19 days old

Cybersecurity Governance & Remediation Analyst

Silicon Valley Bank
Tempe, AZ 85281
  • Job Code
    18192
BE PART OF A BANK LIKE NO OTHER.

When you work with the world's most innovative companies, you know you're making a difference.

Our clients are the game changers, leaders and investors who fuel the global innovation economy. They're the businesses behind the next medical breakthroughs. And the visionaries whose new technologies could transform the way people live and work.

They come to SVB for our expertise, deep network and nearly forty years of experience in the industries we serve, and to partner with diverse teams of passionate, enterprising SVBers, dedicated to an inclusive approach to helping them grow and succeed at every stage of their business.

Join us at SVB and be part of bringing our clients' world-changing ideas to life. At SVB, we have the opportunity to grow and collectively make an impact by supporting the innovative clients and communities SVB serves. We pride ourselves in having both a diverse client roster and an equally diverse and inclusive organization. And we work diligently to encourage all with different ways of thinking, different ways of working, and especially those traditionally underrepresented in technology and financial services, to apply.

Job Description

The Cybersecurity Governance & Remediation Analyst is responsible for executing the development, enhancement, maintenance, and standardization of cybersecurity controls. This role analyzes and standardizes the current cybersecurity control inventory and processes, defines an associated monitoring schedule and testing, coordinates the onboarding of a Cybersecurity GRC tool, as well as supports the identification and design of new controls. Additionally, the Cybersecurity Governance & Remediation Analyst will identify and propose process enhancements, as well as enhance the maturity of the Governance and Controls program. This individual ensurescyber controls and Governance & Remediation processes meet the cyber and organizational strategic goals and objectives. It is imperative this role anticipates methods and processes employed by both internal and external auditors/regulators to effectively design and re-design controls, as well as perform controls assessments across our compliance programs and projects.

Essential Functions:

  • Support and drive the analysis, development, and implementation of policies, processes, procedures, standards, guides, security and compliance controls, and tools across the Cybersecurity organization to enable and automate control execution and associated control activities while providing assurance that the appropriate artifacts exist for operational continuity and compliance.
  • Collaborate with Cybersecurity, Technology, and Business stakeholders to assess the sufficiency, relevance, and reliability of their control documentation and control design as part of the various compliance and security controls frameworks.
  • Support internal and external audit engagements, which may include but is not limited to: coordinating the collection of evidence, evaluating and staging audit evidence, coordinating subject-matter expert interviews, and engaging directly with the audit team.
  • Act as an advisor in implementing leading practices for areas related to the compliance security controls programs, which also includes providing guidance to various stakeholders around automation and optimization opportunities.
  • Aggregate observations, deviations, and exceptions identified through surveillance activities, risk assessments, audit engagements, and control design/redesign efforts to manage an effective corrective action process that seeks to remediate non-compliance within required timelines.
  • Assist with tracking and updating key metrics that indicate the current health of controls and overall compliance programs.
  • Leverage industry frameworks (NIST CSF, CIS, etc.) to develop control sets that provide the necessary security to address risks with the variety of systems in use.
  • Ensure that enterprise-wide security, privacy, and compliance standards are enforced throughout the entire organization.
  • Evaluate new and emerging products and technologies based upon security, compliance, and regulatory needs.
  • Establish and maintain business relationships with individual contributors as well as management.
  • Collaborates with internal and external parties (e.g. industry, regulatory, etc.) that would influence and/or impact existing policies, processes, procedures, or controls frameworks.
  • Serve as the principle point of contact for all cybersecurity controls and remediation matters
  • Gather data and produce qualitative and quantitative analysis
  • Ability to manage and digest complex problems and provide solutions that align with regulatory and cybersecurity requirements.

Knowledge:
  • Strong knowledge of cyber governance, risk and controls terms, disciplines, and frameworks
  • Working knowledge of applicable cybersecurity GRC tools
  • Conceptual knowledge around managing and securing various technologies, common security tools, as well as defensive security techniques.
  • Working knowledge in the following areas: system policy and compliance verification techniques; auditing principles; risk management concepts and techniques; software development methodologies and controls; SOX, PCI, NIST CSF & 800-53, FFIEC, ISO and CRI cybersecurity standards; evaluating new and emerging technologies.

Skills:
  • Proven analytical skills with the ability to make sound decisions with ambiguous information, as well as possess a high level of organizational skills and autonomy.
  • Ability to communicate clearly, effectively, persuasively, and credibly with internal management and external senior level oversight entities.
  • Demonstrate a consistent history of delivering on commitments.
  • Demonstrate critical thinking and problem-solving skills.
  • Excellent communication skills, both written and verbal, to both business and technology audiences.
  • High organizational and time-management skills

Competencies:
  • Aptitude to understand and adapt to newer technologies.
  • A grounded understanding of applied enterprise information security technologies.
  • Able to work independently with limited supervision.
  • Ability to establish and maintain productive business relationships.

Education & Experience:

Required:

  • Bachelor's Degree required with a major in Cybersecurity, Computer Science, Management Information Systems, or equivalent computer or applicable business related major.
  • 5 or more years of experience within Cybersecurity and / or Risk Management
  • 2 or more years of relevant experience in Cybersecurity and/or technology field specializing in controls (e.g. Cybersecurity, IT or Advisory) required.
Preferred:
  • 2 or more years of relevant Cybersecurity experience focused on the design and implementation or assessment of controls preferred.

2021 SVB Financial Group. All rights reserved. SVB, SVB FINANCIAL GROUP, SILICON VALLEY BANK, MAKE NEXT HAPPEN NOW and the chevron device are trademarks of SVB Financial Group, used under license. Silicon Valley Bank is a member of the FDIC and the Federal Reserve System. Silicon Valley Bank is the California bank subsidiary of SVB Financial Group (Nasdaq: SIVB).

Equal Employment Opportunity

Silicon Valley Bank is an equal opportunity employer and is dedicated to expanding its commitments and investments to create a more diverse, equitable and inclusive company culture and innovation ecosystem. We are strongly committed to the values and policy of equal employment opportunity across our employment practices.

Silicon Valley Bank is registered in England and Wales at Alphabeta, 14-18 Finsbury Square, London EC2A 1BR, UK under No. FC029579. Silicon Valley Bank is authorised and regulated by the California Department of Business Oversight and the United States Federal Reserve Bank; authorised by the Prudential Regulation Authority with number 577295; and subject to regulation by the Financial Conduct Authority and limited regulation by the Prudential Regulation Authority. Details about the extent of our regulation by the Prudential Regulation Authority are available from us on request.





Posted: 2022-06-17 Expires: 2022-07-16
Sponsored by:
ADP Logo
Sponsored by:
Bank of America Logo

Featured Jobs[ View All ]

Featured Employers

Before you go...

Our free job seeker tools include alerts for new jobs, saving your favorites, optimized job matching, and more! Just enter your email below.

Share this job:

Cybersecurity Governance & Remediation Analyst

Silicon Valley Bank
Tempe, AZ 85281

Join us to start saving your Favorite Jobs!

Sign In Create Account
Powered ByCareerCast