Description
IT RISK & CONTROL SENIOR ANALYST WHAT IS THE OPPORTUNITY? The IT Risk Senior Analyst is a subject-area specialist with specialized training, methods and analytic techniques to create recommendations and directions for cyber risk mitigation in a complex technical environment. ITRM Security Senior Analyst will conduct fit for purpose review and challenges of internal IT controls to ensure consistency with internal policies and standards. Additionally, conduct process/risk/control (PRC) reviews to evaluate and overall control program effectiveness in mitigating risk. The ITRM Senior Analyst's goal is to create actionable information for IT and business leadership, and to provide objective assessment of cyber security controls for auditors, regulators and external parties. This requires routinely performing review and challenge reviews against 1LOD testing practices specific to T&I controls, authoring detailed reports and gathering metrics ensure stakeholders receive accurate and complete information. The ITRM Senior Analyst keeps abreast of external cyber security trends, technologies and cyber risk management approaches, and often works with other teams on cyber risk-related initiatives to provide subject-matter recommendations and guidance to achieve a posture within the bank's overall risk appetite. This is an advanced senior professional with wide range of experience who uses professional concepts and to resolve complex issues in creative and effective ways. Serves as an expert in own discipline or area of specialization, works on complex issues where analysis of situations or data requires an in-depth evaluation of variable factors WHAT WILL YOU DO?
- Perform fit for purpose review and challenges specific to IT (T&I) controls tested by 1LOD Testing team against Governing Principles and applicable Policies and Standards. Reviews are specific to Test of Design (ToD) and Test of Effectiveness (ToE).
- Provide guidance to 1LOD colleagues to ensure testing practices meet internal standards.
- Conduct Process/Risk and Control (PRC) reviews against IT control descriptions to ensure they meet requirements.
- Support regulatory requirements and deliverables as needed.
- Define analysis objectives, collect data from internal and external sources, and evaluate/analyze data to provide objective information on cyber risks for IT and business management with both summary and detailed reporting
- Participate in other projects and duties as needed or requested
- Bachelor's Degree or equivalent
- Minimum of 12 years' experience in Information/Cyber Security field
- Minimum of 6 years' experience in cyber security operations, incident response, IT risk management or investigations
- Demonstrated experience analyzing IT control testing attributes and evidence to properly evaluate and conclude control effectiveness
- Prior IT Control Audit experience is strongly preferred
- Experience in banking/financial industry specific to technology is strongly preferred
- Demonstrated knowledge of financial regulation and control frameworks applicable to cyber security or IT risk
- Demonstrated experience with Industry or subject specific analysis or assessment frameworks is highly desired (FAIR, NIST CSF, etc.)
- Demonstrated knowledge of cyber security landscape -- threats, trends, technologies
- Excellent communication and interpersonal skills. Including a strong ability to create positive and professional business relationships with internal clients.
- Strong commitment to working as a team and providing excellent customer service.
WHAT'S IN IT FOR YOU? Compensation Starting base salary: $101,231 - $172,355 per year. Exact compensation may vary based on skills, experience, and location. This job is eligible for bonus and/or commissions.
Benefits and Perks At City National, we strive to be the best at whatever we do, including the benefits and perks we offer our colleagues including:
- Comprehensive healthcare coverage, including Medical, Dental and Vision plans, available the first of the month following start date
- Generous 401(k) company matching contribution
- Career Development through Tuition Reimbursement and other internal upskilling and training resources
- Valued Time Away benefits including vacation, sick and volunteer time
- Specialized health and family planning benefits including fertility benefits, and cancer, diabetes and musculoskeletal support programs
- Career Mobility support from a dedicated recruitment team
- Colleague Resource Groups to support networking and community engagement
ABOUT US Since day one we've always gone further than the competition to help our clients, colleagues and communities flourish. City National Bank was founded in 1954 by entrepreneurs for entrepreneurs and that legacy of integrity, community and unparalleled client relationships continues today. City National is a subsidiary of Royal Bank of Canada, one of North America's leading diversified financial services companies. To learn more about City National and our dynamic company culture, visit us at About Us.
INCLUSION AND EQUAL OPPORTUNITY EMPLOYMENT City National Bank fosters an inclusive environment where all forms of diversity are valued and leveraged to make us a better company and employer. We are an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sexual orientation, gender identity, national origin, disability, veteran status or other basis protected by law.
It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability.
*Represents basic qualifications for the position. To be considered for this position, you must at least meet the required qualifications. careers.cnb.com accepts applications on an ongoing basis, until filled.
#CA-DK
#LI-DK
Apply on company website
Find Connections via Linkedin
