$190,000–$240,000 Per Year
Amazon Web Services (AWS), Analysis Skills, Application Programming Interface (API), Applications Security, CCSP - Cisco Certified Security Professional, CISA - Certified Information Systems Auditor, CISM - Certified Information Security Manager, CISSP - Certified Information Systems Security Professional, Change Management, Cloud Computing, Coaching, Computer Security, Configuration Management, Continuous Improvement, Corporate Governance, Cross-Functional, Cryptography, Diversity, Due Diligence, Enterprise Protection, Equal Employment Opportunity (EEO), Establish Priorities, External Audit, Financial Risk Management, Financial Services, Genetics, ISO (International Organization for Standardization), Identity Data Management, Information Technology & Information Systems, Information/Data Security (InfoSec), Infrastructure as a Service (IaaS), Internet Application, Internet Security, Leadership, Legal, Maintain Compliance, Medical Conditions, Microsoft Windows Azure, Military, Network Security, Operating Systems, Organizational Development/Management, Platform as a Service (PaaS), Policy Implementation, Project/Program Management, Regulations, Risk, Risk Analysis, Risk Management, Risk Management Framework (RMF), Sarbanes-Oxley Act (SOX), Security Attacks, Software as a Service (SaaS), State Laws and Regulations, Talent Management, U.S. National Institute of Standards and Technology (NIST)
First Line Of Defense Cybersecurity Risk Director
As a First Line of Defense Cybersecurity Risk Director within the Enterprise Technology Security (ETS) Risk organization, you will provide strategic leadership in protecting the organization against evolving cyber threats while enabling business innovation. This role is accountable for the design, execution, and continuous maturity of the cybersecurity risk management framework, ensuring cyber risks are proactively identified, assessed, mitigated, monitored, and transparently reported. You will serve as a trusted advisor to senior leadership, translating complex cybersecurity and technology risks into clear business impacts and risk-based decisions aligned to enterprise risk appetite. The role partners closely with Technology, Corporate Security, Legal, Compliance, Risk, Audit, and business leaders to ensure cybersecurity risk strategies are fully integrated with business objectives, regulatory expectations, and enterprise resilience goals. You will also lead and develop a high performing team of cybersecurity risk professionals, fostering a culture of strong risk discipline, constructive challenge, and continuous improvement across the organization.
Key Responsibilities
- Leadership & Strategy
- Cybersecurity Risk Management & Oversight
- Business Partnership & Advisory
- Regulatory, Audit & External Engagement
- Collaboration & Stakeholder Management
Qualifications - Experience & Skills
- 10+ years of experience in Cybersecurity and/or Information Technology, with deep exposure to enterprise environments.
- 10+ years of risk management experience within financial services, preferably in cybersecurity, technology risk, or operational risk.
- Strong experience with cloud technologies (IaaS, PaaS, SaaS), DevSecOps, web applications, operating systems, databases, and networking.
- Broad knowledge of cybersecurity domains including: Network and infrastructure security, Vulnerability and configuration management, Identity and Access Management including Customer Identity, API and application security, Data protection and cryptography, Operational resilience, Incident, problem, and change management
- Experience operating in a highly regulated environment under significant supervisory scrutiny.
- Solid understanding of internal controls, risk assessments, and governance processes.
- Working knowledge of FFIEC guidance, GLBA, SOX, and related regulatory frameworks.
- Familiarity with leading industry frameworks, including Cybersecurity Risk Institute, NIST Cybersecurity Framework, Cloud Security Alliance, NIST 800 53, and ISO 27001.
- Demonstrated ability to synthesize complex risk data, prioritize mitigation actions, and influence outcomes.
- Exceptional communication and executive presence skills, with the ability to engage all levels of the organization.
- Proven leadership, coaching, and talent development experience.
- Strong project and program management capabilities across multiple stakeholders.
Education & Certifications (Preferred)
- Bachelor's Degree required; Master's Degree preferred.
- Professional certifications strongly preferred, including: Certified Information Systems Security Professional (CISSP), Certified Cloud Security Professional (CCSP), Cloud security specialty certification in AWS and Azure, Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Control (CRISC)
Hours & Work Schedule
- Hours per Week: 40
- Work Schedule: Monday-Friday
- Hybrid: 4 days onsite, 1 day remote
Pay Transparency
The salary range for this position is $190,000 - $240,000 per year, plus an opportunity to earn an annual discretionary bonus. Actual pay is based on various factors including but not limited to the work location, and relevant skills and experience.
We offer competitive pay, comprehensive medical, dental and vision coverage, retirement benefits, maternity/paternity leave, flexible work arrangements, education reimbursement, wellness programs and more. Note, Citizens' paid time off policy exceeds the mandatory, paid sick or paid time-away policy of every local and state jurisdiction in the United States. For an overview of our benefits, visit
Required Skills
- Analytical Reasoning
- Business Integrity Management
- Commercial Thinking
- Compliance Management
- Compliance Risk
- Corporate Governance
- Creating Purpose
- Crisis Control
- Cross-Functional Collaboration
- Customer Empowerment
- Customer-Centricity
- Developing Others
- Diversity and Inclusion Practice
- Due Diligence
- Empowering Others
- Fostering Inclusion
- Industry Insight
- Influencing Others
- Innovation
- Monitoring and Evaluation (M&E)
- Motivating Others
- Optimizing People Productivity
- Organizational Knowledge
- Persistence and Tenacity
- Policy Implementation
- Risk Assessment
- Risk Management Framework
About Us
Equal Employment Opportunity
Citizens, its parent, subsidiaries, and related companies (Citizens) provide equal employment and advancement opportunities to all colleagues and applicants for employment without regard to age, ancestry, color, citizenship, physical or mental disability, perceived disability or history or record of a disability, ethnicity, gender, gender identity or expression, genetic information, genetic characteristic, marital or domestic partner status, victim of domestic violence, family status/parenthood, medical condition, military or veteran status, national origin, pregnancy/childbirth/lactation, colleague's or a dependent's reproductive health decision making, race, religion, sex, sexual orientation, or any other category protected by federal, state and/or local laws. At Citizens, we are committed to fostering an inclusive culture that enables all colleagues to bring their best selves to work every day and everyone is expected to be treated with respect and professionalism. Employment decisions are based solely on merit, qualifications, performance and capability.
Job Info
- Job Identification 46359
- Job Category Risk & Oversight
- Degree Level Bachelor's Degree
- Job Schedule Full time
- Job Shift 1st
- Locations One Citizens Bank Way, Johnston, RI, 02919, US 645 East Missouri Avenue, Phoenix, AZ, 85012, US 99 Wood Avenue South, Iselin, NJ, 08830, US 200 Station Drive, Westwood, MA, 02090, US