Information Security Officer

About The Position

Requirements

• 5-10 years information and physical security experience.
• 2-3 years leadership/managerial experience.
• Bachelor's Degree in Information/Cybersecurity, Computer Information Systems, Computer Science, Information Technology Management, Network Management Systems, or related work experience.
• Knowledge and experience with regulatory bodies including FFIEC, FDIC and banking regulations such as, but not limited to PCI, GLBA, NIST and Cybersecurity.
• Certifications in or willing to obtain certification in CISSP, CISM, or CISA or equivalent recognized industry certifications.
• Ability to: communicate effectively (written and verbally), maintain confidentiality, work with speed and accuracy, grasp technical information quickly, and work independently and as a team member.
• Attention to detail and ability to work well in teams and individually.

Responsibilities

• Develop and maintain the company's information security program, ensuring compliance with all regulatory guidance and information security best practices. This includes policies and procedures aligned with the bank’s information security program as well as ownership of the information security risk assessment for the bank.
• Maintain, coordinate, and support the bank's enterprise-wide disaster recovery and business continuity plan, including periodic testing. Key contributor and leader in any Incident Response Team issue, including documentation of any information security related incident.
• Establish and monitor KRIs related to information security to align with the bank’s ERM framework and risk appetite. Participate and contribute reports, projects and findings at management’s Tech Risk Committee quarterly, and present the annual Information Security Program at Board Risk Committee annually.
• Maintain compliance with applicable privacy laws including GLBA, HIPAA, PCI, etc.
• Proactively monitor, evaluate, and implement best practices related to enterprise information security. Provide internal guidance on emerging threats.
• Ensure completion of daily reviews of security logs and reports; ensure appropriate follow-up action is taken.
• Evaluate effectiveness of information security programs of third-party software, hardware, and service providers.
• Oversee user access provisioning for all company systems.
• Lead the Information Security and Physical Security Team(s), including recruiting, hiring, training, and performance management.
• Work closely and collaborate with the Technology Services department to protect information assets through appropriate tools. Coordinate project timelines, resources and outcomes for any new information security initiatives with Technology Services.
• Respond to relevant audit and examination requests, manage resolutions of any findings.
• Oversee the bank’s information security training and awareness efforts, ensuring employees receive timely, role-based education on security practices and emerging threats.

Benefits

• Medical, dental, vision, STD, LTD, Life insurance, etc.
• 25 days paid time off, 11 paid holidays and bereavement leave
• Education Assistance Program
• Paid Parental Bonding Leave
• Wellness benefits
• Life event coverage
• Service awards
• Financial benefits including 401(k) match, stock purchase plan, short-term incentives and long-term equity earning opportunities
• Logo wear discounts
• Free checking account, checks and discounted bank services