Apply on Employer Site

FFB Bank · 5 hours ago

Enterprise Risk Officer II

Fresno, CA

Full-time

Hybrid

Mid, Senior Level

$100K/yr - $140K/yr

5+ years exp

FFB Bank, a dynamic and acclaimed single-branch bank in Fresno, CA, is seeking an Enterprise Risk Officer II. This senior-level risk professional will lead key components of the Bank’s Enterprise Risk Management framework, focusing on IT Risk and Information Security while partnering closely with various stakeholders to identify and mitigate risks.

BankingFinanceFinancial Services

Responsibilities

Performs Information Security Officer (ISO) responsibilities as a governance and risk oversight function within ERM, in alignment with FFIEC, GLBA, and regulatory expectations

Provides second-line oversight of the Bank’s Information Security Program, ensuring appropriate policies, standards, and controls are established and maintained

Partners with the CTO and IT leadership to review cybersecurity risks, security incidents, vulnerability assessments, and remediation activities

Supports periodic Information Security Risk Assessments, ensuring results are documented, reported, and incorporated into the enterprise risk profile

Assists with preparation of Board- and committee-level Information Security reporting, including risk posture, trends, and material issues

Supports regulatory examinations, audits, and inquiries related to Information Security, cybersecurity, and IT risk governance

Ensures Information Security risks are appropriately integrated into ERM programs such as RCSA, Third-Party Risk Management, Incident Management, and DR/BCP

Owns designated ERM functions, including IT Risk and Information Security risk oversight, as assigned by the Director of ERM

Leads the design, execution, and continuous improvement of assigned ERM programs, ensuring technology and cybersecurity risks are appropriately incorporated

Evaluates risk exposures and control effectiveness independently, recommending actions to management and escalating material risks as appropriate

Acts as ERM’s designated representative for Information Security governance, supporting Board, management committees, audits, and regulatory interactions related to IT and cybersecurity risk

Leads enterprise-wide and targeted risk assessments, including inherent risk identification, control evaluation, and residual risk determination

Facilitates risk workshops, scenario analyses, and management discussions across business lines and support functions

Ensures consistency and quality in risk assessment outputs across the organization

Represents ERM in internal governance forums, management committees, and working groups

Prepares and presents ERM materials for senior management and Board-level committees, as delegated

Serves as a key ERM contact for internal audits, external audits, and regulatory examinations, coordinating responses and remediation tracking

Monitors regulatory guidance and industry developments, translating requirements into actionable ERM enhancements

Oversees the development of IT and Information Security risk metrics, KRIs, and dashboards, ensuring clear visibility into cybersecurity posture and emerging technology risks

Provides forward-looking risk insights, trend analysis, and emerging risk identification to support strategic decision-making

Supports risk appetite refinement and alignment with enterprise strategy

Mentors ERM Analysts and Risk Officer I staff by providing technical guidance, reviewing work products, and supporting professional development

Leads or co-leads ERM-related training sessions, tabletop exercises, and facilitated risk discussions

Contributes to succession planning and knowledge transfer within the ERM function

Supports the development and periodic review of ERM policies, standards, and governance documentation

Identifies opportunities to enhance ERM efficiency, automation, and data quality, including effective use of GRC tools

Champions a strong risk culture by promoting accountability, transparency, and proactive risk management practices

Embodies the TRAC Values and Critical Behaviors (Teamwork, Relationship, Authenticity, Commitment) as core principles, using them to guide daily interactions and decision-making

Completes administrative tasks with a sense of urgency, including required Bank Compliance Training. Responds to internal and external inquiries via email, phone, or messaging platforms in a timely and professional manner. Positively represents the Bank through ethical conduct and community involvement

Demonstrates an understanding of and commitment to EEO policies. Fosters a respectful, inclusive workplace by valuing cultural differences, preventing harassment of any kind, and supporting a diverse workforce

Ensures adherence to all Bank policies, procedures, and processes, along with applicable state and federal laws, rules, and regulations, ensuring confidentiality and data privacy while carrying out AML/CFT (Anti-Money Laundering and Countering the Financing of Terrorism) responsibilities specific to the role

Performs duties in an office or home office environment, involving tasks such as writing, typing, speaking, lifting moderate weights, and operating office equipment. The position requires physical activities like sitting, walking, and reaching. Reasonable accommodation can be made for individuals with disabilities to perform essential functions

Travels up to 10%, including but not limited to attending company meetings, training sessions, and corporate events, with travel typically being regional or local based on business needs

Qualification

Risk AnalysisInformation SecurityGovernanceRisk& ControlAnalytical SkillsMicrosoft Office SuiteCommunication SkillsOrganizational SkillsTeamworkInitiativeAdaptability

Required

Minimum 5–8 years of related Risk Analysis or Banking industry experience required

Proficient analytical and problem-solving skills; capable of interpreting complex data and providing meaningful insights

Experience, knowledge and training in financial statement and tax return analysis typically resulting from a combination of education in accounting, financial and/or credit analysis or related areas

Proficiency with Microsoft Office Suite (Excel, Word, Outlook) required

Effective oral, written, and interpersonal communication skills with the ability to apply common sense to carry out instructions, interpret documents, understand procedures, write reports and correspondence, and speak clearly to customers, vendors and employees

Strong organizational and time management abilities with attention to detail

Strong teamwork and relationship skills to lead collaborative efforts, foster alignment, and drive results across teams

Ability to take initiative and impact change within the Bank through consensus building and conflict resolution

Willingness to take on special projects and perform other duties as assigned, beyond core responsibilities, to support team and organizational needs

Commitment to continuous learning and professional development to stay current with industry standards and best practices

Ability to maintain authenticity and integrity in all professional interactions, ensuring trust and credibility with stakeholders

Capable of managing multiple priorities and meeting deadlines in a dynamic environment

Ability to work independently with minimal supervision and as part of a team

Proven ability to adapt to changing priorities and procedures

Current driver's license and a vehicle with appropriate insurance coverage if required to drive while performing assigned duties and responsibilities