Banc of California · 8 hours ago
Analyst, Senior GRC Information Security Analyst
Santa Ana, CA
Full-time
Onsite
Senior Level
5+ years expBanc of California is a premier relationship-based business bank focused on providing banking and treasury management services. The Senior GRC Information Security Analyst will be responsible for the overall security posture of the bank, ensuring compliance with regulations and managing governance, risk, and compliance programs.
BankingFinanceFinancial Services
Responsibilities
Contribute to the development, management, and ongoing improvement of Information Security risk program, compliance initiatives, and overall security risk posture
Partner with senior management to design and implement maturity strategies and operations into the Information Security GRC team
Lead critical control activities with stakeholders across the business, quantifying risk, evaluating mitigations, and driving actions to measurably reduce risk
Conduct regular risk assessments to identify potential threats and vulnerabilities across the organization analyzing their impact and likelihood of occurrence
Generate reports on risk assessments, compliance status, and control effectiveness to communicate findings to stakeholders at various levels within the organization
Establish and contribute to risk and compliance activities with an eye toward continuous controls monitoring automation
Validate that information security requirements are built into architecture and new technology projects
Maintain Information Security risk register, report monthly to appropriately address key risk areas
Conduct technical security posture review for annual vendor monitoring and re-assessment processes for new and existing vendors
Provide support to the Information Security Incident Response team during cyber/privacy incidents
Support internal and external audits by providing documentation and supporting evidence of compliance
Support policies and procedures maintenance aligned with in-scope security frameworks, regulations, and internal standards to manage identified risk effectively
Prepare detailed reports for senior leadership, including KRI and KPI
Act as a mentor, advisory, and escalation point for team members and stakeholders
Treat people with respect; keep commitments; inspire the trust of others; work ethically and with integrity; uphold organizational values; accept responsibility for own actions
Demonstrates knowledge of and adherence to EEO policy; shows respect and sensitivity for cultural differences; promotes working environment free of harassment of any type
Follows policies and procedures; completes tasks correctly and on time; supports the company’s goals and values
Performs the position safely, without endangering the health or safety to themselves or others and will be expected to report potentially unsafe conditions. The employee shall comply with occupational safety and health standards and all rules, regulations and orders issued pursuant to the OSHA Act of 1970, which are applicable to one’s own actions and conduct
Performs other duties and projects as assigned
Qualification
Required
Bachelor's degree in information systems, engineering, business, risk management, or related field; and related certifications (e.g., CRISC, CISSP, CISS, CISM, CISA, Security+, CEH, GSEC)
5+ years of experience in GRC, security, risk management or related fields, particularly in highly regulated industries such as financial, professional services, or government, with expertise in navigating complex regulatory requirements
High technical knowledge across Cybersecurity domains, including Security Operations, Incident Response, Security Engineering, Cloud Security, Artificial Intelligence (AI), Data Security, Configuration Management, Log Generation, Security Risk Assessments/testing methodologies, Secure Software Development Lifecycle, evaluating the adequacy and efficiency of internal controls
Expert knowledge of GRC frameworks and regulations (e.g., PCI-DSS, GDPR, CCPA, GLBA, NIST, ISO 27001)
Strong knowledge in OWASP, CIS and/or other security standards and secure configuration baselines
Experience developing and implementing GRC framework, policies and procedures
Excellent analytical skills with the ability to assess complex risks and develop effective mitigation security strategies
Proven ability to lead and manage projects, including coordinating cross-functional teams and delivering results on time
Ability to adapt to a fast-paced and dynamic environment, with a focus on continuous improvement and innovation
Ability to work on multiple GRC projects simultaneously
Excellent communication and interpersonal skills
Benefits
You will be eligible to participate in the company’s 401k plan which includes a company match and immediate vesting.
We offer comprehensive insurance options including medical, dental, vision, AD&D, supplemental life, long-term disability, pre-tax Health Savings Account with employer contributions, and pre-tax Flexible Spending Account (FSA).
Banc of California partners with providers that offer adoption, surrogacy, and fertility assistance as well as paid parental leave and family support solutions including care options for your family.
Eligible team members receive paid vacation days, holidays, and volunteer time off.
To support career growth of our team members, we offer tuition reimbursement, an annual mentorship program, leadership development resources, access to LinkedIn Learning, and more.
Company
Banc of California
Banc of California provides a full-service banking and home lending to individuals and their businesses and families.
1001-5000 employees
H1B Sponsorship
Banc of California has a track record of offering H1B sponsorships. Please note that this does not
guarantee sponsorship for this specific role. Below presents additional info for your
reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (5)
2024 (1)
2023 (1)
Funding
Current Stage
Public CompanyTotal Funding
$20MKey Investors
Patriot Financial Partners
2013-12-05Post Ipo Equity· $20M
2002-08-23IPO
Leadership Team
Ken McMullen
Treasurer
Recent News
Benzinga.com
2026-01-07
2025-12-08
2025-11-12
Company data provided by crunchbase