Cyber Security Risk Analyst
- Los Angeles, CA
CNB is seeking an experienced Cybersecurity Risk Analyst who will identify, analyze and report enterprise technology risks for senior business, cybersecurity and information security leadership action. The Analyst will conduct quantitative and qualitative analysis to support the prioritization of tactical and strategic risk mitigation projects and measure progress of technology risk reduction initiatives. The Analyst will create presentations, briefings and communications on technology risk issues for a variety of internal and external stakeholders. The Analyst will develop, collect and report metrics and Key Risk Indicators (KRI) which provide effective, proactive identification of technology risks.
- Collect, analyze and aggregate risk assessment data to create meaningful, actionable risk information for leadership, including recommendations, findings and observations on gaps and priorities.
- Develop management reporting dashboards and presentations with risk analysis finding and conclusions, and maintain these artifacts. Elicit requirements for ad hoc reporting requests, design, develop, and run risk management reports, leveraging eGRC to the extent possible for reporting purposes.
- Analyze risk data to determine correlation with threats, vulnerabilities, business processes and apply quantified and qualified risk levels, considering CNB's risk appetite
- Determine new, and or review existing Key Risk Indicators (KRI) which can be sourced from IT systems, risk assessments, management reports, and audit artifacts. Develop, implement, and maintain all technology KRIs.
- Analyze and determine opportunities for Cybersecurity Risk Management process improvement.
- Work with appropriate risk assessment owners to communicate and articulate assessment or aggregation issues/ findings.
- Minimum 3 years of experience in cybersecurity risk assessment and analysis
- Minimum 3 years of experience with eGRC or equivalent risk or security management system
- Minimum 2 years working for a bank or financial institution
Skills and Knowledge:
- Bachelor's degree in computer science, cybersecurity, information security, or related field is preferred
- Ideal candidate will have experience with internal control frameworks for information technology, information security, IT governance frameworks, and conducting and analyzing cyber risk assessments.
- Demonstrate knowledge and aptitude for methods for scoring, calculating, and quantifying risk.
- Must be able to effectively articulate ideas through verbal and written communications.
- Experience with MS Excel, eGRC systems, such as Archer or RSAM
- Prefer certifications: CISSP, CISA, CRISC, FAIR or related certifications
City National Bank is an Equal Opportunity Employer -- Minorities/Females/Individuals with Disabilities/Veterans.
Note: This preceding job description has been designed to indicate the general nature and level of work performed by employees within this classification. It is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities, and qualifications required of employees assigned to this job.
Note: Candidates should be advised that City National Bank does not pay interviewee travel expenses or relocation expenses for candidates who are hired unless previously agreed.
Equal Opportunity Employer Minorities/Women/Protected Veterans/Disabled
Back to top