Senior Cyber Sec Risk Analyst

City National Corporation Los Angeles , CA 90009

Posted 2 months ago

CNB is seeking an experienced Senior Cybersecurity Risk Analyst who will identify, analyze and report enterprise technology risks for executive level business, cybersecurity and information security leadership. The Senior Analyst's work product will be shared with the Audit and Risk Committee, Royal Bank of Canada, and CNB's regulators. The Senior Analyst will perform quantitative and qualitative analysis to support the prioritization of risk mitigation projects, measure progress of technology risk reduction initiatives, and identify areas with high residual risk. The Senior Analyst will create presentations, briefings and communications on technology risk issues for a variety of internal and external stakeholders. The Senior Analyst will also perform challenge and oversight of the First Line of Defense as a member of the Second Line of Defense, and will develop, collect and report metrics, Key Risk Indicators (KRI), and maintain CNB's risk register.


  • Manage the risk assessment process, ensure assessments are completed in a timely manner, are appropriately scoped, and provide assurance through management control testing, including applications, data centers, databases, and infrastructure.

  • Have primary responsibility for architecting the risk assessment system to ensure all necessary inputs, modules, and reports are implemented to automate to the extent reasonably possible.

  • Translate complex regulations into clear, easily understood regulatory requirements and desired outcomes; perform gap analysis.

  • Map regulatory requirements across regulations to identify overlapping requirements and compliance efficiencies.

  • Track regulatory compliance and maintain up to date records of requirements and corresponding mitigating controls.

  • Ensure that CNB's IT policies and standards comply with regulations; work with the Policy and Standards Committee when policies need to be updated or created.

  • Work with business units to ensure controls are effective and appropriately address the relevant regulatory and security requirements they address.

  • Complete credible challenge and oversight of the first line of defense (the business functions) as a member of the second line of defense.

  • Coordinate with other compliance functions -- like Audit, Legal, Enterprise Risk, and Privacy -- to track compliance across the organization and pool expertise on vague or complex regulatory requirements.

Basic Qualifications:

  • Minimum 7 years of experience in cybersecurity risk assessment and analysis

  • Minimum 4 years of experience with eGRC or equivalent risk or security management system

  • Minimum 4 years working for a bank or financial institution

Skills and Knowledge:

  • Bachelor's degree in computer science, cybersecurity, information security, or related field is preferred

  • Ideal candidate will have experience with internal control frameworks for information technology, information security, IT governance frameworks, and conducting and analyzing cyber risk assessments.

  • Demonstrate knowledge and aptitude for methods for scoring, calculating, and quantifying risk.

  • Must be able to effectively articulate ideas through verbal and written communications.

  • Experience with MS Excel, eGRC systems, such as Archer or RSAM

  • Prefer certifications: CISSP, CISA, CRISC, FAIR or related certifications

  • Ideal candidate will have relevant experience in an IT department along with at least 4 years in banking or financial services, or equivalent experience in a consulting capacity

  • Prior experience analyzing and applying regulatory requirements to security practices

  • Familiarity with changes and trends in the regulatory landscape

  • Demonstrated organization, facilitation, communication, and presentation skills

  • Demonstrated ability to lead and execute across a range of businesses and functions with differing issues and interdependencies

  • Experience in designing and executing management testing of key controls, evaluating controls for effectiveness and efficiency.

  • Represents basic qualifications for the position. To be considered for this position you must at least meet the basic qualifications.

Equal Opportunity/Affirmative Action Employer, Minorities/Females/Individuals with Disabilities/Veterans

Note: This preceding job description has been designed to indicate the general nature and level of work performed by employees within this classification. It is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities, and qualifications required of employees assigned to this job.

Note: Candidates should be advised that City National Bank does not pay interviewee travel expenses or relocation expenses for candidates who are hired unless previously agreed.



Equal Opportunity Empl

icon no score

See how you match
to the job

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Sr Claims Examiner Global Cyber Risk And Privacy Liability

Markel Corporation

Posted 6 days ago

VIEW JOBS 11/11/2019 12:00:00 AM 2020-02-09T00:00 Company Information: What we look for Our exceptional and motivated employees are our greatest strength. Our employees provide the highest level of customer service and help maintain our position as a leader in the global marketplace. Markel Style The Markel Style is what makes us stand out from our competitors. It's our core value which should underpin how we do business, while influencing our behavior and performance. We are looking for people who have potential and share our passion to live the Markel Style, which is described in more detail below. If you think you have these core attributes we want to hear from you. Job Summary: This position will be responsible for the resolution of high complexity and high exposure claims. The position will have increased responsibility for decision making within their authority and work with minimal oversight. Responsibilities: * Investigate, negotiate and settle complex primary and excess policy cyber and privacy liability claims. * Investigate and analyze coverage under primary and excess cyber policies; make coverage determinations; draft routine and complex coverage correspondence; effectively communicate coverage positions to policyholders and other stakeholders; manage claims involving coverage litigation. * Manage litigation filed nationwide against insureds; appoint, direct and manage defense counsel; proactively work toward expeditious and economical resolution of claims; assist Company claims vendor management, disbursement and legal collections teams with defense counsel, bill payment and collection issues. * Communicate with underwriting as needed to manage claims and to alert of any significant developments. * Promptly communicate with Unit and internal partners on adverse developments and provide information on pertinent issues affecting the cyber product lines and coverages. * Proven ability to work in a collaborative team environment. Analyze and convey summations of complex issues; recognize alternative approaches and develop action plans, both orally and in written form. * Maintain and adhere to Markel's guidelines and procedures. * Ensure proper adherence to internal reporting requirements. * Contribute and assist in the implementation of a wide range of initiatives, discussion and action plans brought forth by the Claims Manager. * Participate in agent related functions and meetings as required. * Actively participate in the ongoing training and development of the claims examiners as indicated by Claims Manager. Requirements: * 5+ years of cyber or professional liability claims experience or litigation required. Excess liability (quota share, first layer and high layer) claims or litigation experience a plus. * College degree and/or professional designation required, JD preferred. * Excellent written and oral communication skills. * Sound comprehension of insurance coverage posed by cyber and excess liability policies. * Ability to analyze and convey summations of complex issues both verbally and in writing; recognize alternative approaches and develop action plans. * Experience in determining contractual obligations, insurance coverage analyses, and investigations. Insurance coverage litigation experience a plus. * Ability to manage complex litigation, set loss and expense reserves and evaluate settlement values. * Work collaboratively and as team player willing to assist within the Unit and Professional Liability Division as needed. * Ability to proactively self-manage a high volume caseload. * Travel required as necessary (approximately 20%). "Why work for us?" Diversity and inclusion Markel is truly a global and diverse company. We believe that diversity makes us better business partners and that embracing people's differences can bring amazing results and fuel innovation. We have a portfolio of businesses and product lines that operate around the world. Community involvement Markel has a rich heritage of supporting communities across the world where our customers and employees live and work. Giving back is part of our history and our future. Our employees share in this philosophy through volunteering, mentoring and fundraising. Commitment to open doors Markel is committed to creating the best work environment. Our open-door policy is essential in recognizing business issues as they rise and to address the changing needs of our diverse and global workforce. Challenging management is a component of the Markel Style—some of our best ideas start from a conversation between a manager and an employee. Entrepreneurial spirit As the Markel Style states, we pursue excellence, strive for a better way, and share the success of others. Markel associates proactively seek new business opportunities, bringing further success to Markel. Markel Corporation Los Angeles CA

Senior Cyber Sec Risk Analyst

City National Corporation