Information Security Risk Specialist

American Riviera Bank
4h
Match Resume

About The Position

The Information Security Risk Analyst plays a critical role in supporting the Bank’s Information Security Program by assisting with policy development, administration, and procedural documentation to ensure compliance with regulatory and legal requirements as well as internal standards. This position collaborates with the Chief Risk Officer and other internal stakeholders to identify and assess business and technology risks, perform annual risk assessments for cybersecurity and information technology, and recommend enhancements to internal controls. The analyst is responsible for monitoring alerts from data loss prevention systems, conducting periodic tests, summarizing results, and providing detailed reports to stakeholders to support informed decision-making and corrective action. The analyst participates in the Bank’s Change Management Committee, helps oversee change management processes through formal testing, and assists with gap analyses and privacy risk assessments as required by state laws. The Information Security Risk Analyst actively monitors and enforces Bank policies and procedures, implements solutions to address identified risks, and fosters operational resilience and ongoing compliance with banking regulations.  Additionally, the Information Security Risk Analyst analyzes risk metrics and assists in the administration of the Bank’s risk management program, communicates and interprets compliance rules and regulations to Bank employees, and researches regulatory issues as they arise. Maintains a thorough knowledge of federal and state regulations to assist in researching, preparing, implementing, maintaining, developing, and tracking Bank compliance for new and existing products and services. Implements and maintains monitoring disciplines, escalation, and reporting standards.

Requirements

  • Bachelor’s degree in law or business administration, or a related field or equivalent related experience.
  • At least 5 years in a Risk Management, Security , Audit and/or in a similar role with subject matter expertise in privacy rules and regulations. A master’s degree and/or relevant certifications (e.g., CISSP or CISM) would be a plus.
  • Familiarity with security systems, including firewalls, intrusion detection systems, anti-virus software, authentication systems, log management, content filtering.
  • Excellent analytical, organizational, critical thinking, and presentation skills. Proficiency in creating and delivering presentations to various stakeholders.
  • Strong verbal and written communication skills, with experience in interacting with Board members and senior leadership; ability to communicate effectively and project a professional image when giving and taking information in writing, in person and over the phone.
  • Proven track record in implementing or significantly contributing to an information security program (or equivalent), with specific experience in banking.
  • Good interpersonal skills with the ability to effectively work with individuals and groups at all organization levels; ability to work independently and as part of a team.
  • Ability to take initiative and prioritize tasks; excellent time-management, problem-prevention, and problem-solving skills.
  • Ability to maintain confidentiality of sensitive information.
  • Proficiency in Microsoft office and other Windows-based systems required.
  • Experience and education in meeting requirements of state and federal banking laws and regulations.

Nice To Haves

  • A master’s degree and/or relevant certifications (e.g., CISSP or CISM) would be a plus.

Responsibilities

  • Assists with the Bank’s Information Security Program, including policy administration and procedural writing.
  • Participates with the Chief Information Security Officer and/or leads internal Bank meetings and discussions as it relates to identifying security requirements using methods that may include risk and business/security impact assessments. Collaborates with internal stakeholders across sales, marketing, credit, legal, finance, compliance, operations, and executive management to integrate changes into existing business processes.
  • Assists the Chief Risk Officer in assessing and evaluating business and technology risks, internal controls which mitigate risks, and related opportunities for internal control improvement through annual risk assessments of cybersecurity, information security, and information technology.
  • Collaborates with operational and business units to accurately classify consumer data, thoroughly document the application of automated decision-making models, and perform comprehensive risk assessments and reporting to ensure compliance with California law. Proactively identify gaps and drive the implementation of effective risk mitigation strategies to maintain alignment with the Bank’s tolerance for risk.
  • Responsible to conduct periodic monitoring, including summarizing results of tests and making recommendations for corrective action to address any exceptions noted.
  • Works with Chief Risk Officer to oversee the change management process, ensuring operational readiness through formal pre- and post-implementation testing. Participates as a member on the Bank’s Change Management Committee.
  • Assists Chief Technology Officer to design secure infrastructure solutions and applications, facilitating the implementation of protective and mitigating controls.
  • Coordinates BCP/DR/BIA exercises and annual updates to plans.
  • Regularly cooperates with, responds to, and collaborates on solutions to findings from external partners as engaged by the Bank to perform audits, address compliance with regulatory and compliance issues and updates, and consult on risk management issues.
  • Assists during examinations or audits (both internal and external), including following up on and assisting in resolving issues. Monitors and follows up on outstanding audit and examination findings.
  • Prepares for and ensures Board and Management approval for new initiatives, including completing necessary risk assessments.
  • Participates in security investigations and compliance reviews as requested by external auditors
  • Monitors risk mitigation and coordinating policy and controls to ensure effective remediation steps
  • Conducts and reports on internal investigations of possible security violations
  • Produces reports and conducts initial review and circulates for secondary review and approval.
  • Helps to develop security awareness training programs and ensures compliance with required curriculum.
  • Reviews activity logs and reports from various data loss prevention systems to clear false positives and respond to incidents.

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume

What This Job Offers

Job Type

Full-time

Career Level

Mid Level

Job Search Resources

Similar Information Security Risk Specialist job opportunities

Information Security Risk Specialist
Booz Allen Hamilton
Booz Allen Hamilton • Usa, VA11d • $99,000 - $225,000
Information Security Risk Officer
Banco de Credito e Inversiones
Banco de Credito e Inversiones • Miami, FL13d
Information Security Risk Analyst
Blue Cross Blue Shield of Massachusetts
Blue Cross Blue Shield of Massachusetts • Hingham, MA5d
Technical Specialist-Information Security Governance, Risk & Compliance
CECONY
CECONY • New York, NY6d
Technical Specialist-Information Security Governance, Risk & Compliance
ConEdison
ConEdison • New York, NY6d
Information Security Specialist
Booz Allen Hamilton
Booz Allen Hamilton • Oklahoma City, OK5d • $99,000 - $225,000
Explore More Jobs

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service