Skip to main content

Governance, Risk, Compliance (GRC) Specialist Senior

Miami, Florida

Apply Now

The Information Technology (IT) department is a critical part of City National Bank of Florida and is responsible for developing, maintaining, and securing the company's technology infrastructure. Our IT department provides technological solutions to support business operations, enhance communication, and improve productivity. We employ a wide range of professionals, including software developers, network administrators, database administrators, and IT support specialists. These professionals work together to design, develop, deploy, and maintain various technological solutions.

  • Job Type: Full Time
  • Workplace Policy: Hybrid
  • Travel: Minimal (if any)

Success Profile

  • Achiever
  • Collaborative
  • Technologically Savvy
  • Multi-tasker
  • Digitally Savvy
  • Problem Solver

Culture

Our entrepreneurial, win-together team thinks boldly, looks to and learns from each other, and is focused on creating big client successes that lead to big career growth.

“One of the things I love most about being an IT professional at CNB is the sense of purpose and impact that it provides. In today's digital age, technology is at the heart of many businesses and organizations, and being a part of that means that I am helping to shape and improve the world around me. At CNB, we thrive on making this happen. Whether it’s developing new software applications, securing sensitive data, or managing complex systems, being a CNB IT professional allows me to make a meaningful contribution to the lives of our employees daily.”

End User Technology Support, City National Bank of Florida

Governance, Risk, Compliance (GRC) Specialist Senior

Workplace Policy Full Time In Office Job ID 2024-5119 Date posted 10/08/2024
Apply Now
Overview:

The Senior GRC Specialist is responsible for conducting security assessments, control testing, and reporting activities in alignment with the Bank's Internal Controls, regulatory requirements, and departmental policies. This role includes updating and maintaining control matrices and spreadsheets, and making recommendations to management based on findings. The Senior GRC Specialist Senior ensures rigorous compliance with internal controls, regulatory standards, and information security protocols. Plays a crucial role in collaborating with internal audit, external audit firms, and regulatory agencies, providing necessary documentation as required. Additionally, the role assumes the lead in safeguarding all protected information handled by the Bank, demonstrating strong independent judgment and operational oversight.

Principal Duties & Responsibilities:


• Expert knowledge of SOX, Control Testing, and working with cross-functional teams to identify, assess, aggregate, report and mitigate current and emerging risk events.
• Leverage broad experience to coordinate work assignments with process owners, control owners, external auditors, consultants and ensure issues are documented and monitored.
• Expert at negotiating prioritization of risks and performing control testing, document results, and provide updates to the business.
• Partner with internal stakeholders on design of internal controls for ongoing risk mitigation of information systems based on regulatory requirements and best practices.
• Clearly and effectively communicate security issues and risks to diverse audience and ensure compliance with applicable controls based on a unified framework
• Exhibit strategic agility and proactively identify and correct process gaps and improvements to further the maturity of the Bank’s information security program in alignment with company goals and objectives.
• Use best practices and industry knowledge to help guide program leaders risk remediation efforts, ensuring adequacy of response and timeliness based on risks.
• Carries major assignments in conducting business operations, and supports technology in the evaluation of risks and controls, particularly when evaluating the high-risk processes and applications and play an important role in program strategic planning and execution of tasks.
• Perform risk and control effectiveness test while partnering with applications/systems/data Assists in evaluating and supporting document request to facilitate audit engagements.
• Ability to work independently on complex programs and assignments with diverse teams and perform other duties as assigned.
• Instrumental in identifying, developing, and monitoring program metrics and supporting reporting to board committees. Remains current on best practices and technological advancements and acts as the technical resource for security assessment and regulatory compliance.
• Performs other related duties as assigned.


Qualifications:
  • 5-7 years of applied work experience in cyber security programs, audits, assessments, risk, remediation, or cyber security compliance management.
  • Applicable information security management, governance, and compliance principles, practices, laws, rules, regulations, and frameworks such as GLBA, FFIEC and NIST;
  • Information technology systems and processes, network infrastructure, data architecture, data processes, and protocols;
  • Cyber and cloud security standard frameworks, architecture, design, operations, controls, technology, solutions, and service orchestration;
  • Information systems auditing, monitoring, controlling, and assessment process;
  • Incident response management;
  • Risk assessment and management methodology.
  • Proficiency using Microsoft Office software products such as Word, Excel, and PowerPoint.
  • Developing and implementing enterprise governance, risk, and compliance strategy and solutions;
  • Researching and locating information related to internal and external organizations using online and other sources;
  • Security project management and planning;
  • Maintaining confidentiality;
  • Troubleshooting and operating a computer and various software packages;
  • Defining problems, collecting and analyzing data, establishing facts and drawing valid conclusions;
  • Using judgment and ingenuity in maintaining objectives and technical standards;
  • Effectively communicate technical issues to diverse audiences, both in writing and verbally;
  • Apply a risk-based approach to planning, executing, and reporting on audit engagements and auditing process;
  • Handle sensitive and confidential matters, situations, and data;

Licenses & Certifications

  • Certification in any of the following is a plus: CISA, CRISC or CISSP.

Education:
  • Bachelor's Degree in Business Administration, Risk or related field (relevant experience may substitute for the degree requirement)

Special information to candidates:
  • Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities.
  • Please view Equal Employment Opportunity Posters provided by OFCCPhere.
  • The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor's legal duty to furnish information. 41 CFR 60-1.35(c)
  • Reasonable accommodation may be made to assist individuals with disabilities to complete the online application process. Please contact our Human Resources Department at 305-577-7680 or by e-mail at employment@citynational.com

Apply Now

Explore this location

Learn More
The City National Bank logo on a wall

Community focus, global reach.

Our roots are in Florida’s communities, but our reach is far greater. Bci, our parent company, spans from Chile to China, connecting us to global resources and capabilities.

Learn More
Great Place To Work - Certified, July 2023 to July 2024

Great Place To
Work® Certified

Benefits

  • Medical

    We are proud to offer you a choice of medical plans that provide comprehensive medical and prescription drug coverage. The plans also offer many resources and tools to help you maintain a healthy lifestyle.

  • 401(k)/Retirement Plans

    We don't just want you to have a great career, but a great life, so we provide a comprehensive 401(k) program that provides 100% match up to 5%.

  • Tuition Reimbursement

    We offer you the opportunity to make your educational dreams a reality. We provide financial assistance for undergraduate and graduate studies.

  • Holidays

    As if we don't have plenty of PTO, we also celebrate all national holidays. This perk just keeps on giving: see the list of holidays.

  • Awards & Recognition

    We believe that employee engagement doesn't just happen, you have to make it happen, and we do. Here you will have very strong awards and recognition programs that celebrate the true you.

  • Flex Time

    We are all-in on the office, but understand that working from home has some benefits, so, for some roles we offer the best of both worlds. We have a hybrid work schedule so you can too.