This position provides cybersecurity risk management and expert support at the highest level of cybersecurity governance and oversight for Cyber processes, risks and controls. Creates methods to evaluate potential losses, and develops high-impact solutions to minimize or eliminate risk. Recommends and monitors enhancements to current processes and procedures, performing analysis and reporting in support of strategic objectives. Serves as a resource and may provide a leadership role for the work group through knowledge in the area of specialization.

• Risk Identification and Monitoring - Leads the design and implementation of process evaluation methods, and the development of expert solutions to address identified risks. Works closely with management to ensure risk strategies are effective and compliant. May involve creation, evaluation, and execution of targeted risk assessments to evaluate risk conditions. Maintains a strong knowledge of cybersecurity risk management developments or changes within the organization, industry, and market.
• Reporting - Produces reports based on risk management assessments, data analysis, company trends, and risk factors. Conveys root cause analysis, patterns, problems, and areas of improvement. Enables insight into potential risk exposure, losses and mitigation of identified risks through reporting activities.
• Business Support - Supports cybersecurity processes through a variety of escalated operational tasks. Develops, implements, and ensures continuous improvement of procedures. Acts as a resource to provide guidance to management, including production of documentation, presentations, or other materials to educate on risk policies and procedures. Handles complex technical matters and participates in special projects.
• Remote eligible.
• The base pay for this position is relative to your experience but the range is generally $94,432.00 to $163,682.00 per year. This position is eligible for variable compensation, which may be in the form of incentive, bonus, or commission pay. First Citizens offers a competitive, comprehensive benefits program which you can review here: https://jobs.firstcitizens.com/benefits.

• Bachelor's Degree and 4 years of experience in Cyber Risk management, or Cyber Risk Oversight OR High School Diploma or GED and 8 years of experience in Risk management, or financial analysis, or statistical modeling

Requirements:

• Experience identifying information security risk and partners with key stakeholders to monitor, reduce or eliminate risk
• Experience conducting risk and control activities per the Enterprise Risk Management Program and Regulatory requirements
• Experience executing cyber risk management procedures for required assessments, open high risks, root cause analysis, action plan development, remediation documentation and monitoring
• Experience reviewing emerging risks concerns and provides early warning indicators on key risks
• Impeccable written and oral communication skills with ability to influence strategic objectives

Preferred Qualifications:

• 7-10 years of experience in risk management leading risk assessments (FFICE CAT, GLBA, NIST CSF, PCI, ISO, Cyber Security Management)
• 3+ years of experience at Large Financial Institution
• CISSP, CISA, CISM or CRISC certification
• Broad knowledge and understanding of cybersecurity risks and controls, including a strong understanding of IT infrastructure, cloud computing, mobile technologies, and cybersecurity technologies.
• Extensive knowledge and subject matter expertise in managing cybersecurity risk in an institutional setting including the related rules and regulations of the financial services industry to include applicable Interagency Guidance, NIST, CSA, FFIEC, OCC, FRB, state law and other pertinent regulations.
• In-depth practical knowledge of internal controls, risk assessments and operational and cybersecurity processes, and applicable techniques for implementation of regulatory, cybersecurity, and legal requirements and operational processes.
• Strong project management and/or continuous improvement skills.