City National Bank of Florida

Welcome page

GRC Automation and AI Specialist Senior

Posted Date 3 months ago(10/15/2025 5:19 PM)
Job ID
2025-5691
Category
Information Technology
Type
Full-Time
Workplace policy
Hybrid

Overview

The GRC Automation and AI Specialist Senior leads efforts to automate cybersecurity and GRC processes using AI technologies to improve compliance efficiency and reduce manual workload. The role exercises discretion and independent judgment to evaluate risks, interpret regulatory requirements, and establish automated control procedures. Responsibilities include conducting security assessments, control testing, issues management, and compliance reporting in alignment with the Bank's internal control framework, regulatory requirements, and departmental policies, while collaborating with auditors and safeguarding sensitive information.
 
Principal Duties & Responsibilities:
  • Design and deploy Artificial Intelligence (AI)/Machine Learning (ML) solutions to automate cybersecurity tasks such as continuous monitoring of security controls, automated evidence collection for audits, and real-time compliance dashboards.
  • Collaborate with GRC, engineering, SecOps, IT operations, and BCP teams to define requirements and ensure scalable, secure, and maintainable AI-driven automation solutions.
  • Develop automated compliance reports and risk metrics for executive leadership, applying AI-driven insights to improve decision-making and reduce operational risk.
  • Apply knowledge of SOX and control testing to identify, assess, aggregate, report, and mitigate current and emerging risk events across cross-functional teams.
  • Coordinate work assignments with process owners, control owners, external auditors, and consultants, ensuring issues are documented, monitored, and resolved.
  • Advise internal stakeholders on internal control design for ongoing risk mitigation of information systems based on regulatory requirements and best practices.
  • Communicate security issues and risks effectively to diverse audiences and ensure compliance with applicable controls based on a unified framework.
  • Identify and correct process gaps proactively, recommending improvements to advance the Bank’s information security program maturity in alignment with company goals.
  • Guide program leaders on risk remediation efforts, ensuring adequacy of response and timeliness based on risk severity.
  • Perform major assignments related to GRC program operations, including evaluation of high-risk processes and applications, strategic planning inputs, and execution of automation initiatives.
  • Work independently on complex programs and assignments with diverse teams and perform other duties as assigned.

Qualifications

  • 2-4 years of applied work experience in data engineering, analytics or integration, cyber security programs, audits, assessments, risk, remediation, or cyber security compliance management.
  • Knowledge of AI concepts (LLMs, prompt design, limitations, hallucinations, etc.)
  • Knowledge of AI governance frameworks (e.g., NIST AI RMF, ISO/IEC 42001)
  • Knowledge of information security management, governance, and compliance principles, practices, laws, rules, regulations, and frameworks such as GLBA, FFIEC, and NIST.
  • Knowledge of IT systems and processes, network infrastructure, data architecture, and protocols.
  • Skill in using AI/ML platforms and automation frameworks, such as Microsoft AI solutions (Power Automate, Copilot Studio) and AI Foundry, for developing agents, workflow automation, and predictive analytics in cybersecurity and GRC environments.
  • Skill in applying cyber and cloud security frameworks, architecture, design, operations, controls, and service orchestration.
  • Ability to develop and manage use cases, including capturing requirements and creating AI-driven solutions.
  • Proficiency in Microsoft Office products (Word, Excel, PowerPoint).
  • Ability to develop and implement enterprise governance, risk, and compliance strategies and solutions.
  • Ability to research and locate information related to internal and external organizations using online and other sources.
  • Skill in security project management and planning.
  • Ability to maintain confidentiality and handle sensitive information appropriately.
  • Ability to troubleshoot and operate computers and various software packages.
  • Ability to define problems, collect and analyze data, establish facts, and draw valid conclusions.
  • Ability to use judgment and ingenuity in maintaining objectives and technical standards.
  • Ability to communicate technical issues effectively to diverse audiences, both in writing and verbally.
  • Ability to apply a risk-based approach to planning, executing, and reporting on audit engagements and auditing processes.
 

Education

  • Bachelor's Degree in in Computer Science, Data Analytics, Engineering or related field, preferred.
  • An equivalent combination of education and/or relevant professional experience may be considered in lieu of a degree.

Certification in any of the following is preferred but not required:

  • Microsoft certifications such as Power Platform Fundamentals (PL-900) or Copilot Studio Applied Skills (APL-7008)
  • CISA (Certified Information Systems Auditor), CRISC (Certified in Risk and Information Systems Control), or CISSP (Certified Information Systems Security Professional).

Special Instructions to Candidates

  • Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities.
  • Please view Equal Employment Opportunity Posters here.
  • The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor's legal duty to furnish information. 41 CFR 60-1.35(c)
  • Reasonable accommodation may be made to assist individuals with disabilities to complete the online application process. Please contact our Human Resources Department at 305-577-7680 or by e-mail at employment@citynational.com

Options

Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed