VP, Information Security

Poppy Bank
just now
Match Resume

About The Position

The Vice President, Information Security is a senior-level role responsible for shaping and maintaining the Bank’s cybersecurity posture. This position serves as a trusted advisor to the SVP, Information Security Officer and collaborates across business units, IT, Compliance, and Audit to ensure confidentiality, integrity, and availability of bank systems and data. With minimal supervision, the VP will lead strategic initiatives, oversee critical security platforms, and drive risk reduction efforts. The VP, Information Security is part of Poppy Bank’s Information Security Team who proactively maintain our cybersecurity posture. This position will collaborate with business units and work closely with the Information Technology team, various departments, and a variety of vendors that supply the Bank’s layered information security architecture. The incumbent is responsible for daily, weekly, monthly, and quarterly monitoring of information security events and the platforms that generate those events. Platforms include anti-phishing, vulnerability management, patch management, end-point protection, data-protection among others. The incumbent will work closely with a Managed Security Provider as some of the security platforms are outsourced to an MSP. The VP assists the ISO in responding to and mitigating threats across the organization. The incumbent will work closely with the Information Security Officer in evaluating emerging threats to the environment, adjusting the security posture accordingly. Researches, evaluates, and implements new cybersecurity platforms while optimizing existing solutions to enhance security effectiveness. The Information Security Team frequently collaborates across the organization in securely deploying new technologies and processes that support the business while protecting the Bank and its customers. The incumbent will serve as a liaison with the Bank’s Compliance and Audit teams, ensuring close tracking of various audit and exam findings. Where division of duties permit, the incumbent will assist the Information Technology Team in various projects and tasks. Ensures compliance within all Bank policies and procedures, as well as all applicable state and federal banking regulations.

Requirements

  • Minimum 7+ years of progressive experience in information security, with at least 3 years in a leadership or senior advisory role
  • Certifications: CISSP, CISM, CRISC strongly preferred
  • Experience in regulated financial services environment desired
  • Strong understanding of cloud security (AWS, Azure), network architecture, and endpoint protection
  • Deep knowledge of security frameworks (NIST CSF, NIST 800-53, CIS Controls, MITRE ATT&CK)
  • A BA/BS degree in Computer Science or related discipline; or an equivalent combination of experience and education.
  • Proficient understanding of IT concepts and principles, including strong knowledge of networking, server management, firewall, SD-WAN, and virtualization technologies
  • Understanding of the following technologies: PC’s, laptops, printers, mobile devices such as Apple iPad, and other peripherals, networking, Active Directory, Exchange, Windows, Microsoft Office, anti-virus / anti-malware software
  • Working knowledge of Windows 10, Server 2016, Server 2019, Office 2019, M365
  • Ability to prioritize and manage multiple tasks to meet deadlines
  • Ability to interact with a wide range of internal staff members and external professionals, including consultants, vendors, auditors, technical staff, and others
  • Intermediate level experience with creating technical documentation
  • Experience of working in a fast-paced, team-oriented environment, with the ability to positively contribute to cross-functional teams
  • Intermediate level knowledge of networking/security solutions including firewalls, IPS, SIEM, LAN/WAN, wireless, VPN, VLANs preferred
  • The ability to learn quickly and adapt to changing requirements

Nice To Haves

  • Certifications: CISSP, CISM, CRISC strongly preferred
  • Experience in regulated financial services environment desired
  • Intermediate level knowledge of networking/security solutions including firewalls, IPS, SIEM, LAN/WAN, wireless, VPN, VLANs preferred

Responsibilities

  • Partner with SVP ISO to define and execute the bank’s information security roadmap; evaluate emerging threats; serve as SME during audits and board reporting
  • Develop and enforce security policies aligned with GLBA, FFIEC, NIST CSF; liaise with Compliance and Audit
  • Oversee monitoring of security controls (email security, remote access, vulnerability management, endpoint protection, DLP); lead incident response; manage MSSP relationships
  • Research and implement advanced security technologies (SIEM, CASB, EDR); drive vulnerability management; report metrics to leadership
  • Mentor junior staff; assist in building a scalable security team
  • Demonstrates a thorough understanding of junior-level responsibilities and provides hands-on support when needed to ensure continuity and team success
  • Implements policies or procedures and tracks compliance throughout the organization with SVP review.
  • Help coordinate audits and exams and track remediation efforts to conclusion
  • Diagnose and research causes of security issues (e.g., misconfigured DNS records, exposed insecure protocols, use of known-vulnerable software, weak ciphers)
  • Collaborate with IT to ensure new product deployments comply with security policies and standards
  • Monitor and report on emerging cybersecurity threats and trends and provide recommendations to internal teams on how to mitigate risks
  • Respond to security incidents and/or policy violations
  • Track and report security metrics and efforts to the Information Security Officer and update the department at weekly Team meetings
  • Identify risks and make recommendations to SVP for proactive preventative measures
  • Perform scheduled software/hardware system checks & upgrades (may involve occasional after-hours work)
  • Support Information Security Analyst with researching, installing, configuring, maintaining, and monitoring cyber security platforms as needed
  • Maintains strong knowledge of the threat landscape and mitigation strategies
  • Document internal processes and procedures related to duties and responsibilities
  • Minimum of 10 hours CRA volunteer hours per year. Volunteer hours are typically scheduled within business hours. This is compensable time and mileage is reimbursed
  • Other duties as assigned

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume

What This Job Offers

Job Type

Full-time

Career Level

Mid Level

Job Search Resources

Similar VP, Information Security job opportunities

Information Security, VP
Oracle
Oracle • Columbia, MD4d • Hybrid
VP Information Technology & Cyber Security
1st United Credit Union
1st United Credit Union • Pleasanton, CA2d • $185,000 - $225,000 • Hybrid
VP, Information Technology
Rendr
Rendr • New York, NY1d
VP, Security
Stax
Stax • Orlando, FL6d • Onsite
VP, Security
Stax
Stax • Orlando, FL5d • Onsite
Information Security Tech Lead Analyst
Career-Mover
Career-Mover • Irving, TX8d • Hybrid
Explore More Jobs

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service