Listing Description
Description
The future of banking is here! We’re building the next generation of banking technology and actively transforming the way we operate at Zions Bancorporation. In turn, our Enterprise Information Security department is hiring folks at all levels and we currently have an open career opportunity for a Information Security Risk Assessment Manager role.
Enterprise Information Security (EIS) is integrated with the Technology division (860+ people), and is responsible for enabling secure innovation and business growth for 13,000 employees across 11 states. What’s great about our department is that we laugh with each other, have Executive and Board level visibility and support for our work, and are driving highly-visible, enterprise-wide initiatives. We’re focused on creating business value and are seeking like-minded professionals to join our team!
Let’s talk about you:
Do you…
lead by example?
enjoy collaborating with and influencing others to achieve the right outcomes?
love securing information assets from malicious users?
want to work on the implementing leading-edge solutions to enterprise challenges?
demonstrate persistence in reaching goals in the face of adversity?
function as team player who isn’t afraid to challenge the status quo?
want to work on a team where your input matters?
think in terms of confidentiality, integrity, and availability?
excel in learning things quickly and thoroughly?
enjoy sharing your hard-earned knowledge to help others grow and make a real difference?
transform ambiguity into focused, productive, impactful outcomes?
love to get things done, the right way, the first time?
If you think systematically, achieve purposefully, speak diplomatically, and act with integrity, the EIS department can’t wait to hear from you!!
The scope and impact of your work:
The Information Security Risk Assessment (ISRA) team helps Zions Bancorporation move at the speed of business by providing actionable cyber risk decision support. We’re seeking a Manager of Information Security Risk Assessment to lead a team of risk analysis professionals in identifying, classifying, and collaboratively mitigating cyber risk enterprise-wide. You are an analytical thinker, collaborative team player, and an effective, dynamic communicator, able to bridge the gap between business demands and cybersecurity requirements.
What we expect:
This role requires someone who is humble, hungry, and an effective relationship builder with a deep understanding of cyber risk, and the ability to articulate that risk in business terms. The ideal candidate will:
Mature the cyber risk assessment methodology, effectively incorporating cybersecurity architecture, data risk, application-specific controls, hosting location, threats, vulnerabilities, etc.
Empower, guide, and inspire a team of cybersecurity risk analysts in delivering thorough, accurate, and relevant risk assessments at the speed of business
Forge and maintain strong working relationships with other cybersecurity functions, product delivery teams, project management, information technology, supply chain management, enterprise risk management, enterprise architecture, internal audit, and regulatory agencies
Ensure high quality risk assessment deliverables, improving efficiency and delivery capability through automation and continuous improvement
Leverage GRC and ticketing/workflow platforms to improve integration, management, and reporting of risk assessment results
Provide timely, accurate, and actionable reporting on risk assessment activity, trends, service levels, and areas of concern to executive management
Evolve cyber risk assessment practices to keep pace with emerging technology, cyber threats, and industry trends
Participate in cybersecurity and strategic planning to ensure identified risk mitigation is incorporated into the enterprise’s strategy
Qualifications
Bachelor’s degree preferred, or an equivalent combination of education and experience
4+ years of demonstrated experience leading teams to achieve business objectives, cultivating talent, building cross-functional consensus, and breaking down barriers in an enterprise environment
Broad cybersecurity and technology expertise in technical and procedural security controls, including but not limited to: network security architecture, endpoint security, data security, identity and access controls, etc.
Deep understanding of cybersecurity risk/maturity practices and frameworks, including hands-on experience performing formal risk assessments
Conversant in security and privacy regulations and compliance (e.g., GLBA, PCI-DSS, SOX, GDPR, CCPA)
Strong organizational skills with a successful track record of managing expectations, delivering results, and meeting milestones and deadlines in a fast-paced environment
Exceptional communication skills: written, interpersonal, and in executive presentation
Familiarity with formal cybersecurity maturity frameworks such as the NIST CSF, FFIEC Cyber Assessment Tool (CAT), ISO 27000 Series is preferred
Experience assessing cyber risk in Agile, DevOps, Cloud (IaaS and SaaS) paradigms is a plus
Relevant professional certifications: CISA, CISM, CRISC, CISSP or equivalent are strongly desired
Zions Bancorporation is one of the nation's premier financial services companies with total assets exceeding $65 billion. Zions operates under local management teams and distinct brands in 11 western states: Arizona, California, Colorado, Idaho, Nevada, New Mexico, Oregon, Texas, Utah, Washington and Wyoming. The company is a national leader in Small Business Administration lending and public finance advisory services. In addition, Zions is included in the S&P 500 and NASDAQ Financial 100 indices.
Zions received 16 Greenwich Excellence Awards for the year ended 2017. These awards are based on more than 30,000 market research interviews with businesses nationwide evaluating over 600 banks. Since the Awards’ inception in 2009, only three other U.S. banks have consistently received as many Greenwich Excellence Awards as Zions Bancorporation. Additionally, Zions has been recognized with middle market awards in Overall Client Satisfaction and Cash Management Overall Satisfaction every year since 2009. To better familiarize yourself with our company visit us at: http://www.zionsbancorporation.com/
It is the policy of Zions Bancorporation to provide equal employment opportunity (EEO) to all persons regardless of age, color, national origin, citizenship status, physical or mental disability, race, religion, creed, gender, sex, sexual orientation, gender identity and/or expression, genetic information, marital status, status with regard to public assistance, veteran status, or any other characteristic protected by federal, state or local law. In addition, Zions Bancorporation will provide reasonable accommodations for qualified individuals with disabilities.
Zions Bancorporation’s goal is to increase representation of women, people of color, veterans and individuals with disabilities. Our programs are designed to align with all applicable federal, state and local laws, directives and regulations and cover all human resource actions including employment, compensation, benefits, training, education, tuition aid, transfers, promotions and social/recreational programs.Mature the cyber risk assessment methodology, effectively incorporating cybersecurity architecture, data risk, application-specific controls, hosting location, threats, vulnerabilities, etc.
Empower, guide, and inspire a team of cybersecurity risk analysts in delivering thorough, accurate, and relevant risk assessments at the speed of business
Forge and maintain strong working relationships with other cybersecurity functions, product delivery teams, project management, information technology, supply chain management, enterprise risk management, enterprise architecture, internal audit, and regulatory agencies
Ensure high quality risk assessment deliverables, improving efficiency and delivery capability through automation and continuous improvement
Leverage GRC and ticketing/workflow platforms to improve integration, management, and reporting of risk assessment results
Provide timely, accurate, and actionable reporting on risk assessment activity, trends, service levels, and areas of concern to executive management
Evolve cyber risk assessment practices to keep pace with emerging technology, cyber threats, and industry trends
Participate in cybersecurity and strategic planning to ensure identified risk mitigation is incorporated into the enterprise’s strategy
Listing Details
- Citizenship: Us Citizen
- Incentives: Not Provided
- Education: Bachelors Degree
- Travel: No Travel
- Telework: Optional Telecommute