Cybersecurity Risk Senior Specialist
Company: Truist Bank
Location: Richmond
Posted on: April 2, 2026
|
|
|
Job Description:
The position is described below. If you want to apply, click the
Apply Now button at the top or bottom of this page. After you click
Apply Now and complete your application, you'll be invited to
create a profile, which will let you see your application status
and any communications. If you already have a profile with us, you
can log in to check status. Need Help? If you have a disability and
need assistance with the application, you can request a reasonable
accommodation. Send an email to Accessibility (accommodation
requests only; other inquiries won't receive a response). Regular
or Temporary: Regular Language Fluency: English (Required) Work
Shift: 1st shift (United States of America) Please review the
following job description: Key contributor to the Truist second
line-of-defense (LoD2) Cyber Security and Fraud Risk team
responsible for independent risk oversight of one or more Cyber
Security/Fraud risk domains within Information Risk management.
Partner with Enterprise Technology teammates and stakeholders in
assigned oversight areas, advise on risk-related topics,
effectively challenge through risk programs, and independently
evaluate technology risk in the Truist environment. Justification
Essential Duties and Responsibilities Following is a summary of the
essential functions for this job. Other duties may be performed,
both major and minor, which are not mentioned below. Specific
activities may change from time to time. 1. Provide independent
risk oversight (i.e. LOD2) for Truist Technology and related
consult to Truist Business Units through the effective
identification, mitigation, monitoring and reporting of technology
risk and other related risks (e.g., operational, compliance) within
Enterprise Technology. 2. Serve as a subject matter expert and
steward of the Information Risk Framework to identify, report and
mitigate information risks. 3. Execute independent assessment and
oversight of the maturity of technology and adequacy of technology
controls to achieve business outcomes for performance, stability,
security and service availability. 4. Strengthen and sustain
proactive risk culture through conducting effective risk focused
management and partnership routines with technology teams and
internal partners. Interface with senior leaders and key partners
across the organization. 5. Review and challenge outcomes of first
line-of-defense risk program execution. 6. Monitor legal,
regulatory, compliance and audit matters for assigned Enterprise
Technology oversight area(s) and ensures timely action. 7. Lead
complex projects that have broad technology and enterprise level
impact with implications and/or resource requirements beyond risk
management. Provide informal leadership to others and serves as a
resource on complex solutions. 8. Comfortable in interdisciplinary,
matrix environments. Use acumen and skills to effectively bridge
business and IT functions seamlessly. Pivot quickly between
advisory consultant and implementation consultant roles.
Qualifications Required Qualifications: The requirements listed
below are representative of the knowledge, skill and/or ability
required. Reasonable accommodations may be made to enable
individuals with disabilities to perform the essential functions.
1. Bachelor's Degree or an equivalent combination of education and
experience. 2. Ten years of banking, technology, operations or risk
management experience including experience working within one or
more Cyber Risk oversight domains such VPM, DLP, encryption, IAM,
network security, security operations. 3. Strong business acumen /
knowledge, management experience, problem solving, critical
thinking, influencing and decision-making skills. 4. Experience
operating independently and navigating ambiguity to deliver value.
5. Excellent interpersonal and communication skills demonstrating
the ability to establish credibility with all levels of management
effectively. 6. Demonstrated ability to organize and manage complex
initiatives and deliver high-quality, executive level work
products. 7. Comfort with data and applying analysis to derive
value-add insights. 8. Adept with Microsoft Office products.
Preferred Qualifications: 1. Master's degree in Business
Administration (MBA) or advanced degree in Business Management,
Technology or Finance. 2. Familiarity with financial services
technology-related laws, rules, regulations, and risk management
standards (e.g. Federal Financial Institutions Examination Council
(FFIEC), Control Objectives for Information and Related Technology
(COBIT), NIST (National Institute of Standards and Technology),
Information Technology Infrastructure Library (ITIL)). 3.
Familiarity with regulations applicable to enterprise fraud (Reg E,
Reg CC, UDAAP, AML) and/or first line experience managing fraud
related cases, filing regulatory reports, and a deep understanding
of fraud vulnerabilities inherent in our products & services (e.g.
ach/wire transfers) 4. Familiarity with risk management &
governance activities to include, but not limited to: policy and
framework development, leading risk assessments, developing key
risk indicators and thresholds, and incident response and
remediation 5. Familiarity with enterprise Governance Risk and
Compliance (eGRC) platforms and tools (e.g., RSA Archer).
Professional risk management designations such as Certified Fraud
Examiner (CFE), Certified Information Systems Auditor (CISA),
Certified in Risk and Information Systems Control (Information
Systems Audit and Control Association), and/or Project Management
certification. General Description of Available Benefits for
Eligible Employees of Truist Financial Corporation: All regular
teammates (not temporary or contingent workers) working 20 hours or
more per week are eligible for benefits, though eligibility for
specific benefits may be determined by the division of Truist
offering the position. Truist offers medical, dental, vision, life
insurance, disability, accidental death and dismemberment,
tax-preferred savings accounts, and a 401k plan to teammates.
Teammates also receive no less than 10 days of vacation (prorated
based on date of hire and by full-time or part-time status) during
their first year of employment, along with 10 sick days (also
prorated), and paid holidays. For more details on Truist’s generous
benefit plans, please visit our Benefits site . Depending on the
position and division, this job may also be eligible for Truist’s
defined benefit pension plan, restricted stock units, and/or a
deferred compensation plan. As you advance through the hiring
process, you will also learn more about the specific benefits
available for any non-temporary position for which you apply, based
on full-time or part-time status, position, and division of work.
Truist is an Equal Opportunity Employer that does not discriminate
on the basis of race, gender, color, religion, citizenship or
national origin, age, sexual orientation, gender identity,
disability, veteran status, or other classification protected by
law. Truist is a Drug Free Workplace. EEO is the Law E-Verify IER
Right to Work
Keywords: Truist Bank, Charlottesville , Cybersecurity Risk Senior Specialist, IT / Software / Systems , Richmond, Virginia
