Job Description
At Bank of the West, our people are having a positive impact on the world. We’re investing where we feel we can make the most impact, like advancing diversity and women entrepreneurship programs, financing for more small businesses, and promoting programs for sustainable energy. From our locations across the U.S., Bank of the West is taking action to help protect the planet, improve people’s lives, and strengthen communities. We are part of BNP Paribas, a global leader supporting the UN Sustainable Development Goals (SDGs). Yes, we’re a bank, but as the bank for a changing world, we are continually seeking to improve the ways we help our customers, while contributing to more sustainable and equitable growth.
Job Description Summary
FOR GRC & SECUIRITY THIRD PARTY PROVIDER: Responsible for performing analysis of the third party providers through desktop reviews and inspections of policies, audit reports, and evidence of security and business resiliency controls to validate operational effectiveness and identify gaps. Responsible for coordinating, developing, and managing controlling workflow activities and deadlines; maintaining, organizing, and gathering information; and coaching peers on assigned tasks. Collaborates with colleagues, management and business partners to identify risks within the Third Party Providers to enhance the security controls and protect Bank sensitive data.
FOR OTHER: Responsible for managing Security initiatives. Scope of initiatives may include (but is not limited to) optimizing process, conducting risk assessments, partnering with management to define the strategic roadmap for security awareness and training program, managing of compliance and regulatory efforts, or identifying emerging solutions. Manage the development of project plans and business requirements to support cybersecurity objectives. Responsible for coordinating, developing, and managing to deadlines. May coach peers on assigned tasks.
Essential Job Functions
- Creates and manages the appropriate artifacts throughout the initiative lifecycle of Corporate Security’s efforts.
- Ensures work effort dependencies, assumptions, risks and issues are defined, documented and communicated to the appropriate lead and/ stakeholder.
- Conducts risk assessments to identify risks to security and business resiliency controls. Documents overall effectiveness of operational controls within the Bank and/or Third Party Providers.
- Conducts desk reviews and inspection of security assessments for the Bank and/or Third Party Providers.
- Reviews internal and external security and technical test reports (audit, vulnerability and penetration test results, business resiliency Plans, etc.) to validate the effectiveness of operational controls.
- Facilitates and manages risk assessments and /or security initiatives from communication, approval and report distribution to key stakeholders, business units and management.
- Facilitates and manages risk assessments and /or security initiatives from communication, approval and report distribution to key stakeholders, business units and management.
Other Job Duties
- Research industry trends and best practices. Keeping abreast of all industry trends and emerging cybersecurity threats.
Job Qualifications
Education
- High School Diploma or GED Required
- Bachelor's Degree Business, Computer Science, Information Assurance, Management Information Systems or related field
Skills
- Strong written and verbal communication skills for report writing, business requirement proposals, technical policies, and methodology documentation.
- Sound interpersonal, negotiation, and influencing skills; ability to facilitate discussions around complex issues and bring them to resolution
- Solid analytical and problem-solving skills coupled with thoroughness and attention to detail is highly desired.
- Good understanding of industry practices and metric reporting fundamentals.
- Ability to adjust to rapidly changing security environment, prioritize deliverables and manage workflow.
- Ability to exercise sound judgment and make effective recommendations to management
- Ability to optimize and condense information and transform data into easily understandable concepts.
- Solid understanding of financial industry, risk management, and/or corporate security.
- Basic technical skills in MS Excel, PowerPoint, Word, and Project Knowledgeable in various cybersecurity areas such as: Identity and Access Management, Threat and Vulnerability Management, Information Risk and Governance, IT Architecture, Monitoring, Incident Response and Security Strategy, Physical Security and/or Business Resiliency.
- Good knowledge of security controls for the handling of Personally Identifiable Information (PII) data, regulations and security compliance requirements affecting financial institutions (FFIEC/GLBA)
- Familiar with assessment frameworks/standards (i.e. ISO/27000 Series, BITS SIG/SAS-70/SSAE-16, COBIT/SOX IT Control Testing, NIST, PCI-DSS
Equal Employment Opportunity Policy
Bank of the West is an Equal Opportunity employer and proud to provide equal employment opportunity to all job seekers without regard to any status protected by applicable law. Bank of the West is also an Affirmative Action employer - Minority / Female / Disabled / Veteran.
Bank of the West will consider for employment qualified applicants with criminal histories pursuant to the San Francisco Fair Chance Ordinance subject to the requirements of all state and federal laws and regulations.
Primary Location
United States-California-General CA
Job
Security
Job Posting
May 3, 2022, 6:01:33 PM