Cybersecurity Risk Manager

Description

Cyber Security Risk Manager

Description:

As a 1 Line Technology Risk – Cybersecurity team member, you will apply your knowledge of cybersecurity regulations, best practices, and maturity opportunities to support our Cybersecurity business function. This is a key role in helping ensure our Cybersecurity team is informed of risks within their domain so that standard and control objectives are met within our risk appetite. The ideal candidate will be able to excel within ambiguity, function independently, all while developing influential relationships to support their customers.

Responsibilities:

• Evaluate effective of controls and escalate as appropriate.

• Support the identification and quantification/qualification of risks with Threat and Vulnerability Management, Vulnerability SDLC, Zero Trust, or the Network Cybersecurity segment(s)

• Manage the governance of issues through their lifecycle, from ideation to validation and subsequent closure

• Execute risk assessments against defined scopes and planned initiatives in alignment with our enterprise risk management frameworks

• Support and execute various processes such as Risk and Control Self-Assessment (RCSA), Exception Management, and assigned business governance groups

• Provide advisory and guidance on control design, cybersecurity standards/policies, metrics, and processes to help meet regulatory or maturity requirements

• Support executive reporting on the health and status of our risk, issues, and control portfolio

• Act as a trusted advisor to your customer, helping work through ambiguity and providing a risk perspective to new challenges or opportunities

• Deliver timely escalation of all issues requiring attention to senior management.

• Work with business segment management to ensure that the overall risk function is effectively supporting strategic goals.

• Collaborate with audit/business segment/corporate risk to address issues with plausible action plans and target dates.

• Must be aware of and keep abreast of credit risk associated with assigned business segment.

• Performs other duties as assigned.

Basic Qualifications: 

• Bachelor’s degree

• Minimum of 5 years of experience in Audit, Compliance, Risk Management or Operational Risk.

• In lieu of a Bachelor’s degree 4 additional years of segment-specific or risk related experience may be considered​

Preferred Qualifications: 

• 2 years’ experience in cybersecurity or related domain

• 2 years’ experience in one or more cloud platforms AWS, Azure, GCP

• 2 years’ experience with deployment pipelines, DevOps, Containers, and API’s.

• 2 years’ experience with threat modeling

• 2 years’ experience with cybersecurity related policy, procedures, or standards governance

• 2 years’ experience with quantitative/qualitative risk assessments

• Excellent communication skills required to negotiate internally, often at a senior level.  

• At least 7 years of experience within the financial services industry

• At least 4 years of experience working at a Category 3 or higher financial institution

• CISSP, CISM, CISA, GIAC, CIPP/US or other security/privacy certifications preferred but not required

• Organized, responsive, and highly thorough problem solver

• Demonstrable cyber risk knowledge based on working in real-world environments & situations.  

Exempt Status: (Yes= not eligible for overtime pay) (No= eligible for overtime pay)

Workplace Type:

Our Approach to Office Workplace Type

Certain positions outside our branch network may be eligible for a flexible work arrangement. We’re combining the best of both worlds:  in-office and work from home. Our approach enables our teams to deepen connections, maintain a strong community, and do their best work. Remote roles will also have the opportunity to come together in our offices for moments that matter. Specific work arrangements will be provided by the hiring team.

Compensation Range:

The compensation range represents the anticipatedlow and high end of the base compensation range for this position. Actual compensation will vary based on various factors including but not limited to location, experience, and education.  Colleagues in this position are also eligible to participate in an applicable incentive compensation plan.  In addition, Huntington provides a variety of benefits to colleagues, including health insurance coverage, wellness program, life and disability insurance, retirement savings plan, paid leave programs, paid holidays and paid time off (PTO). 

Huntington is an Equal Opportunity Employer.

Tobacco-Free Hiring Practice: Visit Huntington's Career Web Site for more details.

Note to Agency Recruiters:  Huntington will not pay a fee for any placement resulting from the receipt of an unsolicited resume.  All unsolicited resumes sent to any Huntington colleagues, directly or indirectly, will be considered Huntington property. Recruiting agencies must have a valid, written and fully executed Master Service Agreement and Statement of Work for consideration.