... GRC, cybersecurity, risk management or related fields, and most importantly cloud/security ... analytical skills with the ability to assess complex risks and develop effective mitigation ...
... GRC, cybersecurity, risk management or related fields, and most importantly cloud/security ... analytical skills with the ability to assess complex risks and develop effective mitigation ...
Cybersecurity Consultant
Roseville, CA · On-site
$118K - $133K/yr
This role brings cybersecurity, risk management, and regulatory expertise to consulting engagements ... Strong analytical, problem-solving, prioritization, and professional judgment skills. * Strong ...
Cybersecurity Consultant
Roseville, CA · On-site
$118K - $133K/yr
This role brings cybersecurity, risk management, and regulatory expertise to consulting engagements ... Strong analytical, problem-solving, prioritization, and professional judgment skills. * Strong ...
... cybersecurity risk management, IT audit, compliance, or related areas Experience leading or ... security Strong analytical, organizational, documentation, communication, and stakeholder ...
... cybersecurity risk management, IT audit, compliance, or related areas Experience leading or ... security Strong analytical, organizational, documentation, communication, and stakeholder ...
Cybersecurity Engineer and Risk Analyst The Opportunity: Are you looking for an opportunity to ... Using yourknowledgeandexperiencein Risk Management Framework (RMF), you'll assess security threats ...
Cybersecurity Engineer and Risk Analyst The Opportunity: Are you looking for an opportunity to ... Using yourknowledgeandexperiencein Risk Management Framework (RMF), you'll assess security threats ...
Cybersecurity Engineer and Risk Analyst The Opportunity: Are you looking for an opportunity to ... Using your knowledge and experience in Risk Management Framework (RMF), you'll assess security ...
Cybersecurity Engineer and Risk Analyst The Opportunity: Are you looking for an opportunity to ... Using your knowledge and experience in Risk Management Framework (RMF), you'll assess security ...
... cybersecurity risk management, IT audit, compliance, or related areas • Experience leading or ... analytical, organizational, documentation, communication, and stakeholder management skills • ...
... cybersecurity risk management, IT audit, compliance, or related areas • Experience leading or ... analytical, organizational, documentation, communication, and stakeholder management skills • ...
Share Cybersecurity Engineer and Risk Analyst The Opportunity: Are you looking for an opportunity ... Using your knowledge and experience in Risk Management Framework (RMF), you'll assess security ...
Share Cybersecurity Engineer and Risk Analyst The Opportunity: Are you looking for an opportunity ... Using your knowledge and experience in Risk Management Framework (RMF), you'll assess security ...
Cybersecurity Consultant
Roseville, CA · On-site
$118K - $133K/yr
This role brings cybersecurity, risk management, and regulatory expertise to consulting engagements ... Strong analytical, problem-solving, prioritization, and professional judgment skills. * Strong ...
Cybersecurity Consultant
Roseville, CA · On-site
$118K - $133K/yr
This role brings cybersecurity, risk management, and regulatory expertise to consulting engagements ... Strong analytical, problem-solving, prioritization, and professional judgment skills. * Strong ...
Cybersecurity Consultant
Roseville, CA · On-site
This role brings cybersecurity, risk management, and regulatory expertise to consulting engagements ... Strong analytical, problem-solving, prioritization, and professional judgment skills. * Strong ...
Quick apply
Cybersecurity Consultant
Roseville, CA · On-site
This role brings cybersecurity, risk management, and regulatory expertise to consulting engagements ... Strong analytical, problem-solving, prioritization, and professional judgment skills. * Strong ...
Cybersecurity Consultant
$118K - $133K/yr
This role brings cybersecurity, risk management, and regulatory expertise to consulting engagements ... Strong analytical, problem-solving, prioritization, and professional judgment skills. * Strong ...
Cybersecurity Consultant
$118K - $133K/yr
This role brings cybersecurity, risk management, and regulatory expertise to consulting engagements ... Strong analytical, problem-solving, prioritization, and professional judgment skills. * Strong ...
Cybersecurity Analyst / Information Systems Security Officer (IS with Security Clearance
San Diego, CA · On-site
We are seeking a Cybersecurity Analyst / Information Systems Security Officer (ISSO) to support cybersecurity, Risk Management Framework (RMF), and Assessment & Authorization (A&A) activities across ...
Cybersecurity Analyst / Information Systems Security Officer (IS with Security Clearance
San Diego, CA · On-site
We are seeking a Cybersecurity Analyst / Information Systems Security Officer (ISSO) to support cybersecurity, Risk Management Framework (RMF), and Assessment & Authorization (A&A) activities across ...
Senior OT Cybersecurity Analyst
San Diego, CA · On-site
$100K - $135K/yr
Demonstrable experience in the field of risk management, with a knack for translating complex ... This Senior OT Cybersecurity Analyst role is where your skills and talents will thrive, and you'll ...
Senior OT Cybersecurity Analyst
San Diego, CA · On-site
$100K - $135K/yr
Demonstrable experience in the field of risk management, with a knack for translating complex ... This Senior OT Cybersecurity Analyst role is where your skills and talents will thrive, and you'll ...
Conduct cybersecurity risk assessments, vulnerability analyses, security control evaluations, and remediation planning; manage vulnerability tracking and compliance activities using tools and ...
Conduct cybersecurity risk assessments, vulnerability analyses, security control evaluations, and remediation planning; manage vulnerability tracking and compliance activities using tools and ...
We are seeking a Cybersecurity Analyst / Information Systems Security Officer (ISSO) to support cybersecurity, Risk Management Framework (RMF), and Assessment & Authorization (A&A) activities across ...
We are seeking a Cybersecurity Analyst / Information Systems Security Officer (ISSO) to support cybersecurity, Risk Management Framework (RMF), and Assessment & Authorization (A&A) activities across ...
Sr Cyber Engineer (ISSE)
San Diego, CA · On-site
Conduct cybersecurity risk assessments, vulnerability analyses, security control evaluations, and remediation planning; manage vulnerability tracking and compliance activities using tools and ...
Sr Cyber Engineer (ISSE)
San Diego, CA · On-site
Conduct cybersecurity risk assessments, vulnerability analyses, security control evaluations, and remediation planning; manage vulnerability tracking and compliance activities using tools and ...
Cybersecurity Operations Center (CSOC) Manager
Rosemead, CA · On-site
$182K - $274K/yr
Ensures alignment with product management and R&D project leaders to ensure security lifecycle ... Strong analytical and problem-solving skills with the ability to make timely, risk-based decisions ...
Cybersecurity Operations Center (CSOC) Manager
Rosemead, CA · On-site
$182K - $274K/yr
Ensures alignment with product management and R&D project leaders to ensure security lifecycle ... Strong analytical and problem-solving skills with the ability to make timely, risk-based decisions ...
Enterprise Risk Management (ERM) Analyst
Folsom, CA · On-site
$110K - $120K/yr
... Analysis review process. * Participate in developing and providing business continuity management ... cybersecurity, compliance, and reputational risks * Monitor vendor risk profiles and coordinate ...
Enterprise Risk Management (ERM) Analyst
Folsom, CA · On-site
$110K - $120K/yr
... Analysis review process. * Participate in developing and providing business continuity management ... cybersecurity, compliance, and reputational risks * Monitor vendor risk profiles and coordinate ...
On our team, you'll troubleshoot and analyze complex challenges for customers using your knowledge of cybersecurity policy, networks and system infrastructure, and risk management. You'll use your ...
On our team, you'll troubleshoot and analyze complex challenges for customers using your knowledge of cybersecurity policy, networks and system infrastructure, and risk management. You'll use your ...
On our team, you'll troubleshoot and analyze complex challenges for customers using your knowledge of cybersecurity policy, networks and system infrastructure, and risk management. You'll use your ...
On our team, you'll troubleshoot and analyze complex challenges for customers using your knowledge of cybersecurity policy, networks and system infrastructure, and risk management. You'll use your ...
On our team, you'll troubleshoot and analyze complex challenges for customers using your knowledge of cybersecurity policy, networks and system infrastructure, and risk management. You'll use your ...
On our team, you'll troubleshoot and analyze complex challenges for customers using your knowledge of cybersecurity policy, networks and system infrastructure, and risk management. You'll use your ...
Cybersecurity Risk Management Analyst information
What are the key skills and qualifications needed to thrive as a Cybersecurity Risk Management Analyst, and why are they important?
What does a Cybersecurity Risk Management Analyst do?
What are some typical challenges a Cybersecurity Risk Management Analyst faces when working with cross-functional teams?
What is the difference between Cybersecurity Risk Management Analyst vs Cybersecurity Analyst?
| Aspect | Cybersecurity Risk Management Analyst | Cybersecurity Analyst |
|---|---|---|
| Certifications | CompTIA Security+, CISSP, CISM | CompTIA Security+, CEH, CISSP |
| Work Environment | Focus on risk assessment, policy development, and compliance | Focus on threat detection, incident response, and system monitoring |
| Employer & Industry Usage | Used in organizations prioritizing risk mitigation and compliance | Used across various sectors for security operations and monitoring |
While both roles involve cybersecurity, the Cybersecurity Risk Management Analyst primarily assesses and manages risks, ensuring compliance and policy adherence. In contrast, the Cybersecurity Analyst concentrates on identifying threats, monitoring security systems, and responding to incidents. Both roles are essential but focus on different aspects of cybersecurity defense.

Full-time
Re-posted 8 days ago
Banc Of California rating
7.9
Based on 5 frontline employees who took The Breakroom Quiz
67th of 149 rated banks
Job description
Banc of California is a premier relationship-based business bank committed to delivering meaningful results and supporting local communities. They are seeking a VP, Lead Security Risk Analyst to lead enterprise-wide Information Security risk engagement and drive the development and execution of the Information Security risk and GRC programs, ensuring effective risk management aligned with the organization’s risk appetite.
Responsibilities:
• Lead enterprise Information Security engagement across all enterprise-wide corporate projects, championing security by design principles, influencing security decisions without direct authority and driving alignment across multiple business and technology domains.
• Contribute to the development, management, and ongoing improvement of the Information Security risk program, compliance initiatives, and overall security risk posture.
• Partner with senior management to design and implement maturity strategies and operations into the Information Security GRC team.
• Maintain Information Security risk register, report monthly to appropriately address key risk areas.
• Support policies and procedures maintenance aligned with in-scope security frameworks, regulations, and internal standards to manage identified risk effectively.
• Conduct regular risk assessments to identify potential threats and vulnerabilities across the organization analyzing their impact and likelihood of occurrence.
• Generate reports on risk assessments, compliance status, and control effectiveness to communicate findings to stakeholders at various levels within the organization.
• Lead and deliver enterprise and domain risk assessments (at least annually, or event driven) using consistent methodology that complies with regulatory requirements
• Conduct and lead the bank’s most complex and high-impact risk assessments, including those involving enterprise architecture, modernization initiatives, AI/ML platforms, cloud deployments, or third-party integrations.
• Drive cross-functional remediation initiatives, ensuring timely resolution of identified issues and alignment with enterprise risk appetite.
• Act as the primary GRC representative and senior advisor in enterprise security architecture projects, ensuring that security, compliance, and risk considerations are embedded in design decisions for cloud, infrastructure, and applications.
• Lead architecture-focused risk assessments for new technologies, major system integrations, cloud migrations, and high-impact projects to identify systemic risks and required compensating controls.
• Translate security policies, standards, regulatory requirements and control frameworks into detailed architectural requirements, control patterns, and secure design standards consumable by engineering and application teams.
• Advise solution architects, engineers, and product teams on secure design patterns, identity and access architecture, encryption frameworks, data protection requirements, and logging/monitoring standards.
• Evaluate the security implications of modernization initiatives, and system migrations ensuring risks are documented and mitigated through appropriate design.
• Define architecture-aligned security requirements and control baselines that engineering and architecture teams use to build secure-by-design systems.
• Partner with detection engineering and cloud teams to ensure logging, auditability, and monitoring capabilities are embedded in the technology stack.
• Lead complex and technical vendor security reviews, including onboarding assessments, and high-risk assessments involving cloud platforms, data integrations, and critical infrastructure providers.
• Follow all established policies and procedures.
• Perform other duties and projects as assigned.
Qualifications:
Required:
• Bachelor’s degree in information systems, engineering, business, risk management, or related field; and related certifications (e.g., CISSP ISSAP, SABSA, CCSP, GCAD, CRISC, CISSP).
• 7-9+ years of experience in GRC, cybersecurity, risk management or related fields, and most importantly cloud/security architecture, particularly in highly regulated industries such as financial, or professional services.
• Demonstrated history of influencing architectural decisions and driving enterprise-level security program improvements.
• High technical knowledge across Cybersecurity domains, including Security Operations, Incident Response, Security Engineering, Cloud Security, Artificial Intelligence (AI), Data Security, Configuration Management, Log Generation, Security Risk Assessments/testing methodologies, Secure Software Development Lifecycle, evaluating the adequacy and efficiency of internal controls.
• Advanced knowledge of cloud architecture, application security, identity governance, encryption, secure design patterns, network architecture, and telemetry design.
• Experience translating requirements into architectural controls and technical standards.
• Expert knowledge of GRC frameworks and regulations (e.g., PCI-DSS, GDPR, CCPA, GLBA, NIST, ISO 27001).
• Strong knowledge in OWASP, CIS and/or other security standards and secure configuration baselines.
• Excellent analytical skills with the ability to assess complex risks and develop effective mitigation security strategies.
• Comfortable solving ambiguous, enterprise-scale problems.
• Proven ability to lead multi-team initiatives and drive results in a fast-paced environment.
• Excellent communication and interpersonal skills, with the ability to influence senior engineers, architects, and business leaders.
• High School diploma or equivalent required.
Company:
Banc of California provides a full-service banking and home lending to individuals and their businesses and families. Founded in 1941, the company is headquartered in Irvine, USA, with a team of 1001-5000 employees. The company is currently Late Stage.
What Banc Of California employees say
Pay
Benefits
Hours and flexibility
Workplace
Get the full story on Breakroom
About Banc of California
Sourced by ZipRecruiter
Industry
Commercial banking
Company size
501 - 1,000 Employees
Headquarters location
Santa Ana, CA, US
Year founded
1941