At Bank of the West, our people are having a positive impact on the world. We're investing where we feel we can make the most impact, like advancing diversity and women entrepreneurship programs, financing for more small businesses, and promoting programs for sustainable energy. From our locations across the U.S., Bank of the West is taking action to help protect the planet, improve people's lives, and strengthen communities. We are part of BNP Paribas, a global leader supporting the UN Sustainable Development Goals (SDGs). Yes, we're a bank, but as the bank for a changing world, we are continually seeking to improve the ways we help our customers, while contributing to more sustainable and equitable growth.Job Description Summary
An ideal candidate is highly motivated with solid communication skills, solid leadership skills, and keen focus on details. The Risk Management Analyst I collaborates with management and business partners to identify risks within our Third Party Service Providers to enhance the security controls and protect Bank of the West data. Essential Job Functions
- Identify and document risk to Information Security, Physical Security, Business
- Resiliency and overall effectiveness of Operational Controls within the Bank through completion of Third Party Service Providers security assessments.
- Desk reviews and inspection of security assessments for Third Party Service Providers
- Review external audit reports, vulnerability and penetration test results, Business Resiliency Plans, etc.
- Interview IT personal and key staff responsible for configuration management, compliance, Incident Response, access control, and other critical functions of Information Security, Physical Security and Business Resiliency.
- Formally document assessment for visibility within the organization and tracking purposes.
- Assist working with Third Party Program Office and Contract Administration to provide Corporate Security Risk Assessment support for security vendor assessments.
- Assists staff with reports and projects.
- Assists staff with communication between business units to ensure proper approvals and submission of reports and supporting documents.
- Ensure all reports, supporting documents, and/or presentations are completed accurately using the correct templates/style guides and completed within required timeframes.
- Assist with projects to support requested initiatives or other projects.
- Knowledge of IT risks, Physical Security risks, Business Resiliency risks and implementing risk mitigating procedures using standard risk management guidelines including HIPAA, HITECH, PCI, COSO, COBIT, NIST, ITIL and various other control frameworks.
#LI-KJ1 Qualifications :Education
- High School Diploma or GED Required
- Bachelor's Degree Business, Computer Science, Information Assurance, Management Information Systems or related field
- 3 - 5 yrs Risk Management, Business Analytics, Information Security, IT Audit, Physical Security, Business Resiliency, or related field.
Equal Employment Opportunity Policy
- Solid ability to exercise sound judgment regarding assessment findings and make effective recommendations to management.
- Ability to work effectively on multiple projects within a team structure.
- Ability to meet time sensitive deadlines.
- Ability to work and achieve goals without constant supervision.
- Solid management and control of work flows to produce deliverables within required timeframes and quality standards.
- Solid knowledge of Microsoft Office tools.
- Solid verbal and written communication skills. Good inter-personal and partnering skills to facilitate effective working relationships.
- Basic understanding of financial industry, risk management, and/or corporate security.
- Ability to problem solve and swiftly escalate issues to senior staff when needed.
- Ability to adjust to rapidly changing security environment and prioritize deliverables.
- Ability to condense information and transform technical data into easily understandable concepts.
- Basic knowledge in various information security areas, such as: Identity and Access Management, Threat and Vulnerability Management, Information Risk and Governance, IT Architecture, Monitoring, Incident Response and Security Strategy, or Physical Security or Business Resiliency.
Bank of the West is an Equal Opportunity employer and proud to provide equal employment opportunity to all job seekers without regard to any status protected by applicable law. Bank of the West is also an Affirmative Action employer - Minority / Female / Disabled / Veteran.
Bank of the West will consider for employment qualified applicants with criminal histories pursuant to the San Francisco Fair Chance Ordinance subject to the requirements of all state and federal laws and regulations.