Cloud Tech Risk Oversight - (SLC - REMOTE)

Cloud Technologies Risk Oversight | Sr. Risk Officer

Zions Bancorporation is seeking an experienced Cloud Technologies risk professional within the Technology and Cybersecurity Risk Oversight team. This individual will be primarily responsible for providing risk oversight of the Bank's cloud technologies and related efforts including underlying policies, processes and technologies. This role requires a broad mix of business, banking process, technical acumen and risk management concepts with the ability to inspire, influence through others while communicating to various levels of the organization.

Responsibilities include assessing and monitoring the quality, direction, and overall strategy of cloud technologies risk management activities, advising on critical risk matters to include cloud security, leading various risk-based initiatives and ensuring alignment with the Bank's risk appetite. The successful candidate will help to drive a risk-focused, disciplined and balanced approach to evaluate and improve the effectiveness and efficiency of risk management, internal controls, and governance processes in a complex technology and business environment.

The ideal candidate for this position is someone who has a strong background in cloud technologies with a focus around Google Cloud, related cloud architecture and security models, and general change management concepts with an understanding or aptitude to quickly learn risk management concepts. A background in quality assurance, design, management, analytics, integration and interoperability is also critical.

Specific responsibilities include the following:

We are looking for a highly motivated, self-starter who will:

• Perform risk oversight of the cloud technologies space identifying gaps in policies, programs, standards, documented controls, and integrations with other business processes
• Advise senior management on identified gaps and proposed remediation efforts
• Serve as a risk advisor on critical projects and initiatives, primarily around cloud technologies
• Perform reoccurring risk assessments and deliver periodic risk reports for senior management
• Participate in first line of defense councils, committees, methodology/standards discussions, change management or other meetings that could involve key risk decisions
• Perform control oversight, which includes providing guidance in the development of technical and process-based controls and evaluating controls to ensure risks are properly mitigated and are operating effectively
• Provide support and guidance in the development and implementation of key risk indicators (KRI's), key performance indicators (KPI's) and service level agreements
• Evaluate alignment with organizational risk programs and tolerances
• Review and validate technical processes to ensure they are adequately designed
• Perform targeted reviews to ensure risks are appropriately identified and mitigated

Job Qualifications:

A combination of education and experience may meet qualifications

Required Skills:

• 8+ years of experience in within one of the following: cloud implementations, architecture, security or related cloud technologies, risk management, technology, or security functions with a minimum of 4 years' experience leading/managing, implementing and/or providing oversight for cloud solutions or functions
• An industry recognized certification in Cloud Architecture or Cloud Security such as: Certified Cloud Security Professional (CCSP), Google Associate Cloud Engineer (GACE), or Google Professional Cloud Architect (GPCA).
• Hands on background, knowledge and skill in managing/leading cloud deployment, migration, or administrative projects, tools, or solutions
• While this role is an individual contributor, strong leadership skills, proven success working with all levels of management, relationship management, strategic thinking, decision making, managing conflict and crucial conversations is critical
• Excellent written and verbal communication skills

Nice to have:

• A Bachelor's degree in computer science, engineering, information management, security, or other technical field(s)
• Familiarity with third-party risk management and operational risk management
• Working practical knowledge of information technology and cybersecurity industry frameworks (NIST, ITIL, COBIT, etc.) is desired
• Certified Risk Management Professional (CRMP), Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified in Risk and Information Systems Control (CRISC), Certified Information Systems Auditor (CISA), Agile or other industry standard certifications focused on technology or cybersecurity
• Experience with technology management, technology governance, risk management, internal audit with an understanding of risk management principles and practices
• Technology and cybersecurity risks acumen
• Banking industry knowledge
• Strong familiarity with Agile methodologies and general project management

Zions Bancorporation is one of the nation's premier financial services companies with total assets exceeding $65 billion. Zions operates under local management teams and distinct brands in 11 western states: Arizona, California, Colorado, Idaho, Nevada, New Mexico, Oregon, Texas, Utah, Washington and Wyoming. The company is a national leader in Small Business Administration lending and public finance advisory services. In addition, Zions is included in the S&P 500 and NASDAQ Financial 100 indices.