Director - Operational Risk, Cybersecurity

Description

Director, Operational Risk Management Oversight – Cybersecurity Risk

Citizens is hiring a Director to join our Operational Risk Management Oversight team with a focus on cybersecurity risk. This leadership role provides independent oversight, review, and challenge of cybersecurity-related risks across the enterprise. You will collaborate with senior stakeholders to ensure material risks are well defined, effectively managed, and aligned with regulatory expectations. Strong knowledge of emerging technology risks, cybersecurity standards, best practices, and U.S. regulatory requirements is essential.

Key Responsibilities
• Lead a team of three providing independent oversight and challenge of cybersecurity risk management activities within the first line of defense. Evaluate formal risk program activities including Risk and Control Self-Assessments, issues management, controls management, and new business initiative risk assessments.
• Advise first line risk partners on complex risk issues while assessing aggregate enterprise-wide risks. Collaborate across all three lines of defense, escalate emerging risk issues requiring remediation, and drive accountability. Maintain strong relationships with internal stakeholders and regulatory agencies.
• Monitor external trends and regulatory priorities to assess impact on the enterprise risk profile. Partner with stakeholders to implement mitigation strategies.
• Participate in cybersecurity incident response activities to ensure real-time risk assessment and appropriate mitigation. Post-incident, lead or contribute to root cause analysis and recommend next steps.
• Conduct targeted risk assessments on emerging issues to provide independent opinions on enterprise impact.
• Operate within governance structures while identifying opportunities to improve efficiency and effectiveness. Manage policy and program governance and perform assurance activities to assess compliance.
• Engage with business areas to provide domain-relevant advice, monitoring, and credible challenge to ensure the Operational Risk Management Program is effectively implemented.

Required Experience
• 8+ years demonstrated cybersecurity domain expertise
• 4+ years risk management experience in financial services
• Expert knowledge of cybersecurity risks and controls
• Experience in a financial services organization under strong regulatory oversight
• Ability to build and maintain senior executive relationships
• Proven leadership experience managing teams
• Strong decision-making and judgment skills
• Ability to challenge status quo and influence outcomes
• Excellent business writing and communication skills
• Proficiency in MS Word, Excel, PowerPoint, and Visio

Education and Certifications
• Bachelor’s degree required
• Preferred certifications: CISSP, CISM, CISA, CRISC, or other relevant risk certifications

Work Schedule and Location
• Hours per Week: 40
• Locations: Johnston RI, Boston MA, Westwood, MA, Iselin NJ
• Schedule: Monday–Friday

Pay Transparency

The salary range for this position is $175,500-$230,000 per year, plus an opportunity to earn an annual discretionary bonus. Actual pay is based on various factors including but not limited to the work location, and relevant skills and experience.  

We offer competitive pay, comprehensive medical, dental and vision coverage, retirement benefits, maternity/paternity leave, flexible work arrangements, education reimbursement, wellness programs and more. Note, Citizens’ paid time off policy exceeds the mandatory, paid sick or paid time-away policy of very local and state jurisdiction in the United States. For an overview of our benefits, visit https://jobs.citizensbank.com/benefits.

#LI-Citizens2

Some job boards have started using jobseeker-reported data to estimate salary ranges for roles. If you apply and qualify for this role, a recruiter will discuss accurate pay guidance.

Equal Employment Opportunity

Citizens, its parent, subsidiaries, and related companies (Citizens) provide equal employment and advancement opportunities to all colleagues and applicants for employment without regard to age, ancestry, color, citizenship, physical or mental disability, perceived disability or history or record of a disability, ethnicity, gender, gender identity or expression, genetic information, genetic characteristic, marital or domestic partner status, victim of domestic violence, family status/parenthood, medical condition, military or veteran status, national origin, pregnancy/childbirth/lactation, colleague’s or a dependent’s reproductive health decision making, race, religion, sex, sexual orientation, or any other category protected by federal, state and/or local laws. At Citizens, we are committed to fostering an inclusive culture that enables all colleagues to bring their best selves to work every day and everyone is expected to be treated with respect and professionalism. Employment decisions are based solely on merit, qualifications, performance and capability.