The position is described below. If you want to apply, click the Apply Now button at the top or bottom of this page. After you click Apply Now and complete your application, you'll be invited to create a profile, which will let you see your application status and any communications. If you already have a profile with us, you can log in to check status.
Need Help? (https://www.brainshark.com/bbandt/careers-site-faq)
If you have a disability and need assistance with the application, you can request a reasonable accommodation. Send an email to Accessibility (careers@truist.com?subject=Accommodation%20request)
(accommodation requests only; other inquiries won't receive a response).
Regular or Temporary:
Regular
Language Fluency: English (Required)
Work Shift:
1st shift (United States of America)
Please review the following job description:
Manages Truist's Corporate Cybersecurity Client Identity and Access Management risk management functions. Objective is to harvest, consolidate and conduct deep analysis of all identified CIAM risks across the different risk identification mechanisms, management of the end-to-end lifecycle to determine proper priority, proper risk management treatment of risks, with continuous monitoring, and robust executive and process level reporting. Leads, develops, and executes strategies for identifying, monitoring, and controlling Client Identity and Access Management risks in alignment to FFIEC AAFISS, NIST authoritative sources, the associated External Client IAM standard, and defined authentication controls across the Enterprise to include Digital, Client Contact Center, and Branch.
Essential Duties and Responsibilities: Following is a summary of the essential functions for this job. Other duties may be performed, both major and minor, which are not mentioned below. Specific activities may change from time to time.
Leads a strategic process and procedural approach to the consolidation of CIAM risks and the risk treatment lifecycle
Conducts risk analysis of CIAM risks - validation/disposition of risk criteria, condition, root cause and risk rating
Engagement with risk identification process owners to understand their processes and procedures. Use as inputs to the CIAM risk management processes for risk management lifecycle execution
Full ownership of the Client IAM risk management process and procedure
Own monitoring process of risks with robust PowerPoint reporting presentations to all Stakeholder groups within the CIAM operating model
Ownership of the Truist Client Identity Access Management Standard in alignment with FFIEC AAFISS
Facilitation of qualified risks into the formal Issue Management process and/or the Governance Controls Organization, with tracking/reconciliations
May facilitate a team of professional-level individual contributors. Sets the team's direction and communicates individual and team priorities. Manages deliverables for the team against expected results. Makes judgments about priorities and the team's approach to work based on an understanding of how the team contributes to the achievement of broader objectives.
Contributes to the development of cyber governance strategies and manages all aspects of internal and external audits.
Required Qualifications:
The requirements listed below are representative of the knowledge, skill and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
Five years related experience in end-to-end cyber risk management processes
Deep knowledge of Technology risk management concepts
Risk management evaluation skills
High skilled reporting and PowerPoint presentation skills
Technical writing skills (procedure writing)
Bachelor's degree preferably in computer science, data science, regulatory affairs, business, organizational or compliance law, or financial services
years related experience at a large financial institution performing legal, compliance, or other duties such as risk management and/or project management
Ability to lead projects of moderate complexity and notable risk exposure.
Strong knowledge on cybersecurity risks, frameworks, best practices, and industry/regulatory requirements. Knowledge and experience in use of cyber security governance programs.
Preferred Qualifications:
Master's degree or MBA and 8 years of experience or an equivalent combination of education and work experience
Deep knowledge of FFIEC AAFISS and NIST
Experience interacting with financial services regulatory bodies; preferably Office of the Comptroller of the Currency (OCC), Federal Reserve Board (FRB), FDIC, etc. (laws, rules, regulations, and guidance)
Cybersecurity certifications such as CISA, CISSP
Regulatory Change Management experience
General Description of Available Benefits for Eligible Employees of Truist Financial Corporation: All regular teammates (not temporary or contingent workers) working 20 hours or more per week are eligible for benefits, though eligibility for specific benefits may be determined by the division of Truist offering the position. Truist offers medical, dental, vision, life insurance, disability, accidental death and dismemberment, tax-preferred savings accounts, and a 401k plan to teammates. Teammates also receive no
. Depending on the position and division, this job may also be eligible for Truist's defined benefit pension plan, restricted stock units, and/or a deferred compensation plan. As you advance through the hiring process, you will also learn more about the specific benefits available for any non-temporary position for which you apply, based on full-time or part-time status, position, and division of work.
Truist supports a diverse workforce and is an Equal Opportunity Employer that does not discriminate against individuals on the basis of race, gender, color, religion, citizenship or national origin, age, sexual orientation, gender identity, disability, veteran status or other classification protected by law. Truist is a Drug Free Workplace.
EEO is the Law (https://www.eeoc.gov/sites/default/files/2022-10/EEOC_KnowYourRights_screen_reader_10_20.pdf)
Pay Transparency Nondiscrimination Provision (https://www.dol.gov/sites/dolgov/files/OFCCP/pdf/pay-transp_%20English_formattedESQA508c.pdf)
E-Verify (https://e-verify.uscis.gov/web/media/resourcesContents/E-Verify_Participation_Poster_ES.pdf)
