Technology Risk Director- CyberSecurity
Citizens Bank, Johnston, RI, United States
Description
As a First Line of Defense Cybersecurity Risk Director within the Enterprise Technology Security (ETS) Risk organization, you will provide strategic leadership in protecting the organization against evolving cyber threats while enabling business innovation. This role is accountable for the design, execution, and continuous maturity of the cybersecurity risk management framework, ensuring cyber risks are proactively identified, assessed, mitigated, monitored, and transparently reported. You will serve as a trusted advisor to senior leadership, translating complex cybersecurity and technology risks into clear business impacts and risk‑based decisions aligned to enterprise risk appetite. The role partners closely with Technology, Corporate Security, Legal, Compliance, Risk, Audit, and business leaders to ensure cybersecurity risk strategies are fully integrated with business objectives, regulatory expectations, and enterprise resilience goals. You will also lead and develop a high performing team of cybersecurity risk professionals, fostering a culture of strong risk discipline, constructive challenge, and continuous improvement across the organization.
Key Responsibilities
Leadership & Strategy
Lead, coach, and develop a team of cybersecurity risk analysts, principals, and managers, establishing a consistent, scalable, and value driven risk support model across the enterprise.
Define and evolve the cybersecurity risk management strategy and operating model, ensuring alignment with enterprise risk appetite, regulatory requirements, and business priorities.
Translate cyber and technology risks into business relevant impacts, enabling senior management to make informed, risk‑based decisions.
Cybersecurity Risk Management & Oversight
Establish and oversee an end‑to‑end cybersecurity risk management process that enables continuous identification, analysis, assessment, treatment, and monitoring of cyber and technology risks.
Define and maintain key risk indicators (KRIs), controls, and control testing strategies to measure cybersecurity risk exposure and control effectiveness.
#J-18808-Ljbffr
As a First Line of Defense Cybersecurity Risk Director within the Enterprise Technology Security (ETS) Risk organization, you will provide strategic leadership in protecting the organization against evolving cyber threats while enabling business innovation. This role is accountable for the design, execution, and continuous maturity of the cybersecurity risk management framework, ensuring cyber risks are proactively identified, assessed, mitigated, monitored, and transparently reported. You will serve as a trusted advisor to senior leadership, translating complex cybersecurity and technology risks into clear business impacts and risk‑based decisions aligned to enterprise risk appetite. The role partners closely with Technology, Corporate Security, Legal, Compliance, Risk, Audit, and business leaders to ensure cybersecurity risk strategies are fully integrated with business objectives, regulatory expectations, and enterprise resilience goals. You will also lead and develop a high performing team of cybersecurity risk professionals, fostering a culture of strong risk discipline, constructive challenge, and continuous improvement across the organization.
Key Responsibilities
Leadership & Strategy
Lead, coach, and develop a team of cybersecurity risk analysts, principals, and managers, establishing a consistent, scalable, and value driven risk support model across the enterprise.
Define and evolve the cybersecurity risk management strategy and operating model, ensuring alignment with enterprise risk appetite, regulatory requirements, and business priorities.
Translate cyber and technology risks into business relevant impacts, enabling senior management to make informed, risk‑based decisions.
Cybersecurity Risk Management & Oversight
Establish and oversee an end‑to‑end cybersecurity risk management process that enables continuous identification, analysis, assessment, treatment, and monitoring of cyber and technology risks.
Define and maintain key risk indicators (KRIs), controls, and control testing strategies to measure cybersecurity risk exposure and control effectiveness.
#J-18808-Ljbffr