At a Glance
- Tasks: Join us as an IT Risk Analyst I, assessing and managing technical risks for our bank.
- Company: First Interstate Bank is dedicated to community service and employee well-being.
- Benefits: Enjoy generous PTO, student debt repayment, and a 401(k) with a 6% match.
- Why this job: Be part of a team that values learning, growth, and making a real impact.
- Qualifications: Bachelor's degree and 1-3 years in IT security or risk management required.
- Other info: Work in a supportive environment with opportunities for professional development.
The predicted salary is between 28800 - 48000 £ per year.
**If you are a current FIB employee, please apply through the Career Worklet in the Employee Portal. This position can be located at Boise, ID, Bend, OR, Omaha, NE, Sioux Falls, SD and Great West Center in Billings, MT. What\’s Important to You We know your career is just one aspect of a meaningful, complex, and demanding life. That\’s why we designed our compensation and benefits package to provide employees and their families with as much choice as possible. Generous Paid Time Off (PTO) in addition to paid federal holidays. Student debt employer repayment program. 401(k) retirement plan with a 6% match. The health and happiness of the places we call home matter to us. Learn a little more about what we do for the communities we serve , and why we want YOU to be a part of it. We encourage you to apply. Reach for what you want and tell us why your work ethic and willingness to learn make you a natural fit for #TeamFirstInterstate. SUMMARY The IT Risk Analyst I is responsible for guiding, identifying, and measuring informational and technical risks within First Interstate Bank\’s (FIB) infrastructure or related third parties. This position will be responsible for performing test work to validate system and application security configurations to meet industry and FIB architecture and security standards, as well as establishing and leveraging risk metrics and dashboards to continuously assess and report on technical risk. This IT Risk Analyst I position will focus on supporting IT Risk Management practices, primarily focused on assessment and monitoring of IT and security risk for third party vendors. This position will also be responsible for the performance of additional IT Risk Management practices, such as targeted security assessments and monitoring of security metrics. ESSENTIAL DUTIES AND RESPONSIBILITIES Researches and evaluates proposed new technologies and platforms to ensure the appropriate technical security controls are specified in the requirements and are in alignment with the security reference architecture and security controls framework. Provides security consulting on projects to ensure solutions are designed in accordance with security architecture and that security configurations are properly implemented. Performs technical security assessments and targeted risk assessments against FIB\’s existing infrastructure and products to ensure compliance with policies, standards, regulatory requirements, and industry best practices. Monitors and matures the risk-based IT security metrics, scorecards, and dashboards to measure cybersecurity performance and the effectiveness of IT risk management practices. Identifies and documents IT gaps and/or deficiencies arising from targeted risk assessments and other risk identification activities. Assesses and assigns risk ratings based on likelihood and potential impact; communicates deficiencies with key IT stakeholders. Performs root cause analysis for IT gaps and/or deficiencies and collaborates with IT stakeholders for timely remediation plan development and implementation. Performs independent validation and proactive monitoring of IT gaps and/or deficiencies through resolution. Works with various groups during product upgrades or new product design to ensure security best practices are implemented. Performs technical reviews of third-party cyber and information risk. Researches emerging technologies in support of security enhancement and development efforts. Provides policy governance, ensuring IT policies and standards are compliant with regulatory requirements, industry best practices, and ensures effective communication across FIB. QUALIFICATIONS To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. KNOWLEDGE, SKILLS AND ABILITIES Knowledge of concepts and principles in information security functional areas such as cloud security, firewalls, and identity and access management. Strong understanding of industry standard security frameworks, security controls, and compliance frameworks, such as NIST 800-53, NIST CSF, CIS, COBIT, and FFIEC. Remains up to date with emerging threats, best practices, and relevant frameworks, guidance, and legislation. Strong oral, written, and interpersonal communication skills resulting in the ability to interface with managers and staff at all levels within the organization. Ability to influence peers, colleagues, and managers to take action on complex, technical, or sensitive security topics. Capable of managing varied assignments and working independently. Ability to define problems, collect data, establish facts, and draw valid conclusions. Ability to interpret an extensive variety of technical instructions in mathematical or diagram form and deal with several abstract and concrete variables. Proficient with methods used in performing risk analyses and assessments and measuring cybersecurity compliance. Proficient in maintaining and updating documentation necessary for supporting security environments, including policies, standards, patterns, and reference architectures. Proficient in working with compliance and regulatory program requirements. EDUCATION AND/OR EXPERIENCE Bachelor\’s Degree in a related field required 1-3 years experience in IT security audit, IT risk management, information security, and/or equivalent combination of education and experience required Experience in a financial institution preferred LICENSES AND CERTIFICATIONS Certified Information Systems Security Professional (CISSP) preferred Certified Information Systems Auditor (CISA) preferred Certified in Risk and Information Systems Control (CRISC) preferred Certified Information Security Manager (CISM) preferred PHYSICAL DEMANDS AND WORKING ENVIRONMENT The physical demands and work environment are representative of those that must be met or encountered to successfully perform the essential functions of the job. In compliance with the Americans with Disabilities Act, the company provides reasonable accommodation to qualified individuals with disabilities and encourages both prospective and current employees to discuss potential accommodations with the employer. Dexterity of hands/fingers to operate computer keyboard and mouse – Frequently Lifting – Occasionally (up to 50 lbs) Sitting – Frequently Standing – Occasionally Noise Level – Moderate Typical Work Hours – M-F (8-5) Regular and Predictable Attendance – Required **If you are a current FIB employee, please apply through the Career Worklet in the Employee Portal. #J-18808-Ljbffr
Third Party IT Risk Analyst I employer: First Interstate Bank
Contact Detail:
First Interstate Bank Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Third Party IT Risk Analyst I
✨Tip Number 1
Familiarise yourself with the specific security frameworks mentioned in the job description, such as NIST 800-53 and CIS. Being able to discuss these frameworks in detail during your interview will demonstrate your knowledge and commitment to the role.
✨Tip Number 2
Network with current employees or professionals in the IT risk management field. Engaging with them on platforms like LinkedIn can provide you with insights into the company culture and expectations, which can be invaluable during your application process.
✨Tip Number 3
Prepare to discuss real-world examples of how you've identified and mitigated IT risks in previous roles. This practical experience will help you stand out and show that you can apply your knowledge effectively in a real-world setting.
✨Tip Number 4
Stay updated on the latest trends and emerging threats in cybersecurity. Being able to speak about current events or recent breaches during your interview will showcase your passion for the field and your proactive approach to learning.
We think you need these skills to ace Third Party IT Risk Analyst I
Some tips for your application 🫡
Tailor Your CV: Make sure your CV highlights relevant experience in IT security, risk management, and compliance frameworks. Use keywords from the job description to demonstrate that you meet the qualifications.
Craft a Compelling Cover Letter: In your cover letter, explain why you're passionate about IT risk management and how your skills align with the responsibilities of the role. Mention specific experiences that showcase your ability to assess and manage risks.
Showcase Relevant Skills: Emphasise your knowledge of security frameworks like NIST and CIS, as well as your communication skills. Provide examples of how you've influenced teams or managed projects related to IT security.
Proofread Your Application: Before submitting, carefully proofread your application for any spelling or grammatical errors. A polished application reflects your attention to detail, which is crucial in IT risk management.
How to prepare for a job interview at First Interstate Bank
✨Understand the Role
Make sure you thoroughly understand the responsibilities of a Third Party IT Risk Analyst I. Familiarise yourself with key concepts like risk assessment, security frameworks, and compliance standards relevant to the role.
✨Showcase Relevant Experience
Prepare to discuss your previous experience in IT security audit or risk management. Highlight specific projects where you successfully identified and mitigated risks, especially in a financial institution setting.
✨Demonstrate Communication Skills
Since the role requires interfacing with various stakeholders, practice articulating complex technical concepts in simple terms. Be ready to explain how you've influenced peers or managers on security topics in the past.
✨Stay Updated on Industry Trends
Research current trends and emerging threats in information security. Being knowledgeable about recent developments will show your commitment to the field and your ability to adapt to new challenges.