Deputy Chief Information Security Officer

About The Position

Requirements

• A Bachelor's degree in Information Security, Computer Science, or a related field required. 
• Certified Information Systems Security Professional (CISSP) certification required.   
• Minimum 8 years’ experience in an Information Security Management capacity with experience in all security domains and with experience in team management required. 
• Strong writing and grammar, including technical writing, presentation development, and report development for all audience levels.  
• Ability to present to a range of internal, external and customer audiences, including technical and non-technical decision makers, Executive Leadership, and Directors. 
• Ability to read, analyze and interpret industry standards, government regulations, professional journals, etc. 
• Strong leadership in developing and leading initiatives with the ability to supervise others.
• Excellent planning and organizational skills.
• Excellent analytical and problem-solving skills. 
• Proven experience with risk assessments with excellent understanding of application development and technical infrastructure security. 
• Ability to respond to common inquiries or complaints from employees, customers, regulatory agencies. 
• Ability to travel to various locations as necessary.

Nice To Haves

• Additional professional security management certifications such as Certified in Risk and Information Systems Control (CRISC), Certified Information Security Manager (CISM), or other equivalent certification preferred.

Responsibilities

• Provide operational oversight of Information Security team.
• Assist the CISO with Department Program assessments and long-term roadmap.
• Assist the CISO with the development and implementation of Program strategies.
• Develop metrics and measurements to assess Program progress and effectiveness.
• Monitor the emergence of new threats and vulnerabilities, assess risks and impacts and recommend mitigation strategies. 
• Assist the CISO with managing security incident investigations.
• Develop and maintain Information Security governance documentation. 
• Oversee the development and maintenance of Information Security educational initiatives. 
• Oversee the development of monitoring processes related to Information Security controls. 
• Assist with risk management, including conducting risk assessments, vulnerability management, and similar activities. 
• Lead or participate on projects as appropriate, assisting in the development of new or modified products or services, to ensure adequate Program controls are in place prior to implementation and Department deliverables are completed/provided as required.
• Assist the CISO with ensuring regulatory compliance. Assist with the remediation of internal/external audit, examination, and penetration test findings related to the Programs.
• Recommend and assist with Program remediation and improvements to infrastructure, controls, policies and procedures. 
• Stay current with IT-related regulatory guidance and alerts and industry alerts including FS-ISAC information.  Maintain a current understanding of the IT threat landscape for the industry.
• Maintain confidentiality of all investigations, reports and other sensitive information associated with position.

Benefits

• Medical, dental, vision, FSA, HSA options for both part-time and full-time employees. Medical coverage is also offered for domestic partners.
• Paid holidays, vacation, and sick time.
• Retirement benefits that include a 401(k), Profit Sharing, and Employee Stock Ownership Plan (ESOP).
• Training & development opportunities.
• Tuition assistance.
• Community focused volunteer opportunities.
• Award winning wellness program that promotes a solid work/life balance.
• Banking perks and discount programs.