Western Alliance Bankposted 10 months ago
Full-time • Senior
Phoenix, AZ
Credit Intermediation and Related Activities

About the position

The Enterprise Risk Management Technology/Information Security Director at Western Alliance Bank is a pivotal role responsible for developing and implementing the bank's risk management framework. This position is situated within a growing organization focused on providing expert guidance, credible challenge, and effective oversight of technology and information security activities throughout the company. The Director will operate in a highly collaborative team environment, delivering risk management assessments and guidance to Technology and Information Security first line teams. This role is critical in informing Western Alliance Bancorporation (WAL) of the risks inherent in its actions and decisions, enterprise impacts, and opportunities to reduce risks overall. In this capacity, the Director will develop and execute methods to measure and quantify risk, implementing the Open FAIR methodology, and overseeing risk assessments and control reviews. The position requires strategic thinking, a solid background in technology and/or information security operations, an understanding of banking regulations, and experience in enterprise risk management. The contributions made in this role will help drive maturity across the enterprise through effective collaboration and communication with partners. The Director will proactively work with business unit management to identify and assess technology and cybersecurity risks associated with business activities, ensuring alignment with Enterprise and Operational Risk Frameworks. This includes advising lines of business on risks and control requirements related to new products and services, business initiatives, and outsourced third-party activities. The role also involves conducting a robust Review and Challenge process to evaluate business processes, risk profiles, risk indicators, controls, and remediation plans, ensuring alignment with WAL's Enterprise and Operational Risk programs, policies, and practices.

Responsibilities

  • Proactively works with business unit management to identify and assess technology and cybersecurity risks associated with business activities, ensuring alignment with Enterprise and Operational Risk Frameworks.
  • Advising lines of business on risks and control requirements related to new products and services, business initiatives, and outsourced third-party activities, including applicable metrics (e.g., KRIs, Tolerances).
  • Focus on the implementation of the Open FAIR methodology to help increase risk quantification for technology, cybersecurity, and third-party risks.
  • Conducts a robust Review and Challenge process in evaluating and reviewing business processes, risk profiles, risk indicators, controls, remediation plans, etc., to ensure alignment with WAL's Enterprise and Operational Risk programs, policies, and practices.
  • Ensure WAL policies and procedures and associated technology and cybersecurity risk programs are consistent with current applicable banking rules, regulations, and laws. Monitors and assesses for any new or amended requirements.
  • Acts as Technology and Cybersecurity Risk Subject Matter Expert on assigned committees and working groups, developing a positive working relationship with internal clients, staff, peers, and senior management.
  • Oversight of IT Operational Functions in the enterprise application services, including automation solutions, integration solutions, development architecture, and common services.
  • Oversight of Data Management and Data Governance, including data retention, data analytics, etc.
  • Lead and develop a team of risk professionals who will perform risk assessments, control reviews, issue identification, and risk reporting.
  • Perform Targeted Assessments for relevant 1LOD functions leveraging industry frameworks (NIST, ITIL, COBIT, etc.) to develop a second line opinion regarding the overall effectiveness of assessed first line functions.

Requirements

  • Bachelor's degree in a related field and 10+ years of direct work experience; Master's degree is preferred.
  • Deep knowledge of general banking operations, including deposit operations, loan administration, treasury management, and/or other commercial banking products and services.
  • Relevant industry and professional experience across one or more of the three lines of defense (e.g., information technology, cybersecurity, technology risk management, or audit).
  • Experience in risk management across information technology, cybersecurity, third party, and business continuity management.
  • Knowledge of the Open FAIR methodology.
  • Experience with developing KRIs, enterprise Issue Management, risk and controls, within a financial services company.
  • Identify and implement continual program enhancements based upon industry standards and best practices for risk management.
  • Stay current on trends in technology and cyber security and provide an understanding for how they may impact the organization.
  • Strong ability to analyze processes and data for trending and recommend enhancements.
  • Effective communication skills with a demonstrated ability to engage, influence, and drive collaboration across stakeholders.
  • High degree of organization, individual initiative, and personal accountability in a fast-paced environment, including the ability to make decisions in an ambiguous environment.
  • Knowledge of regulatory guidance for Third-Party, Technology and/or Cybersecurity functions, with specific experience in data management.
  • Knowledge of external frameworks for Third-Party, technology and/or cybersecurity (NIST, ITIL, COBIT, Shared Assessments, etc.).
  • Understanding of risk management principles in a highly regulated organization, including risk identification, risk treatment, and risk measurement.
  • Professional certification or advanced degree in Third-Party, technology and/or cybersecurity (CISM, CRISC, etc.).

Benefits

  • Competitive salaries
  • Ownership stake in the company
  • Medical and dental insurance
  • Time off
  • 401k matching program
  • Tuition assistance program
  • Employee volunteer program
  • Wellness program
© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service