Information Security Risk Officer
About The Position
The Information Security Risk Officer is responsible for assessing and applying Information Security Risk knowledge and expertise to assist with Second Line of Defense activities to help strengthen the branch’s information security posture and ensure regulatory compliance. The Information Security Risk Officer enforces the implementation, monitors, and measures the adequacy of control systems in compliance with regulations and the Bank’s internal control framework and is responsible for identifying and reporting risk to local and corporate management and prompting actions to address it. This includes reviewing, analyzing, and testing the proper implementation of physical, operational, and cybersecurity controls.
Requirements
- Skills that include the use of PCs, business software such as MS Office, Google Suite, and a variety of other application software in performing the functions of the position.
- Bachelor's degree in Business Administration, Management Information Systems a plus.
- A minimum of ten (10) years of relevant experience in banking, security, information technology, cyber security, audit, and operational risk is required.
Nice To Haves
- Due to the constant changes in Information Technology, Cybersecurity, and Operational Risk landscape it is recommended that the candidate is diligent regarding keeping themselves updated with the latest trends and industry best practices regarding the indicated job function.
Responsibilities
- Provide guidance and direction to the team, including setting performance standards and supervising performance.
- Identify the developmental needs of subordinates by coaching, mentoring, and giving constructive feedback to improve their knowledge skill.
- Ensure adherence to laws and company policies and procedures and undertake disciplinary actions if the need arises. Ensures the adequacy of the cybersecurity and data protection controls and ensures they are in line with corporate policy, regulatory requirements, as well as best practices.
- Coordinate the implementation and management of the Branch’s Incident Response plans.
- Take part in the management of the Branch's Business Continuity Program.
- Serve as the branch’s designated Security Officer.
- Administers the branch’s physical security program and ensures it adequately protects all clients, vendors, and employees, assists staff, and interacts with members regarding security issues and ensures annual staff training.
- Provide effective challenge of strategy, day-to-day operations, and gap remediation with the goal to ensure adequate cybersecurity controls and methods.
- Provide services to affiliates in a satisfactory manner in accordance with the SLAs established.
- Contributes to the development and completion of the different operational risk mandates such as completing questionnaires, developing Key Risk Drivers and Key Risk Indicators, etc.
- Maintain and manage the Branch's Gramm-Leach-Bliley Act (GLBA) and Identity Theft Prevention programs as well as the Red Flags Rule including risk assessments, staff training, and control testing.
- Create the annual security plan and manage its execution.
- Liaise with the Head Office to develop the security programs.
- Be an active participant in special projects, as necessary.
- Stay current with relevant industry and regulatory standards and best practices via seminars, industry events, training, certifications, and/or licenses.
- Ability to understand, speak (fluently), read, and write English and Spanish
- Ability to write routine reports and correspondence.
- Perform additional duties and responsibilities as assigned by management.
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
