Bank of the West Sr Cybersecurity Analyst - GRC in Omaha, Nebraska
Sr Cybersecurity Analyst - GRC
What sets Bank of the West apart from other banks is our team members–they embody the optimistic spirit of the West. There is a spirit here that drives us to do more. Our team of more than 10,000 employees is vital to the success of our Bank. They reflect our modern western values—straightforward, entrepreneurial and optimistic. We seek to create a corporate culture that fosters and rewards excellence, encourages creative thinking and respects diversity – an environment where team members are engaged, supportive of one another and enthusiastic about serving our customers. Bank of the West offers the stability of a company that has a 135 year history and is part of BNP Paribas, a European leader in global banking and financial services and one of the 6 strongest banks in the world. We offer opportunities across our diverse business lines – Retail Banking, Commercial Banking, National Finance, and Wealth Management.
Risk and Compliance (GRC) Sr. Cybersecurity Analyst is responsible for
performing audits of the Bank’s information security controls through desktop
reviews and inspections of policies, audit reports, and evidence of security
and business resiliency controls to validate operational effectiveness and
identify gaps. Responsible for coordinating, developing, and managing
controlling workflow activities and deadlines; maintaining, organizing, and
gathering information. Collaborates with colleagues, management and business
partners to identify risks within the Bank to enhance the security controls and
protect Bank sensitive data.
Creates and manages the appropriate artifacts throughout theinitiative lifecycle of Corporate Security’s efforts.
Ensures work effort dependencies, assumptions, risks and issuesare defined, documented and communicated to the appropriate lead and/stakeholder.
Leads risk assessments to identify risks to security and businessresiliency controls. Documents overall effectiveness of operational controlswithin the Bank.
Leads audits of the Bank’s IT and Security controls to assess theeffectiveness.
Directs, counsels and instructs Jr Analysts assigned to assist on GRCprojects and review their work for technical proficiency, reasonableness andadequacy of documentation
Reviews internal and external security and technical test reports(audit, vulnerability and penetration test results, business resiliency Plans,etc.) to validate the effectiveness of operational controls.
High School Diploma or GEDRequired
Bachelor's Degree Business,Computer Science, Information Assurance, Management Information Systems orrelated field
3 - 5 years in Risk Management,Business Analytics, Information Security, IT Audit, or related field.
Prior IT audit experience inpublic accounting or internal audit preferred
CISA, CISM, CRISC or CISSPcertification(s) required
Strong written and verbalcommunication skills for report writing, business requirement proposals,technical policies, and methodology documentation.
Sound interpersonal,negotiation, and influencing skills; ability to facilitate discussionsaround complex issues and bring them to resolution
Solid analytical andproblem-solving skills coupled with thoroughness and attention to detailis highly desired.
Good understanding of industrypractices and metric reporting fundamentals.
Ability to adjust to rapidlychanging security environment, prioritize deliverables and manageworkflow.
Ability to exercise soundjudgment and make effective recommendations to management
Ability to optimize andcondense information and transform data into easily understandableconcepts.
Solid understanding offinancial industry, risk management, and/or corporate security.
Basic technical skills in MSExcel, PowerPoint, Word, and Project Knowledgeable in variouscybersecurity areas such as: Identity and Access Management, Threat andVulnerability Management, Information Risk and Governance, ITArchitecture, Monitoring, Incident Response and Security Strategy, PhysicalSecurity and/or Business Resiliency.
Good knowledge of securitycontrols for the handling of Personally Identifiable Information (PII)data, regulations and security compliance requirements affecting financialinstitutions (FFIEC/GLBA)
Familiar with assessmentframeworks/standards (i.e. ISO/27000 Series, BITS SIG/SAS-70/SSAE-16,COBIT/SOX IT Control Testing, NIST, PCI-DSS
Equal Employment Opportunity Policy
Bank of the West is an Equal Opportunity employer and proud to provide equal employment opportunity to all job seekers without regard to any status protected by applicable law. Bank of the West is also an Affirmative Action employer - Minority / Female / Disabled / Veteran.
Bank of the West will consider for employment qualified applicants with criminal histories pursuant to the San Francisco Fair Chance Ordinance subject to the requirements of all state and federal laws and regulations.
Location: United States-Nebraska-Omaha
Requisition ID: 040412