Senior Information Security Analyst (Remote)

Overview

As the Senior Information Security Analyst, Cyber Third-Party Risk Management (TPRM) in First Citizens Bank's Enterprise Cyber Security Office's Governance Risk and Compliance team (ECSO GRC) you will execute high-priority enterprise-level cyber initiatives, influence across the organization, and drive the implementation of our Cyber TPRM strategy. Specifically, in this position, you will collaborate closely with associates and stakeholders across all lines of defense, lines of business, and other risk management teams to perform and support the work related to further maturing risk management practices. This includes leading and implementing Cyber TPRM tools and frameworks to identify, assess, monitor and reduce third-party cyber risk across the enterprise. This role will be responsible for big picture thinking and partnering across teams to develop and support best-in-class industry risk solutions in a manner that supports innovation and protects our customers, shareholders, and associates. Your contributions will drive organizational change through risk identification, measurement, analysis, and reporting in order to better manage the company's cyber risk in an open and collaborative environment.

Responsibilities

• Design and implement new reporting and metrics that will help measure and quantify third party cyber risk across the enterprise. This will require collecting data from multiple systems and identifying new data sources and developing plans to acquire new data.
• A sound knowledge of the industry and TPRM experience will be applied to assist leadership with ongoing strategic efforts, such as: integration with surrounding functions and systems, program facilitation and reporting capabilities and associated KPIs, and implementation of additional program automation and identified development opportunities.
• Lead the development and expansion of our third-party continuous monitoring capabilities. Build integration points with other areas within Cyber and other supporting TPRM functions to provide reporting that is beneficial and helps manager third party cyber risk.

• Develop and implement new third-party oversight activities moving away from point in time assessments and identifying other ways to reduce third party risk. Identify tools currently within the organization or support the evaluation of new products.

Qualifications

Bachelor's Degree and 7 years of experience in Information Technology Security, Operations, Risk Management, or Audit OR High School Diploma or GED and 10 years of experience in Information Technology Security, Operations, Risk Management, or Audit

• Experience working directly in the Third Party Risk Management Program in a regulated industry in a position focused on driving and delivering on strategic improvements.
• Proven track record in leading large projects involving multiple stakeholders and influencing other business units to help support the successful delivery.
• Broad knowledge and understanding of cybersecurity risks and controls, including IT infrastructure, cloud computing, mobile technologies, and cybersecurity domains
• Experience with building out Third Party lifecycle activities in emerging risks such as Artificial Intelligence or new regulatory requirements.
• Proven experience in risk reporting and analytics, with strong data interpretation and communication skills.
• Strong understanding of the financial services industry, operational processes, and risk mitigation techniques.
• Possess relevant certifications such as CISSP, CISA, CISM, CRISC, CIA or equivalent

Benefits are an integral part of total rewards and First Citizens Bank is committed to providing a competitive, thoughtfully designed and quality benefits program to meet the needs of our associates. More information can be found at