Information Security Risk Analyst

Job Locations
US-CA-San Francisco | US-NY-New York


At First Republic, we care about our people. Founded in 1985, we offer extraordinary client service in private banking, private business banking and private wealth management. We believe that personal connections are everything and our success is driven by the relationships we form with our colleagues and clients. You’ll always feel empowered and valued here. 


Incredible teams doing exceptional work, every day

The Information Security Risk Analyst will support the Information Security risk management process within the Company. The primary responsibilities of the position are to assess adequacy of security and business continuity/disaster recovery controls, evaluate threats and vulnerabilities and calculate the level of current and residual risk and communicate these risks to business units and management.  This is a hybrid position.


Common goals, uncommon potential  
The ideal candidate will be a self-starter and have an inquisitive, analytical mind that constantly looks for solutions to difficult problems.  The analyst must have the ability to convey complicated technology and security concepts to management and ideally has technical knowledge and/or experience in security, networking, systems administration, database administration, architecture or another technical domain.  Alternatively, proficiency in a risk management framework and conducting risk assessments in a regulated environment is desired.


What you’ll do as an Information Security Risk Analyst:


  • Identify, measure, and assess information technology risk by performing risk assessments. This includes both Bank and vendor-hosted solutions, covering multiple aspects of Information Security (e.g. business continuity, disaster recovery, security testing, access, etc.).
  • Understand key concepts such as Confidentiality, Integrity, and Availability in systems and data, and controls needed to achieve them.
  • Develop an overall risk management strategy and recommendations, including identification of security control requirements and control deficiencies for new or existing services, and communicate them with key business stakeholders.
  • Document requirements and deliverables for risk review.
  • Maintain broad knowledge of best practices and trends in the fields of Information Security and Information Technology.
  • Respond to business unit inquiries for consultation and advise on Information Security practices and company Policies.
  • Provide extraordinary service to colleagues and external parties.
  • Other duties as assigned.


You could be a great fit if you have:


  • Minimum 4-year college degree required.
  • Knowledge and / or experience with networking (e.g. LAN, WAN, VPN, routers, firewalls), access systems (e.g. Active Directory, Single Sign On), and infrastructure (e.g. Windows or Linux servers, load balancers, firewalls).
  • Professional certifications relevant to Information Security (e.g., CISSP, CCSP, SSCP, CRISC, CISA, GIAC, AWS), or the ability to gain a certification within 6 months of hire, are preferred.
  • 3 years of information security, information technology, information security audit, or technology risk management related work experience required.
  • Strong writing, communication, and organizational skills, ability to multi-task, strong attention to details, effective and innovative problem-solving abilities, and follow-up skills required.
  • Previous experience with GRC, CMDB, and issue / project tracking tools a plus.


Job Demands:

  • Must be able to review and analyze data reports and manuals; must be computer proficient.
  • Must be able to communicate effectively via telephone and in person.


Own your work and your career — apply now

Are you willing to go the extra mile because you love what you do and how you can contribute as a team? Do you want the freedom to grow and the opportunity to take charge of your own career?  If so, then come join us.


We want hard working team players. You’ll have the independence to learn, lead and drive change. A culture of extraordinary service, empowerment and stability — that’s the First Republic way.


We believe that a diverse range of backgrounds and ideas has and will continue to be fundamental to the future success of First Republic.


If you are curious to learn more about this opportunity, we'd love to hear from you.


This job description is not intended to be all-inclusive. Employee may perform other related duties as assigned to meet the ongoing needs of the organization. The Company is an equal opportunity employer. In this regard, the Company makes reasonable accommodations for qualified applicants and employees with disabilities in order to enable them to perform all essential job functions, unless doing so creates an undue hardship.


First Republic is subject to federal laws that restrict the employment of individuals with certain types of criminal histories, including FDIA Section 19 and FINRA. To the extent not inconsistent with our obligations under those federal laws and regulations, First Republic will consider qualified candidates with criminal histories in a manner consistent with the Los Angeles and San Francisco ban-the-box laws.


For New York City-based roles: Mayor Bill de Blasio announced that, effective December 27, 2021, all private sector employers?in New York City will be required to ensure that their employees are vaccinated against COVID-19 to attend work in the office. Reasonable Medical or Religious Accommodations may be requested if applicable to you. Please view New York’s Guidance on Accommodations for Workers for more information.


Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed

Need help finding the right job?

We can recommend jobs specifically for you! Click here to get started.