Data Privacy & Security Manager

About The Position

Requirements

• Bachelor’s degree in Information Security, Accounting, Cybersecurity, Computer Science or Risk Management related.
• 5+ years of experience working with data security, compliance, Information Technology, IT Audit, and in conducting regulatory research.
• Knowledge of laws and regulations affecting individual privacy, electronic security and/or information technology.
• Familiarity with FFIEC, FDIC, GLBA, FACTA, SWIFT CSP, Fedline requirements
• Broad range of technical knowledge about systems, networks, and telecommunications (SWIFT, CSP, Feldline, DLP).
• Combination of education and experience will be considered.
• Must be proficient in the use of personal computer(s) that utilize a variety of operating systems (e.g., Microsoft Windows XX, Macintosh, linux).
• Must have familiarity of, or the ability to gain a fundamental understanding of prevailing laws such as Federal Trade Commission's Red Flag Rules, Gramm-Leach-Bliley Act (GLBA), BSA, FFIEC.
• Ability to interpret SOC reports, FDICIA, and regulatory guidelines.
• Policy Development & Governance: Creating and maintaining security/privacy manuals.
• Strong project management and policy development skills.
• Must possess strong organizational, analytical, interpersonal, problem solving, written and verbal communication skills.
• Must be able to handle confidential and sensitive information.
• Computer proficient in MS Software, (e.g. Excel, Word, and Outlook).

Nice To Haves

• Experience working in the Banking industry and auditors.
• CISM (Certified Information Security Manager)
• CISA (Certified Information Systems Auditor)
• CISSP (Certified Information Systems Security Professional)
• CIPM or CIPP (Privacy certifications)
• CRISC (Certified in Risk and Information Systems Control)
• CompTIA Security+ or Certified Ethical Hacker (CEH) for technical depth

Responsibilities

• Drive and maintain privacy and information security policies, standards, and annual manual reviews.
• Lead vendor security due diligence, risk scoring, and ongoing monitoring (including AI/vendor risk considerations).
• Perform and coordinate key regulatory/security assessments (e.g., SWIFT CSP, Fedline, GLBA/FDICIA/FACTA reviews).
• Oversee risk assessments for restricted information and ensure timely resolution of security violations.
• Collaborate closely with the CISO & Head of Security, Compliance, IT, and Marketing on incident response, breach notification, and regulatory communications, State and Federal regulators in accordance with legal and policy obligations.
• Prepare clear reporting and presentations for Management and the Board.
• Assist in developing and delivering employee training on privacy and information security.
• Serve as a point of contact for regulatory agencies and internal auditors.