IT Risk

IT RISK & CONTROL ASSOCIATE ANALYSTWHAT IS THE OPPORTUNITY?"The IT Risk Controls Associate Analyst is a subject-area specialist with specialized training, methods and analytic techniques to create recommendations and directions for cyber risk mitigation in a complex technical environment. Focus areas of security assessment by the ITRC Security Associate Analyst includes third party security and overall security program effectiveness in mitigating risk. The ITRC Associate 's goal to create actionable information for IT and business leadership, and to provide objective assessment of cyber security risks for auditors, regulators and external parties. This requires routinely authoring detailed reports and gathering metrics ensure stakeholders receive accurate and complete information. The ITRC keeps abreast of external cyber security trends, technologies and cyber risk management approaches, and often works with other teams on cyber risk-related initiatives to provide subject-matter recommendations and guidance to achieve a posture within the bank's overall risk appetite. Developing professional expertise and continues to acquire higher levels of knowledge and skill in own disciplineWorks on problems of limited to moderate scope where analysis of situations or data may be required."WHAT WILL YOU DO?Define analysis objectives, collect data from internal and external sources, and evaluate/analyze data to provide objective information on cyber risks for IT and business management with both summary and detailed reportingAssess risk within-subject specialty area to evaluate the design and effectiveness of security controlsProvide insight and guidance to IT software and hardware upgrades and other projects to ensure production environments meet and exceed minimum security standards and will effectively counter cyber threatsCreate new and maintain process and procedural documentation for various risk analysis and risk assessment activities; Highlight industry-based methodologies, techniques, or standards (FAIR, NIST, FFIEC, etc.) used as the basis for analysis effortsParticipate in other security support projects and duties as needed or requestedWHAT DO YOU NEED TO SUCCEED?Required Qualifications*Bachelor's Degree or equivalentMinimum of 1 year experience in Information/Cyber Security field or equivalent training in cyber security operations, incident response, risk analysis or investigationsAdditional QualificationsDemonstrated experience analyzing complex cyber security data sets within subject area specialtyDemonstrated knowledge of cyber security landscape -- threats, trends, technologiesDemonstrated knowledge of financial regulation and control frameworks applicable to cyber security or IT riskExcellent communication and interpersonal skills. Including a strong ability to create positive and professional business relationships with internal clients.Strong commitment to working as a team and providing excellent customer service.Exposure to banking or equivalent highly controlled technology environment is preferredMasters' degree in business, computer science or related field preferredSecurity certifications (CISSP, GSEC, etc.) are highly desired.Demonstrated experience with Industry or subject specific analysis or assessment frameworks is highly desired (FAIR, NIST CSF, etc.)Experience in banking/financial industry is strongly preferredFormalized training in cyber security analysis or assessment techniques""Demonstrated experience analyzing complex cyber security data sets within subject area specialtyDemonstrated knowledge of cyber security landscape -- threats, trends, technologiesDemonstrated knowledge of financial regulation and control frameworks applicable to cyber security or IT riskExcellent communication and interpersonal skills. Including a strong ability to create positive and professional business relationships with internal clients.Strong commitment to working as a team and providing excellent customer service.Exposure to banking or equivalent highly controlled technology environment is preferredMasters' degree in business, computer science or related field preferredSecurity certifications (CISSP, GSEC, etc.) are highly desired.Demonstrated experience with Industry or subject specific analysis or assessment frameworks is highly desired (FAIR, NIST CSF, etc.)Experience in banking/financial industry is strongly preferredFormalized training in cyber security analysis or assessment techniquesWHAT'S IN IT FOR YOU?CompensationStarting base salary: $65,000 - $95,000 per year. Exact compensation may vary based on skills, experience, and location. This job is eligible for bonus and/or commissions.Benefits and PerksAt City National, we strive to be the best at whatever we do, including the benefits and perks we offer our colleagues including:Comprehensive healthcare coverage, including Medical, Dental and Vision plans, available the first of the month following start dateGenerous 401(k) company matching contributionCareer Development through Tuition Reimbursement and other internal upskilling and training resourcesValued Time Away benefits including vacation, sick and volunteer timeSpecialized health and family planning benefits including fertility benefits, and cancer, diabetes and musculoskeletal support programsCareer Mobility support from a dedicated recruitment teamColleague Resource Groups to support networking and community engagementGet a more detailed look at our Benefits and Perks.ABOUT USSince day one we've always gone further than the competition to help our clients, colleagues and communities flourish. City National Bank was founded in 1954 by entrepreneurs for entrepreneurs and that legacy of integrity, community and unparalleled client relationships continues today. City National is a subsidiary of Royal Bank of Canada, one of North America’s leading diversified financial services companies. To learn more about City National and our dynamic company culture, visit us at About Us.INCLUSION AND EQUAL OPPORTUNITY EMPLOYMENTCity National Bank fosters an inclusive environment where all forms of diversity are valued and leveraged to make us a better company and employer. We are an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sexual orientation, gender identity, national origin, disability, veteran status or other basis protected by law.It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability.*Represents basic qualifications for the position. To be considered for this position, you must at least meet the required qualifications. careers.cnb.com accepts applications on an ongoing basis, until filled. Unless otherwise indicated as fully remote, reporting into a designated City National location is an essential function of the job.