First Citizens Bank

Compensation

Full Description

Overview This is a remote role that may be hired in several markets across the United States. We are seeking an experienced cybersecurity risk professional to report to the Director of Cyber Operations Risk Oversight. This role is critical in implementing and advancing oversight of a robust cybersecurity risk framework, ensuring alignment with regulatory requirements and corporate objectives. The ideal candidate will have demonstrated experience in risk management frameworks and a strong background in cybersecurity and technology risk, including performing targeted risk reviews, data analysis, and risk reporting. This position requires strong initiative, strategic thinking, and collaboration skills to support risk management efforts across the bank. This role has key responsibilities for implementing organizational change through the development and execution of Enterprise Risk Management (ERM) and Operational Risk Management (ORM) frameworks. • Executes monitoring activities for cybersecurity metrics, data, and reporting that enhances the identification of risk • Responsible for the review and effective challenge of issues, new products and services, enterprise standards, and material risk-related efforts. • Develops collaborative, influential relationships in the business, First Line risk teams and other ORM teams to enhance cross-functional risk management capabilities. Responsibilities • Risk Management • Conducts targeted risk reviews to identify and evaluate potential security risks in enterprise cyber processes and systems • Prepares written effective challenge memos for issues, new products and services, enterprise standards, and material risk-related efforts to ensure key risks are identified and dispositioned to limit organizational risk. • Monitors and evaluates the effectiveness of implemented controls, contributes to recommendations for control improvements, and monitors control failures through remediation. • Analyzes complex issues and develops risk mitigation strategies in alignment with broader organizational goals. • Identifies and escalates emerging risk through execution of the bank’s risk management frameworks. • Stays current on emerging cybersecurity risks, regulatory updates, and industry trends • Business Support • Provides risk expertise and support for business programs and initiatives. • Serves as an advisor on risk best practices, processes and regulatory requirements. • Establishes and maintains strong relationships with stakeholders across cross-functional teams to ensure compliance with legal, compliance and regulatory standards. Qualifications • Bachelor's Degree and 6 years of experience in Enterprise Risk or Operational Risk, and Project Management or Internal/External Consulting OR High School Diploma or GED and 10 years of experience in Enterprise Risk or Operational Risk, and Project Management or Internal/External Consulting Preferred Qualifications • Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified in Risk and Information Systems Control (CRISC), Certified Information Systems Auditor (CISA) • At least 4 years of experience in cyber or technology risk management, internal audit, or regulatory governance in a large-scale financial institution or big four public accounting firm • Strong written and oral communication skills with the ability to influence both technical and non-technical audiences • Knowledge of risk techniques, practices, and risk and process frameworks such as COBIT, COSO, NIST CSF, FFIEC CAT • Expertise with MS-Office suite (e.g., Excel, PowerPoint, Word) • Exposure to Archer GRC platform This job posting is expected to remain active for 5 days from the initial posting date listed above. If it is necessary to extend this deadline, the posting will remain active as appropriate. Job postings may come down early due to business need or a high volume of applicants. The base pay for this position is generally between $145,000 and $165,000. Actual starting base pay will be determined based on skills, experience, location, and other non-discriminatory factors permitted by law. For some roles, total compensation may also include variable incentives, bonuses, benefits, and/or other awards as outlined in the offer of employment. First Citizens benefits programs are designed to meet our associates where they are in life. Full-time associates (20+ hours) are offered a comprehensive benefits program, with customized offerings, including those designed to support families, however defined. More information regarding our benefits offerings can be found here: https://jobs.firstcitizens.com/benefits