Logo
Western Alliance Bancorporation

ERM IT/IS Senior Analyst

Western Alliance Bancorporation, Phoenix, AZ


Job Title:
ERM IT/IS Senior Analyst

Location:
CityScape

What you'll do:
Western Alliance Bank Corporation is currently seeking a highly qualified and experienced Second Line of Defense Technology (IT) and Information Security (IS) Senior Analyst to join our IT/IS and TPRM risk management team in the second line of defense. The successful candidate will take on supporting IT/IS risk management functions. Duties would include reviewing first line controls for completeness, assisting with targeted risk assessments, issue management, and risk reporting in technology and cybersecurity. This position offers an exciting opportunity to contribute to the bank's risk management framework and play a key role in safeguarding our institution against technology, information security and third-party risks.

What we are looking for:

Responsibilities:
  • Monitor external industry trends and regulatory changes that may impact areas of risk oversight (Technology and Information Security).
  • Assist in the management of Penetration Testing and Physical Security testing with external vendors. Create framework and communications for internal stakeholders, manage vendor deliverables for testing activities, finalize reporting and manage issues that are identified through the testing process.
  • Reporting of internal metrics for IT/IS.
  • Perform Targeted Assessments of first line functions. Including, research frameworks, regulatory guidance, and trends in technology and information security to provide support for targeted assessments.
  • Review and challenge of first line Information Security and Technology functions, including the Cyber Risk Institute's Cyber Profile, first line policy and standards, Key Risk Indicators, and regulatory responses.
  • Support the risk and control inventory review for first line technology and information security functions.
  • Supporting issues from identification, through review and validation for closure.
  • Develop, document and support department standards and processes.
  • As needed this role would engage with appropriate first, second, and third-line stakeholders to ensure effective communication and coordination between the three lines of defense.


Qualifications:
  • Bachelor's degree and 10+ years of experience with Risk Management, Information Technology, Cybersecurity, or a related field. Master's degree is preferred.
  • Minimum of 5 years' experience with Information Technology and/or Information Security first line or second line functions. In depth knowledge of information security and technology principles in a highly regulated environment.
  • Background in creating and presenting to different levels and audiences across an organization.
  • Understanding of risk management practices, including understanding of risk definitions, development of controls and issue management.
  • Strong ability to analyze processes and data for trending and recommend enhancements.
  • Effective communication skills with a demonstrated ability to engage, influence, and drive collaboration across stakeholders.
  • High degree of organization, individual initiative, and personal accountability in a fast-paced environment. Inclusive of ability to make decisions in an ambiguous environment.
  • Knowledge of regulatory guidance for Third-Party, Technology and/or Cybersecurity functions.
  • Knowledge of external frameworks for technology and/or cybersecurity (NIST, ITIL, COBIT, Shared Assessments, etc.).
  • Understanding of risk management principles in a highly regulated organization, including risk identification, risk treatment and risk measurement.
  • High level of speaking and writing skills.
  • Proficiency in risk management tools and systems, as well as advanced proficiency in Microsoft Office Suite, particularly, Word, Excel, and PowerPoint.
  • Professional certification in Project Management, Technology and/or cybersecurity (CISM, CRISC, CISSP, etc.). Knowledge of three lines of defense model in a financial services setting.
  • Experience with the Factor Analysis of Information Risk (FAIR) quantification methodology desired but not required.


Benefits you'll love:
We offer all the important things you'd want - like competitive salaries, an ownership stake in the company, medical and dental insurance, time off, a great 401k matching program, tuition assistance program, an employee volunteer program, and a wellness program. In addition, you'll have the opportunity to bolster your business knowledge, learning the ins and outs of how successful companies operate and manage their finances, giving you invaluable hands-on experience to help grow your career!

About the company:

Western Alliance Bank is a wholly owned subsidiary of Western Alliance Bancorporation. Alliance Bank of Arizona, Alliance Association Bank, Bank of Nevada, Bridge Bank, First Independent Bank, and Torrey Pines Bank are divisions of Western Alliance Bank; Member FDIC. AmeriHome Mortgage is a Western Alliance Bank company.

Western Alliance Bancorporation is committed to equal employment and will consider all qualified applicants without regard to race, sex, color, religion, age, nation origin, marital status, disability, protected veteran status, sexual orientation, gender identity or genetic information. Western Alliance Bancorporation is committed to working with and providing reasonable accommodations for individuals with disabilities. If you are an individual with a disability and require a reasonable accommodation to complete any part of the application process and/or need an alternative method of applying, please email HR[redacted] or call [redacted]. When contacting us, please provide your contact information and state the nature of your accessibility issue. We will only respond to inquiries concerning requests that involve a reasonable accommodation in the application process.

© Western Alliance Bancorporation