Principal Technology Risk Analyst

**Principal Technology Risk Analyst****Description**At Bank of the West, our people are having a positive impact on the world.

We’re investing where we feel we can make the most impact, like advancing diversity and women entrepreneurship programs, financing for more small businesses, and promoting programs for sustainable energy.

From our locations across the U.S., Bank of the West is taking action to help protect the planet, improve people’s lives, and strengthen communities.

We are part of BNP Paribas, a global leader supporting the UN Sustainable Development Goals (SDGs).

Yes, we’re a bank, but as the bank for a changing world, we are continually seeking to improve the ways we help our customers, while contributing to more sustainable and equitable growth.**Purpose Statement**Responsible for managing the day to day execution and coordination of the technology risk function within the Information Communication & Technology (ICT) Risk program.

Responsible for the part of the program which could include: reporting, testing, development of new tools and methodologies, program or project management, leading special projects, as well as program implementation as it applies to the business lines or the overall Bank.**Job Functions**1.

Within assignment has a broad range of independence, ensures the ICT Risk Program is working effectively to report on the LOB/support function’s ICT risk posture and rein in excessive risks/risky activities.2.

Undertakes transversal & vertical assessments of exposures, identifying ICT risks, evaluating their potential impact and reviewing the strengths and weaknesses of existing controls.3.

Work with other risk functions to develop and implement controls that mitigate risks.4.

Once the controls are in place, continues to monitor control compliance and the prevalent risk environment recommending incremental recommendations for improvement to ensure that exposures are kept at acceptable levels.5.

Oversees the execution of the ICT risk management standards and procedures; developing ICT risk management analysis reports; developing approval procedures and guidelines on ICT risk limits by type of product and/or transaction (where appropriate); and in establishing management and administrative procedures to ensure adherence to policies.6.

Counsels business unit managers on ICT risk management issues.7.

May participate in evaluating new products, changes to the channels through which products are offered, and technology impact assessments for their impacts on the bank’s or LOB’s ICT risk profile.**Qualifications****Education**+ Bachelor’s Degree in IT, Security, Risk Management or related field+ Master’s Degree in Risk Management or IT preferred**Required Experience**+ Practitioner’s experience (10 years minimum) in one of the following areas (Information Security, IT, Risk or Cyber Security)+ 7 years leading risk management activities**Technology Skills (Required)**+ Extensive experience conducting technical risk assessments to identify ICT risks in the design phase (Cloud, On-Premises and Hybrid architecture) of the project and providing mitigation controls recommendations.+ Knowledge and experience of Project Management Lifecycle Methodologies (Agile, Waterfall and Hybrid).+ Knowledge of security touchpoints within the Software Development Lifecycle (security requirements, metrics and compliance reporting, threat modeling, design requirements, use of cryptography and managing risk of 3 rd party components).+ Strong knowledge and hands-on experience of technical security assessment frameworks, non-intrusive techniques and tools (e.g.

network and application vulnerability scanners, penetration testing platforms)+ Knowledge and experience performing technical assessments of network infrastructure, identity & access management, data management, incident management, threat & vulnerability management, encryption technologies & key management.+ Knowledge of modern automated build pipelines technologies (e.g.

GitHub, Jenkins, Artifactory) and containerized technologies (e.g.

Kubernetes, Docker).**Equal Employment Opportunity Policy**Bank of the West is an Equal Opportunity employer and proud to provide equal employment opportunity to all job seekers without regard to any status protected by applicable law.

Bank of the West is also an Affirmative Action employer
– Minority / Female / Disabled / Veteran.Bank of the West will consider for employment qualified applicants with criminal histories pursuant to the San Francisco Fair Chance Ordinance subject to the requirements of all state and federal laws and regulations.**Job:** Risk Management**Location:** United States-California-San Ramon**Other Locations:** United States-Nebraska-Omaha, United States-Texas-Dallas, United States-New York-New York, United States-Washington-Seattle, United States-California-Los Angeles, United States-Georgia-Atlanta, United States-California-San Francisco, United States-Illinois-Chicago, United States-Arizona-Tempe, United States-California-City of Industry**Requisition ID:** 054673

Related Post