The bank for a changing world

We are looking for

Principal Technology Risk Analyst/ Program Manager- Operational Resilience

Apply REF: 049094

At Bank of the West, our people are having a positive impact on the world. We’re investing where we feel we can make the most impact, like advancing diversity and women entrepreneurship programs, financing for more small businesses, and promoting programs for sustainable energy. From our locations across the U.S., Bank of the West is taking action to help protect the planet, improve people’s lives, and strengthen communities. We are part of BNP Paribas, a global leader supporting the UN Sustainable Development Goals (SDGs). Yes, we’re a bank, but as the bank for a changing world, we are continually seeking to improve the ways we help our customers, while contributing to more sustainable and equitable growth.


Purpose Statement

The incumbent will be responsible to lead all ICT aspects of Operational Resilience including proving ‘events’ within a defined process that the bank's technology infrastructure, applications and services meet the internal and external resilience requirements and evolving regulatory demands and directions. This role will focus on the general resilience of our systems, making sure we have the capability to withstand incidents and still maintain our critical services, and developing and managing scenarios exercises to prove that capability.


Job Functions:


  1. Within assignment has a broad range of independence, ensures the ICT Risk Program is working effectively to report on the LOB/support function's ICT risk posture and rein in excessive risks/risky activities.

  2. Undertakes transversal & vertical assessments of exposures, identifying ICT risks, evaluating their potential impact and reviewing the strengths and weaknesses of existing controls.

  3. Work with other risk functions to develop and implement controls that mitigate risks.

  4. Once the controls are in place, continues to monitor control compliance and the prevalent risk environment recommending incremental recommendations for improvement to ensure that exposures are kept at acceptable levels.

  5. Manage the design, delivery, testing and management of Operational Resilience frameworks, standards, associated controls and risk indicators.

  6. Manage assurance/oversight of Operational Resilience directly owned controls and in-directly owned Resilience controls and ensure these controls are tested for operational effectiveness.

  7. Contribute to the design, development and specification of new/redesigned processes, systems, information, risk controls, testing regimes, documentation and supporting materials.

  8. Support the business in identifying (through control testing) Resilience gaps in process, controls and also in remediating these.

  9. Perform relevant 2LoD thematic or issue based deep dives and oversight and risk opinion of major incidents.

  10. Manage Operational Resilience related technology and cyber risk assessments for critical third parties.

  11. Own, track and report on business continuity metrics, issue and change management actions, and post incident documentation including process improvement initiatives.

  12. Contribute to the governance and reporting of Operational Resilience to the Board and senior leadership committees.


  • Bachelor's Degree in IT, Security, Risk Management or related field
  • Master's Degree in Risk Management or IT preferred

Required Experience

  • Practitioner’s experience (10 years minimum) in the area of Information Technology
  • Significant experience (at least 7 years) in the areas of Technology Risk Management, Operational Resilience, Information Security and Crisis Management.


  • Proficiency in IT Service Management, Service Continuity domains
  • Strong Risk mindset with understanding of applicable Technology Risk and Resilience regulatory requirement
  • Experience in conducting technical risk assessments to identify ICT risks and designing mitigation controls in the areas of Information Technology and Information Security.

Equal Employment Opportunity Policy

Bank of the West is an Equal Opportunity employer and proud to provide equal employment opportunity to all job seekers without regard to any status protected by applicable law. Bank of the West is also an Affirmative Action employer - Minority / Female / Disabled / Veteran.

Bank of the West will consider for employment qualified applicants with criminal histories pursuant to the San Francisco Fair Chance Ordinance subject to the requirements of all state and federal laws and regulations.

Primary Location: United States-California-San RamonJob Type: Full-timeJob: Risk Management Reference: 049094