• Job Description

  Req#: 6750

  Description

  SUMMARY: We are seeking a highly skilled and experienced Cyber Risk Analyst to join our financial institution's Second Line of Defense team. This critical role involves providing oversight of threat and vulnerability management programs and spearheading the implementation and management of a cutting-edge cyber risk quantification solution. The ideal candidate will have a strong background in cyber risk management, exceptional analytical skills, and a proactive approach to identifying and mitigating cyber threats. The candidate will provide independent assessment and oversight of the cyber risk practices carried out by the first line of defense. The candidate will ensure that cyber risk is managed in accordance with the risk appetite defined by senior management and promote a strong risk culture through the organization.

  
  

  ESSENTIAL DUTIES AND RESPONSIBILITIES include the following. Other duties and special projects may be assigned.

  • Conducts independent controls testing and vulnerability scans on a regular basis and provide credible challenge to the First Line of Defense on security gaps and weaknesses. Collaborate with the First Line of Defense to ensure timely and effective identification and mitigation of vulnerabilities.
  • Participates in the implementation of a comprehensive cyber risk quantification solution. Continuously monitor and update the cyber risk quantification tool to reflect the evolving threat landscape and organizational changes.
  • Identifies, develops, and reports on key risk indicators (KRIs) to provide insights into the Bank's cyber risk profile.
  • Supports the development and maintenance of security policies, standards, and procedures.
  • Evaluates and recommend cloud security controls and best practices, such as those recommended by NIST CSF and 800-53, CIS, etc.
  • Coordinates with internal and external stakeholders to ensure the timely and effective implementation of security controls and remediation actions.
  • Adheres to and complies with applicable, federal and state laws, regulations and guidance, including those related to anti-money laundering (i.e. Bank Secrecy Act, US PATRIOT Act, etc.).
  • Adheres to Bank policies and procedures and completes required training.
  • Identifies and reports suspicious activity.

  EDUCATION

  
  Bachelor's Degree in Cybersecurity, Computer Science, or a related field

  
  

  EXPERIENCE

  • Minimum 3-5 years of experience in cybersecurity, threat and vulnerability management, or related fields
  • Experience with cybersecurity tools and risk quantification methodologies preferred

  
  

  CERTIFICATES, LICENSES, REGISTRATIONS

  • Professional certifications such as CISSP and CRISC are desirable.
  • Professional certifications such as CCSK, CCSP, or AWS are preferred.

  
  

  KNOWLEDGE, SKILLS AND ABILITIES

  • Understanding of risk management principles, control frameworks (NIST CSF, 800-53), and regulatory requirements.
  • Excellent analytical, communication, and leadership skills.
  • Ability to work effectively in a fast-paced and dynamic environment.

  ADDITIONAL INFORMATION

  • Candidates residing in locations within BankUnited's footprint may be given preference.

  Qualifications

  Candidates residing in locations within BankUnited's footprint may be given preference.

• About the company

  BankUnited provides a full range of online banking solutions, including personal, commercial, and small business financing, checking, savings and lending.

Notice