Information Risk Management Sr, Analyst

Brief Overview of Position

The Information Risk function serves as the company's second line of defense, responsible for independently assessing and monitoring information risks across the organization. This role supports executive leadership and the Information Risk Management Team by developing, delivering, and maintaining the company's annual compliance training, security awareness, and phishing campaigns. Other key activities include reviewing, validating, and / or independently conducting risk assessments, analyzing the potential impact of identified risks, providing recommendations to mitigate risks, and preparing detailed reports to key stakeholders and decision-making committees (senior, executive and board). The role contributes to other Information Risk functions within the team such as, metrics oversight & reporting, stress test & scenario analysis, and governance document reviews.

Responsibilities

• Develop, deliver, and maintain the company’s information security awareness and training program to reduce the attack surface, empower users to protect information, and reinforce policies and regulatory requirements

• Conduct regular phishing campaigns and simulations, publish timely communications on emerging threats, and manage related metrics and analytics to identify trends and educational needs

• Analyze data from various sources, such as enterprise and technical management systems, security scanning tools, and identity management solutions, to identify and track risk trends

• Aggregate and synthesize data to generate detailed reports for key stakeholders and decision-making committees

• Provide actionable insights and recommendations for risk mitigation strategies

• Ensure all risk management documentation and reports submitted to internal and external auditors and regulators are complete and accurate

• Collaborate with business control offices and risk reporting functions to ensure timely and aligned information risk management reporting

• Develop security policies and procedures to enhance overall security frameworks

• Create charts, graphs, and dashboards to effectively communicate risk levels

• Translate complex data into clear, concise reports for senior management and committees, enabling well-informed decisions regarding the company's overall risk posture and strategy

• Validate and / or independently conduct risk assessments

• Analyze the potential impact of identified risks and provide recommendations to mitigate them

• Implement monthly internal phishing tests

• Conduct follow-up coaching and communications

• Contribute to the Texas Capital Connection newsletter

• Present during National Cybersecurity Awareness Month

• Perform other duties or projects as assigned

Qualifications

• Bachelor’s degree (preferred in Finance, Accounting, Business, or Analytics, Computer Science); or equivalent combination of education, training, experience

• Minimum 7 years in financial services, preferably directly in risk management related to Risk Control Self-Assessment (RCSA), Key Risk Indicator (KRI), internal/external losses, scenario analysis, organizational change management, and/or program strategic design and execution

• Risk Compliance and/or Audit experience, with experience reading, interpreting, tracking, and administrating regulatory and general risk requirements

• Experience with regulators (OCC, FDIC, SEC, FINRA, TDoB) and law enforcement as necessary

• Advanced subject matter expertise

• Knowledge of applicable business and consumer financial services laws and regulations

• Working knowledge of applicable risk management systems

• Strong project management, organizational, and communication skills with the ability to define problems, collect data, establish facts, and draw valid conclusions to inform business decisions

• Strong ability to interact, negotiate, and influence at senior levels throughout the organization

• Strong ability to identify and mitigate risk and provide solutions

• Strong analytical mindset, focused on results with critical thinking, problem-solving, and decision-making skills

• Strong ability to maintain confidentiality and instill trust within the organization

• Strong ability to self-direct and manage competing priorities on concurrent large, complex projects, initiatives and deliverables

The duties listed above are the essential functions, or fundamental duties within the job classification.  The essential functions of individual positions within the classification may differ. Texas Capital Bank may assign reasonably related additional duties to individual employees consistent with standard departmental policy.Texas Capital is an Equal Opportunity Employer.