... the Cybersecurity Third-Party Risk Management (CTPRM) function within Truist Protection Services (TPS). Reporting to the Head of Security Governance, this role will redefine how cyber third-party ...
... the Cybersecurity Third-Party Risk Management (CTPRM) function within Truist Protection Services (TPS). Reporting to the Head of Security Governance, this role will redefine how cyber third-party ...
Risk Management & Framework Execution * Partner with business and risk stakeholders to support the ... Act as a subject matter expert on technology and cybersecurity risk and regulatory expectations.
Risk Management & Framework Execution * Partner with business and risk stakeholders to support the ... Act as a subject matter expert on technology and cybersecurity risk and regulatory expectations.
Sr. Engineer - Third-Party Cybersecurity & Risk Management
Charlotte, NC · On-site
$111K - $153K/yr
About the role As a Senior Engineer - Third-Party Cybersecurity & Risk Management , you will make an impact by strengthening vendor security posture and managing third-party cyber risks across the ...
Sr. Engineer - Third-Party Cybersecurity & Risk Management
Charlotte, NC · On-site
$111K - $153K/yr
About the role As a Senior Engineer - Third-Party Cybersecurity & Risk Management , you will make an impact by strengthening vendor security posture and managing third-party cyber risks across the ...
As part of this oversight role, experience with cybersecurity domains, operations, architecture ... Provide expert advice on risk management practices, offering practical solutions to mitigate ...
As part of this oversight role, experience with cybersecurity domains, operations, architecture ... Provide expert advice on risk management practices, offering practical solutions to mitigate ...
Sr. Analyst, Cyber Security
Fort Mill, SC · On-site
$93K - $120K/yr
... Product Risk Management program. The role involves identifying, assessing, and mitigating risks ... Required : • 4+ years or more of experience in technology and cyber security risk or audit ...
Sr. Analyst, Cyber Security
Fort Mill, SC · On-site
$93K - $120K/yr
... Product Risk Management program. The role involves identifying, assessing, and mitigating risks ... Required : • 4+ years or more of experience in technology and cyber security risk or audit ...
Ideal candidate will have a well-rounded application of cyber security risk management principles DLP operations regulatory requirements GDPR GLBA CCPA etc. security controls framework NIST strong ...
Ideal candidate will have a well-rounded application of cyber security risk management principles DLP operations regulatory requirements GDPR GLBA CCPA etc. security controls framework NIST strong ...
Sr Cyber Security Engineer
Charlotte, NC · On-site
Ideal candidate will have a well-rounded application of cyber security risk management principles DLP operations regulatory requirements GDPR GLBA CCPA etc. security controls framework NIST strong ...
Quick apply
Sr Cyber Security Engineer
Charlotte, NC · On-site
Ideal candidate will have a well-rounded application of cyber security risk management principles DLP operations regulatory requirements GDPR GLBA CCPA etc. security controls framework NIST strong ...
At least 3 years experience in Technology Risk Management, Cybersecurity Risk Management, IT Audit, or Information Security Governance * At least 6 years of Financial Services, Commercial Banking, or ...
At least 3 years experience in Technology Risk Management, Cybersecurity Risk Management, IT Audit, or Information Security Governance * At least 6 years of Financial Services, Commercial Banking, or ...
Third Party Risk Manager
Charlotte, NC · On-site
Information Technology and/or Cybersecurity background and/or experience, including 5-8+ years of IT, cybersecurity, risk management, or third-party risk experience with network, platform, and/or ...
Third Party Risk Manager
Charlotte, NC · On-site
Information Technology and/or Cybersecurity background and/or experience, including 5-8+ years of IT, cybersecurity, risk management, or third-party risk experience with network, platform, and/or ...
Sr. Analyst, Cyber Security
Fort Mill, SC · Remote
$92K - $154K/yr
This role requires a deep understanding of risk management practices and a proactive approach to ... Requirements: * 4+ years or more of experience in technology and cyber security risk or audit ...
Sr. Analyst, Cyber Security
Fort Mill, SC · Remote
$92K - $154K/yr
This role requires a deep understanding of risk management practices and a proactive approach to ... Requirements: * 4+ years or more of experience in technology and cyber security risk or audit ...
Sr. Analyst, Cyber Security
Fort Mill, SC · On-site
$92K - $154K/yr
This role requires a deep understanding of risk management practices and a proactive approach to ... Requirements: * 4+ years or more of experience in technology and cyber security risk or audit ...
Sr. Analyst, Cyber Security
Fort Mill, SC · On-site
$92K - $154K/yr
This role requires a deep understanding of risk management practices and a proactive approach to ... Requirements: * 4+ years or more of experience in technology and cyber security risk or audit ...
Cyber Security Analyst
Charlotte, NC · On-site
The Cyber Security Analyst is responsible for proactively identifying, investigating, and ... The role also supports risk management and compliance efforts by assisting with data flow ...
Cyber Security Analyst
Charlotte, NC · On-site
The Cyber Security Analyst is responsible for proactively identifying, investigating, and ... The role also supports risk management and compliance efforts by assisting with data flow ...
Cybersecurity Analyst SME
$164K - $212K/yr
Cyber and IT Risk Management Job Qualifications: Skills: Cyber Security Architecture, Risk Management Framework, Zero Trust Certifications: None Experience: 10 + years of related experience US ...
Cybersecurity Analyst SME
$164K - $212K/yr
Cyber and IT Risk Management Job Qualifications: Skills: Cyber Security Architecture, Risk Management Framework, Zero Trust Certifications: None Experience: 10 + years of related experience US ...
Cyber Security Strategy Planning and Program Manager
Charlotte, NC · On-site
$108K - $146K/yr
Ensures compliance with risk management programs, rules and regulations, and cybersecurity practices; identifies opportunities for and supports process improvements; applies disciplined change ...
Cyber Security Strategy Planning and Program Manager
Charlotte, NC · On-site
$108K - $146K/yr
Ensures compliance with risk management programs, rules and regulations, and cybersecurity practices; identifies opportunities for and supports process improvements; applies disciplined change ...
This role is ideal for someone early in their career who is passionate about cybersecurity, risk management, and audit readiness, and who enjoys collaborating across IT and business teams to ensure ...
Quick apply
Apply Early
This role is ideal for someone early in their career who is passionate about cybersecurity, risk management, and audit readiness, and who enjoys collaborating across IT and business teams to ensure ...
Apply Early
... policy while managing day-to-day legal risk where a single compliance failure can trigger ... Why This Role Matters Cybersecurity threats and data governance obligations are growing in ...
... policy while managing day-to-day legal risk where a single compliance failure can trigger ... Why This Role Matters Cybersecurity threats and data governance obligations are growing in ...
Implement and manage post-deployment quality assurance of cybersecurity related processes, technologies and controls * Develop and monitor cloud security metrics, key risk indicators, key performance ...
Implement and manage post-deployment quality assurance of cybersecurity related processes, technologies and controls * Develop and monitor cloud security metrics, key risk indicators, key performance ...
Cyber Security Operations Cell (CSOC) Night Shift Lead
Concord, NC · On-site
$103K - $139K/yr
Cyber and IT Risk Management Job Qualifications: Skills: Cyber Security Governance, Cyber Security Standards, Security Information and Event Management (SIEM), Team Management Certifications: CompTIA ...
Cyber Security Operations Cell (CSOC) Night Shift Lead
Concord, NC · On-site
$103K - $139K/yr
Cyber and IT Risk Management Job Qualifications: Skills: Cyber Security Governance, Cyber Security Standards, Security Information and Event Management (SIEM), Team Management Certifications: CompTIA ...
Senior Manager - Cybersecurity Maturity Model (CMMC)
Charlotte, NC · Remote
$113K - $153K/yr
Key Skills & Experience: ✅ Cyber Security GRC & Information Security Risk Management ✅ Cybersecurity Governance Frameworks (NIST, ISO 27001, CIS) ✅ GRC Platforms: ServiceNow GRC, Archer ✅ ...
Quick apply
Senior Manager - Cybersecurity Maturity Model (CMMC)
Charlotte, NC · Remote
$113K - $153K/yr
Key Skills & Experience: ✅ Cyber Security GRC & Information Security Risk Management ✅ Cybersecurity Governance Frameworks (NIST, ISO 27001, CIS) ✅ GRC Platforms: ServiceNow GRC, Archer ✅ ...
Sr. Analyst, Cyber Risk Governance & Reporting
Fort Mill, SC · On-site
$92K - $154K/yr
Senior Risk Governance And Reporting Technology Analyst Where Ambition Meets Innovation Build a ... management, including executive stakeholders * Understanding of cybersecurity principles ...
Sr. Analyst, Cyber Risk Governance & Reporting
Fort Mill, SC · On-site
$92K - $154K/yr
Senior Risk Governance And Reporting Technology Analyst Where Ambition Meets Innovation Build a ... management, including executive stakeholders * Understanding of cybersecurity principles ...
Cybersecurity Risk Management information
See Dallas, NC salary details
$49.7K - $59.9K
1% of jobs
$59.9K - $70.1K
4% of jobs
$70.1K - $80.4K
5% of jobs
$80.4K - $90.6K
9% of jobs
$96.2K is the 25th percentile. Wages below this are outliers.
$90.6K - $100.8K
11% of jobs
$100.8K - $111K
10% of jobs
The median wage is $115K / yr.
$111K - $121.2K
28% of jobs
$127.1K is the 75th percentile. Wages above this are outliers.
$121.2K - $131.5K
14% of jobs
$131.5K - $141.7K
11% of jobs
$141.7K - $151.9K
4% of jobs
$151.9K - $162.1K
4% of jobs
$49.7K
$115.9K
$162.1K
How much do cybersecurity risk management jobs pay per year?
Can I make $200,000 a year in cyber security?
What are some common challenges faced by professionals in Cybersecurity Risk Management, and how can they be addressed?
How much does a cybersecurity risk analyst make?
What is the difference between Cybersecurity Risk Management vs Cybersecurity Analyst?
| Aspect | Cybersecurity Risk Management | Cybersecurity Analyst |
|---|---|---|
| Certifications | CRISC, CISSP, CISM | CompTIA Security+, CEH, CISSP |
| Work Environment | Risk assessment, policy development, strategic planning | Monitoring security systems, incident response, vulnerability analysis |
| Employer & Industry Usage | Financial, healthcare, government, large enterprises | IT departments, cybersecurity firms, corporate security teams |
Cybersecurity Risk Management focuses on identifying, assessing, and mitigating security risks at an organizational level, often involving policy creation and strategic planning. In contrast, a Cybersecurity Analyst primarily monitors security systems, responds to incidents, and analyzes vulnerabilities. Both roles require similar certifications but serve different functions within cybersecurity teams.
What are the key skills and qualifications needed to thrive in Cybersecurity Risk Management, and why are they important?
What does a cyber risk manager do?
What is cybersecurity risk management?
Can you make $500,000 a year in cyber security?
Full-time
Medical, Dental, Vision, Life, Retirement, PTO
Posted 10 days ago
Truist rating
8.1
Based on 114 frontline employees who took The Breakroom Quiz
47th of 144 rated banks
Job description
The position is described below. If you want to apply, click the Apply Now button at the top or bottom of this page. After you click Apply Now and complete your application, you'll be invited to create a profile, which will let you see your application status and any communications. If you already have a profile with us, you can log in to check status.
Need Help?
If you have a disability and need assistance with the application, you can request a reasonable accommodation. Send an email to Accessibility (accommodation requests only; other inquiries won't receive a response).
Regular or Temporary:
RegularLanguage Fluency: English (Required)
Work Shift:
1st shift (United States of America)Please review the following job description:Truist is seeking a senior leader to transform, modernize, and operate the Cybersecurity Third-Party Risk Management (CTPRM) function within Truist Protection Services (TPS). Reporting to the Head of Security Governance, this role will redefine how cyber third-party risk is identified, assessed, and continuously monitored-leveraging agentic AI, automation, and advanced analytics to scale decision-making across Truist's ecosystem.This leader will drive the evolution from traditional, manual assessment models to intelligent, adaptive, and technology-driven risk management capabilities. The role partners closely with the Enterprise Third Party Risk Operations Function (TPROF), second line Risk, Business Information Security Officers (BISOs), Sourcing, Legal, and Technology teams to strengthen Truist's cyber supply chain posture at scale.
The ideal candidate has led CTPRM teams in a large, regulated environment, can translate technical risk into clear business decisions, and can drive measurable program outcomes at scale.
What success looks like
A modern, intelligence-driven CTPRM Function leveraging agentic AI and automation to reduce manual effort, accelerate assessments, and enable near real-time risk visibility across the third-party ecosystem.
Measurable improvements in assessment cycle time, signal quality, and automation coverage through the adoption of AI-driven workflows and decision support.
Executive-ready reporting that highlights top cyber risks, trends, and prioritized remediation actions across critical suppliers and services.
Strong partnerships across first, second, and third lines of defense and positive outcomes in regulatory and audit engagements.
ESSENTIAL DUTIES AND RESPONSIBILITIES
Following is a summary of the essential functions for this job. Other duties may be performed, both major and minor, which are not mentioned below. Specific activities may change from time to time.
This role leads the strategy, governance, and delivery of Truist's cybersecurity third-party risk managementFunction. Responsibilities will evolve as the Function scales and matures.
Architect and lead the transformation of the Cyber Third-Party Risk Management (CTPRM) operating model, embedding agentic AI, automation, and intelligent workflows to significantly improve scalability, speed, and risk insight.
Drive a culture of automation and innovation-challenging legacy processes, reducing manual effort, and continuously identifying opportunities to apply AI and emerging technologies to improve program effectiveness.
Own the cyber contract deviation (exception) governance process-including intake, risk analysis, decision support, approvals, documentation, and ongoing monitoring/expiration, in partnership with Legal.
Build, lead, and continuously improve the third-party cybersecurity assessment activities(methodology, scoping, testing/evidence standards, quality assurance) and drive timely remediation of identifiedThird Party Sub-Issuesand risks.
Leverage agentic AI, technology, data, third-party intelligence, and strategic partners to scale assessment throughput, improve risk signal quality, and increase automation where appropriate.
Partner with BISOs and business leaders to integrate cyber third-party risk into business decisions, onboarding, change management, and ongoing Third Partyperformance/risk reviews.
Hire, develop, and retain a high-performing team of cybersecurity andthird-party cybersecurity risk professionals; set clear goals, coaching, and a strong culture of accountability and collaboration.
Partner with second line Risk to align oversight expectations, strengthen issue management, and reduce Truist's exposure to cyber supply chain and concentration risk.
Establish strong cross-functional working relationships and alignment across TPS, EnterpriseTPROF, Technology, Procurement, Legal, and business stakeholders, embodying a "we deliver together" culture.
Support regulatory exams and internal audit engagements related to information security and third-party cybersecurity risk; ensure timely, accurate responses, sustainable remediation, and strong control evidence.
QUALIFICATIONS
Required Qualifications:
The requirements listed below are representative of the knowledge, skill and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
1. BS IT/ Computer Science / Cyber Security, MIS, Economics, Finance, Operations Management, or a related discipline. MBA or related graduate degree a plus.
2. 15+ years professional experience in top 10 USA banks or other financial institution, consulting firm, and/ or software company, preferably within a merger/acquisition environment with significant transformational change with people, process, and technology.
3. 10+ years information security and third-party security threat and risk assessment and management experience, including using industry frameworks such as ITIL, COBIT, NIST CSF, CIS RAM, MITRE.
4. 2+ years' experience with digital banking deployed on public cloud platforms and (strong plus) leveraging artificial intelligence technologies.
5. Broad knowledge of Information Security frameworks (e.g., NIST, FFIEC), regulations (SOX, GLBA, NYDFS), functions (Anticipate, Protect, Detect, Respond) and information security controls.
6. Expertise working across IT and business functions and with second and third lines of defense, and regulators.
7. Demonstrates strong relationship management skills.Proven ability to quickly build trust and rapport with others in order to structure problems, build consensus, and negotiate agreement.
8. Proven ability to manage large, deadline-driven projects in a way that reduces risk, ensures predictable results, meets or exceeds its timeline.
9. Thrives in a fast-paced environment, can think and act both tactically and strategically.
10. Exhibits high degree of creativity, self-motivation, and commitment to task.
11. Ability to create a strong network of relationships among peers, internal partners, external constituencies, and decision makers to deliver end products.
12. Experience preparing materials for and comfortable presenting to executive management.
13. Excellent written and oral communication skills.
14. Strong coordination, influencing and negotiation skills.
15. Excellent risk-based judgement and decision making
16. Passionate about building world-class Information Security programs.
The annual base salary for this position is $220,000 - $265,000
General Description of Available Benefits for Eligible Employees of Truist Financial Corporation: All regular teammates (not temporary or contingent workers) working 20 hours or more per week are eligible for benefits, though eligibility for specific benefits may be determined by the division of Truist offering the position.Truist offers medical, dental, vision, life insurance, disability, accidental death and dismemberment, tax-preferred savings accounts, and a 401k plan to teammates. Teammates also receive no less than 10 days of vacation (prorated based on date of hire and by full-time or part-time status) during their first year of employment, along with 10 sick days (also prorated), and paid holidays. For more details on Truist's generous benefit plans, please visit our Benefits site. Depending on the position and division, this job may also be eligible for Truist's defined benefit pension plan, restricted stock units, and/or a deferred compensation plan. As you advance through the hiring process, you will also learn more about the specific benefits available for any non-temporary position for which you apply, based on full-time or part-time status, position, and division of work.
Truist is an Equal Opportunity Employer that does not discriminate on the basis of race, gender, color, religion, citizenship or national origin, age, sexual orientation, gender identity, disability, veteran status, or other classification protected by law. Truist is a Drug Free Workplace.
EEO is the Law E-Verify IER Right to Work
About Truist
Sourced by ZipRecruiter
Truist is combining distinctive personal service with investments in innovation to create transformational client experiences. We believe the unique blend of human touch and innovative technology will set us apart, instill confidence, and build deeper levels of trust with our clients
Industry
Finance and insurance
Company size
10,000+ Employees
Headquarters location
Charlotte, NC, US
Year founded
2019