Citizens Financial Group, Inc

Technology Risk Director- CyberSecurity

Citizens Financial Group, Inc$190K — $240K *
Finance & Insurance
8 - 10 years of experience
Job Overview by Ladders

Qualifications

  • 10+ years in Cybersecurity/IT, particularly in enterprise settings
  • 10+ years of risk management in financial services, emphasizing cybersecurity and operational risk
  • Strong familiarity with cloud technologies (IaaS, PaaS, SaaS) and DevSecOps
  • Broad understanding of various cybersecurity domains, including network security, identity management, and operational resilience
  • Experience in regulated environments, understanding FFIEC, GLBA, SOX, and related frameworks
  • Exceptional communication skills and executive presence to engage stakeholders at all levels
  • Proven expertise in leadership, coaching, and talent development

Responsibilities

  • Lead and develop a high-performing team of cybersecurity risk professionals
  • Define and enhance the cybersecurity risk management strategy and framework
  • Translate complex cyber risks into actionable business impacts
  • Establish an end-to-end risk management process for continuous monitoring
  • Define key risk indicators and testing strategies to assess risk exposure
  • Act as a strategic advisor on risk mitigation and regulatory compliance
  • Build trusted partnerships with business lines and technology leaders

Benefits

  • Hybrid work model with 4 days onsite and 1 day remote
  • Opportunity for professional development and training
  • Promotes a culture of cybersecurity awareness
  • Engagement with industry-leading practices and frameworks
  • Support for maintaining certifications and further education
Full Job Description
Job Description

As a First Line of Defense Cybersecurity Risk Director within the Enterprise Technology Security (ETS) Risk organization, you will provide strategic leadership in protecting the organization against evolving cyber threats while enabling business innovation. This role is accountable for the design, execution, and continuous maturity of the cybersecurity risk management framework, ensuring cyber risks are proactively identified, assessed, mitigated, monitored, and transparently reported. You will serve as a trusted advisor to senior leadership, translating complex cybersecurity and technology risks into clear business impacts and risk-based decisions aligned to enterprise risk appetite. The role partners closely with Technology, Corporate Security, Legal, Compliance, Risk, Audit, and business leaders to ensure cybersecurity risk strategies are fully integrated with business objectives, regulatory expectations, and enterprise resilience goals. You will also lead and develop a high performing team of cybersecurity risk professionals, fostering a culture of strong risk discipline, constructive challenge, and continuous improvement across the organization.

Key Responsibilities

Leadership & Strategy
  • Lead, coach, and develop a team of cybersecurity risk analysts, principals, and managers, establishing a consistent, scalable, and value driven risk support model across the enterprise.
  • Define and evolve the cybersecurity risk management strategy and operating model, ensuring alignment with enterprise risk appetite, regulatory requirements, and business priorities.
  • Translate cyber and technology risks into business relevant impacts, enabling senior management to make informed, risk-based decisions.

Cybersecurity Risk Management & Oversight
  • Establish and oversee an end-to-end cybersecurity risk management process that enables continuous identification, analysis, assessment, treatment, and monitoring of cyber and technology risks.
  • Define and maintain key risk indicators (KRIs), controls, and control testing strategies to measure cybersecurity risk exposure and control effectiveness.
  • Provide oversight of Risk and Control Self Assessments (RCSAs), Targeted Risk Reviews, business initiative risk assessments, and issue management, ensuring timely remediation and sustainable risk reduction.
  • Maintain visibility into detailed cyber risk assessments, advising business and technology leaders on prioritized mitigation strategies and risk tradeoffs.

Business Partnership & Advisory
  • Act as a strategic risk advisor to business lines and technology leaders, providing day to day guidance on regulatory compliance, risk mitigation, and industry best practices.
  • Advise on new products, processes, technologies, and strategic initiatives, ensuring appropriate risk identification, control design, and governance approvals are in place.
  • Guide business partners through enterprise governance forums and approval processes, ensuring cyber risks are understood, documented, and appropriately managed.

Regulatory, Audit & External Engagement
  • Serve as the primary risk lead for regulatory exams and audits related to cybersecurity and technology risk for assigned products or functions.
  • Partner with Internal Audit, and second line stakeholders, leading exam preparation, responses, and ongoing issue remediation.
  • Ensure compliance with applicable laws, regulations, and supervisory guidance, including FFIEC, GLBA, SOX, and other relevant standards.

Collaboration & Stakeholder Management
  • Build and maintain strong, trusted relationships with business partners, technology leaders, security teams, project stakeholders, and subject matter experts.
  • Collaborate across lines of defense to provide effective challenge while enabling responsible innovation and delivery.
  • Promote a culture of cybersecurity awareness and operational resilience across the organization.


Qualifications - Experience & Skills
  • 10+ years of experience in Cybersecurity and/or Information Technology, with deep exposure to enterprise environments.
  • 10+ years of risk management experience within financial services, preferably in cybersecurity, technology risk, or operational risk.
  • Strong experience with cloud technologies (IaaS, PaaS, SaaS), DevSecOps, web applications, operating systems, databases, and networking.
  • Broad knowledge of cybersecurity domains including:
    • Network and infrastructure security
    • Vulnerability and configuration management
    • Identity and Access Management including Customer Identity
    • API and application security
    • Data protection and cryptography
    • Operational resilience
    • Incident, problem, and change management
  • Experience operating in a highly regulated environment under significant supervisory scrutiny.
  • Solid understanding of internal controls, risk assessments, and governance processes.
  • Working knowledge of FFIEC guidance, GLBA, SOX, and related regulatory frameworks.
  • Familiarity with leading industry frameworks, including Cybersecurity Risk Institute, NIST Cybersecurity Framework, Cloud Security Alliance, NIST 800 53, and ISO 27001.
  • Demonstrated ability to synthesize complex risk data, prioritize mitigation actions, and influence outcomes.
  • Exceptional communication and executive presence skills, with the ability to engage all levels of the organization.
  • Proven leadership, coaching, and talent development experience.
  • Strong project and program management capabilities across multiple stakeholders.


Education & Certifications (Preferred)
  • Bachelor's Degree required; Master's Degree preferred.
  • Professional certifications strongly preferred, including:
    • Certified Information Systems Security Professional (CISSP)
    • Certified Cloud Security Professional (CCSP)
    • Cloud security specialty certification in AWS and Azure
    • Certified Information Security Manager (CISM)
    • Certified Information Systems Auditor (CISA)
    • Certified in Risk and Information Systems Control (CRISC)

Hours & Work Schedule
  • Hours per Week: 40
  • Work Schedule: Monday-Friday
  • Hybrid: 4 days onsite, 1 day remote


Pay Transparency

The salary range for this position is $190,000 - $240,000 per year, plus an opportunity to earn an annual discretionary bonus. Actual pay is based on various factors including but not limited to the work location, and relevant skills and experience.

We offer competitive pay, comprehensive medical, dental and vision coverage, retirement benefits, maternity/paternity leave, flexible work arrangements, education reimbursement, wellness programs and more. Note, Citizens' paid time off policy exceeds the mandatory, paid sick or paid time-away policy of every local and state jurisdiction in the United States. For an overview of our benefits, visit https://jobs.citizensbank.com/benefits .

#LI-Citizens1

About Citizens Financial Group, Inc

Citizens Bank is a financial service company. It provides outstanding local and personalized service. It offers a full range of commercial, real estate, and consumer lending. It is specialized in personal and small business deposit services, electronic services.

Citizens Financial Group, Inc. Careers

Join the dynamic team at Citizens Financial Group, Inc., a leading financial institution where your career aspirations can soar. We are committed to fostering a culture of innovation, leadership, and diversity that supports our employees' professional growth and development.

Explore Job Opportunities

At Citizens Financial Group, Inc., we offer a wide range of job opportunities that cater to diverse skill sets and career interests. Whether you're a seasoned professional or just starting out, you'll find a position that challenges you and enhances your expertise.

Internship Programs

Kickstart your career with our internship programs designed to give you a hands-on experience in the financial sector. Our internships provide a robust platform to develop your skills, engage in meaningful projects, and network with industry leaders.

Employment Benefits

Choosing a career with Citizens Financial Group, Inc. means opting for a comprehensive package of benefits. We believe in supporting our team members not only in their professional lives but also in their personal growth and well-being.

Inclusive Culture and Diversity Training

We pride ourselves on a workplace culture that embraces diversity and inclusivity. Regular diversity training ensures that our team members appreciate and leverage the unique backgrounds and perspectives that each individual brings to the company.

Professional Growth and Leadership Development

Continuous learning is at the core of our professional development agenda. With access to leadership development programs and tailored training, you can advance your career and leadership skills at Citizens Financial Group, Inc.

Innovation at Work

Innovation is key to staying competitive in the financial industry. At Citizens Financial Group, Inc., you’ll work alongside talented professionals who are pushing the boundaries of what’s possible in financial services.

Networking and Career Advancement

Our company not only provides job opportunities but also fosters an environment where networking and professional connections flourish. This supportive network is vital for career advancement and personal growth within the industry.

Join Our Team

Are you ready to take the next step in your career? Explore the open positions at Citizens Financial Group, Inc. and find where your skills and passions align with our needs. We are continuously hiring and looking for new talents to join our robust team.

Stay Connected

Keep up to date with the latest career tips, industry insights, and job openings at Citizens Financial Group, Inc. Subscribe to our careers blog and personalize your job alerts to match your preferences and career goals.

Prepare for Your Interview

Make a great first impression. Prepare for your interview with us by researching our company culture, reviewing your resume, and coming ready to discuss how your experience and skills align with the position you are applying for. At Citizens Financial Group, Inc., we are more than just a financial institution; we are a place where you can make a difference. Join us and transform your career with a company that values your unique talents and aspirations.
Learn more about Citizens Financial Group, Inc
Size
17,463 employees
Market Cap
$19.3 billion
Industry
Net Income
$1 billion
Founded
1828
5 Year Trend
+2.6%
NASDAQ

Similar Jobs

More Jobs at Citizens Financial Group, Inc

More Finance & Insurance Jobs

Find similar Technology Risk Director- CyberSecurity jobs: