SVP, Chief Information Security Officer

About The Position

Requirements

• Bachelor's degree in Information Systems, Computer Science, or a related discipline preferred.
• Certified Chief Information Security Officer (CCISO) and Certified Information Systems Security Professional (CISSP) required.
• 10 to 15 years of information system experience preferably in a U.S. bank of $15 billion or greater in asset size with network experience.
• Knowledge and experience in state and federal information security laws.

Nice To Haves

• Information Systems Security Engineering Professional (ISSEP), Certified in Risk and Information Systems Control (CRISC), and/or Certified Information Security Auditor (CISA) a plus.

Responsibilities

• Builds a strategic and comprehensive information security program that defines, develops, maintains and implements policies and processes that enable consistent, effective information security practices which minimize risk and ensure the integrity, confidentiality and availability of information owned, controlled, and processed within the Bank.
• Ensures information security policies, standards, and procedures are up-to-date and consistent with perceived threats to data in all forms.
• Facilitates risk assessments related to information security and risk management with business units.
• Initiates, facilitates, and promotes activities to foster information security awareness within the Bank.
• Creates a culture of cyber security both with IT and driving behavioral changes for the business.
• Evaluates security trends, evolving threats, risks and vulnerabilities and applies tools to mitigate risk as necessary.
• Manages security incidents and events involving electronic protected information.
• Ensures that the disaster recovery, business continuity, risk management and access controls needs of the Bank are addressed.
• Ensures the Bank complies with the administrative, technical, and physical safeguards.
• Collaborates with Senior Management to establish governance for the security program.
• Serves in a leadership role for security compliance.
• Works closely with Compliance to ensure alignment between security and privacy compliance programs including policies, practices, and investigations.
• Responsible for initial and periodic information security risk assessment/analysis, mitigation and remediation.
• Ensures the Bank has audit controls to monitor activity on electronic systems that contain protected information.
• Oversees periodic monitoring and reviewing of audit records to ensure that activity is appropriate.
• Ensures the Bank has and maintains appropriate system use and disclosure/confidentiality statement.
• Oversees, develops and/or delivers initial and ongoing security training to the workforce.
• Establishes and administers a process for investigating and acting on security incidents which may result in a privacy breach.
• Maintains current knowledge of applicable federal and state security laws, licensing, and certification requirements and accreditation standards.
• Serves as information security consultant to all departments for all data security related issues.
• Assists with overall technology planning.

Benefits

• $250,000.00 - $300,000.00 / year Pay determined based on job-related knowledge, skills, experience, and location.
• This position may be eligible for a discretionary bonus.