Business Information Security Officer - Financial Services / Remote

About The Position

Requirements

• 10+ years of Information Technology experience, with a background in Security and Compliance.
• 10+ Financial Services Experience
• Experience with financial regulatory requirements
• Detail oriented
• Experience working with external regulatory auditors
• Ability to drive and oversee remediation efforts
• Able to communicate clearly and concisely with both technologist and Senior Leadership
• Ability to adapt to a fast paced environment with frequent changes
• Technical Writing experience
• Client Services background
• Experience with Board Level reporting
• Previous program leadership experience within the banking industry
• Seasoned track record of assessing threat and vulnerability from a business and technical perspective
• Ability to develop and champion pragmatic security solutions that support growth of the business.
• Experience developing a strategic, comprehensive enterprise information security and IT risk and privacy management program
• Experience with supporting customer-facing products, not just internal
• Ability to create a culture of accountability and security
• Service Level Management experience
• Ability to communicate and engage effectively with a diverse audience, including front line technical staff, non-technical staff, management, executives, and vendors/providers
• Self-starter with the ability to lead tasks with demonstrated ability to work independently
• Bachelor’s degree in Computer Science or equivalent degree preferred but not required.

Responsibilities

• Assess client security programs, determining the degree to which people, process and technologies are deployed counterbalancing client’s inherent risk profile to program maturity.
• Develop, drive, and implement client’s overall information security program (goals, objectives, and policies).
• Assist clients to establish and implement consistent security program frameworks and work with business units to implement technical controls in line with cutting edge best in class security and privacy standards.
• Drive domestic and international projects to meet emerging cyber security requirements, data protection and privacy laws.
• Develop and implement approved policies and procedures to ensure information security efforts are properly coordinated and in compliance making recommendations for changes and improvements to reduce the overall security risk.
• Monitor and assess the compliance of the organization with information security policies and procedures, while ensuring third-party compliance.
• Develop incident response plans, data loss prevention and incident response training exercises, serving as the focal point for response process development and implementation.
• Implement ongoing risk assessment programs targeting information security and privacy matters.
• Coordinate and deliver information security reporting and assessments as required by regulatory agencies, clients, and management.
• Work with peers across the company to review customer feedback/ requirements and ensure that security strategy and roadmaps are aligned with the security needs of customers.
• Keep current on latest security and privacy legislation, regulations, alerts, and vulnerabilities.
• Conduct continual research to maintain knowledge of technology, customer needs and overall requirements.
• Participate in client initiatives and projects to ensure that cybersecurity controls are accounted for early within the project and software development lifecycles.

Benefits

• Salary commensurate with years’ of experience, technical expertise and geographic location
• Salary range: $150,000 to $190,000
• Performance bonuses
• Benefits package that includes 100% paid medical, dental and vision for the employee
• 401(k) with employer match
• Strong company culture
• Flexible PTO policy
• Flexible working arrangements
• Annual company overnight retreat