoring, Incident Response, Security Strategy, and Cyber - Resiliency.
  • Strong knowledge of security controls for the handling of Personally Identifiable Information (PII) data, regulations and security compliance requirements affecting financial institutions (FFIEC/GLBA)
  • Strong knowledge of NIST CSF highly desired.

#LI-Remote

Working Location Statement

This position has the option to work in one of our key hubs (San Ramon, CA, Tempe, AZ, Omaha, NE) or to work remotely as long as it is in within our 27 state working footprint which includes AZ, CA, CO, FL, GA, ID, IA, IL, KS, MI, MN, MO, NE, NV, NM, NC, ND, OH, OK, OR, SD, TX, UT, WA, WI, WY, NY.

The salary range displayed below is based on a Full-time 40 hour a week schedule.

COLORADO 

Salary Range: $95,000 - $105,000 (Salary offered dependent on location). May be eligible for discretionary annual incentive plan

Benefits: Visit https://www.bankofthewest.com/about-us/careers/benefits.html for benefits information.

Equal Employment Opportunity Policy



Bank of the West is an Equal Opportunity employer and proud to provide equal employment opportunity to all job seekers without regard to any status protected by applicable law. Bank of the West is also an Affirmative Action employer - Minority / Female / Disabled / Veteran.

Bank of the West will consider for employment qualified applicants with criminal histories pursuant to the San Francisco Fair Chance Ordinance subject to the requirements of all state and federal laws and regulations.
Primary Location
United States-Nebraska-General NE
Job Type
Full-time
Job
Security
Reference
063377

Découvrez les métiers de BNP Paribas : Audit, Conformité, Risques et Juridique

Le paysage réglementaire de notre secteur évolue rapidement et nous nous devons d’être irréprochables ! Pour exercer un métier à fortes responsabilités et prendre part à des décisions stratégiques pour le bon fonctionnement de BNP Paribas, découvrez les opportunités offertes dans les métiers de l’audit, de la conformité, des risques et du juridique.

En savoir plus

Pourquoi je candidaterais ?

Pour quelles raisons je rejoindrais BNP Paribas et pas une autre entreprise ?

Parce que je souhaite...

  • Et si on vous disait que travailler dans notre Groupe, ce n’est pas ce que vous croyez ? Chez BNP Paribas, on exerce une multitude de métiers qui évoluent en permanence pour être en phase avec les attentes des clientes et clients comme de la société.

  • Se sentir bien dans son job, c’est avant tout venir travailler comme on est.  C’est aussi avoir les moyens d’un bon équilibre entre sa vie professionnelle et sa vie personnelle. Deux engagements majeurs pour BNP Paribas.

  • Chez BNP Paribas, le développement de vos compétences est essentiel, pour vous comme pour nous. Et cela vous servira pour toute votre vie professionnelle.

En savoir plus