Business Unit Risk Advisor I - Cyber Data Protection (DP)

Truist Bank•Raleigh, NC

1d•Onsite

About The Position

The Cyber Data Protection (DP) Business Unit Risk Advisor I serves as a first line of defense partner to Business Unit (BU) leadership, providing end to end risk management support for the Risk Management Organization (RMO). This role executes, facilitates, and monitors risk program requirements—such as RCSA, KRIs, and other control activities—for Data Protection while offering risk guidance and influence to assigned business areas. Key responsibilities include identifying existing and emerging cyber and operational risks, assessing their potential impact, supporting mitigation or acceptance decisions, and developing effective monitoring processes. The advisor also aggregates and reports BU risks, identifies weaknesses stemming from processes, people, systems, or external events, and opines on appropriate remediation to ensure timely and effective resolution. The ideal candidate brings formal risk management experience along with a foundational understanding of cybersecurity disciplines, including Cyber Operations, Cyber Technology, Data Loss Prevention, Encryption, and Data Classification Scanning & Tagging.

Requirements

Bachelor’s degree in Accounting, Business, Finance or related field, or equivalent education and related training.
6+ years of experience in a financial institution with emphasis on risk management or equivalent work experience and training, and/or equivalent education, training and experience.
Experience in compliance and operational risk mitigation and remediation.
Strong communication, interpersonal, presentation and negotiation skills.
Proven leadership and management skills.
Strong analytical, problem solving and decision-making skills in complex environments and with senior leadership.
Strong time management and organizational skills adaptable to a dynamic and complex work environment; Capable of handling multiple projects concurrently.
Demonstrated proficiency in basic computer applications, such as Microsoft Office software products.
Ability to travel, occasionally overnight.

Responsibilities

Serve as the Data Protection risk Subject Matter Expert (SME), providing guidance on regulations, policies, privacy‑by‑design principles, data‑handling obligations, and risk program requirements.
Partner with first- and second-line teams to identify, assess, escalate, and remediate risk control gaps; ensure alignment with Enterprise Risk Management standards.
Participate in designing new controls, support control testing, validation, and tuning.
Assess and challenge existing portfolio of Business Unit controls, identify weaknesses, and evaluate remediation efforts for adequate resolution.
Monitor KPIs/KRIs related to Data Protection; escalate deficiencies and open Management Self‑Identified Issues (MSIs) when necessary.
Review and challenge Data Protection model updates, detection strategies, and risk decisions to ensure alignment with risk appetite and industry trends.
Aggregate, analyze, and communicate risk results to stakeholders; escalate material concerns to BU leaders and governance committees.
Oversee adherence to risk appetite limits, including risk identification, prioritization, and acceptance for current and emerging risks.
Provide risk management expertise for strategic initiatives; promote consistent practices and support a strong privacy and risk culture across the enterprise.
Monitor, report, and maintain processes related to emerging risks, regulatory expectations, and enterprise risk‑monitoring requirements.
Coordinate and prepare materials for regulatory exams, audits, working groups, and committee meetings.
Develop and maintain strong relationships with first-, second-, and third‑line partners; collaborate on risk documentation, remediation plans, monitoring, and closure validation.
Conduct root-cause analysis for control weaknesses or threshold breaches; identify governance exceptions, issues, and controls for an aggregate risk view.
Communicate and present risk materials in various forums; provide training and awareness to promote positive risk management behaviors.
Deliver regular risk reporting to drive visibility into holistic risk exposure.
Perform additional activities and special projects as required.

Benefits

All regular teammates (not temporary or contingent workers) working 20 hours or more per week are eligible for benefits, though eligibility for specific benefits may be determined by the division of Truist offering the position.
Truist offers medical, dental, vision, life insurance, disability, accidental death and dismemberment, tax-preferred savings accounts, and a 401k plan to teammates.
Teammates also receive no less than 10 days of vacation (prorated based on date of hire and by full-time or part-time status) during their first year of employment, along with 10 sick days (also prorated), and paid holidays.
For more details on Truist’s generous benefit plans, please visit our Benefits site.
Depending on the position and division, this job may also be eligible for Truist’s defined benefit pension plan, restricted stock units, and/or a deferred compensation plan.
As you advance through the hiring process, you will also learn more about the specific benefits available for any non-temporary position for which you apply, based on full-time or part-time status, position, and division of work.

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume