Icon hamburger
US
What job do you want?
Apply to this job.
Think you're the perfect candidate?
Apply on company site
Thumsup

You’re being taken to an external site to apply.

Enter your email below to receive job recommendations for similar positions.
Mxp4h85wx5st93ysgb2

Chief Information Security Officer

ExecuNet Attica Full-Time
$82,500.00 (Careerbuilder est.)
Apply on company site

Summary:

Responsible for implementation of the Bank's Information Security Program and Vendor Management Program. Responsible for overseeing the testing and monitoring of information security controls for compliance with Bank policies and regulatory requirements to ensure that Bank and customer information is properly secured.

Qualifications:

Education:  Bachelor of Science in Information Security, Computer Forensics or related field. 

Licenses/Certifications:  Certified Information Systems Security Professional ("CISSP"); Certified Information Systems Auditor ("CISA"); Certified in Risk and Information Systems Control ("CRISC"); Certified Information Security Manager ("CISM"); or other equivalent certification required. 

Experience:  At least seven years of experience in information security. Advanced knowledge (able to train and answer complex questions) of GLBA and compliance related regulations requirements and knowledge of applicable banking policies, procedures, laws, and regulations.

Essential Functions:

  • Maintain the Information Security Program and related policies and procedures. Make updates based on regulatory guidance and CISP/IT Steering Committee feedback.
  • Complete the annual Customer Information Security Program Risk Assessment and Report of the Information Security Officer to the Board of Directors, documenting risks, results of audits and assessments, and breaches.
  • Continue to enhance the Information/Cybersecurity awareness programs for employees and customers.
  • Participate in risk assessments that are performed for cybersecurity, critical technologies, applications, or devices that are implemented or revised.
  • Coordinate the Bank's responses to potential data breaches according to the Bank's Incident Response Plan.
  • Participate in the annual review of employee access rights to Bank systems to verify alignment with job responsibilities.
  • Participate in the configuration of all Bank applications to ensure they meet the standards set forth in the Information Security Program and applicable law.
  • Participate in reviewing system logs for the Bank's infrastructure to identify trends. Investigate abnormalities and exceptions to the Bank's Information Security Program.
  • Review system vulnerability and penetration testing and IT audits conducted and ensure findings are sufficiently addressed.
  • Participate in the design and oversight of an Identity and Access Management Program that encompasses all bank applications.
  • Enhance the Vulnerability Management Program by identifying, prioritizing, and tracking vulnerabilities in the environment.
  • Conduct Internal and External Information Security Tabletop Testing.
  • Implement the Bank's Vendor Management Program, including coordination of annual vendor risk assessments and compliance with GLBA. Communicate with management regarding new vendor due diligence. Make policy and procedure revisions as needed.
  • Participate in Business Continuity Plan (BCP) Committee meetings, oversee the BCP updates and Business Impact Analysis, and ensure that annual BCP Testing per the BCP Test Plan occurs and is adequately documented.
  • Stay current with IT-related regulatory guidance and alerts and industry alerts including FS-ISAC information.

Knowledge/Skills/Abilities:

  • The ability to communicate effectively and clearly, both in verbal and written communications, as well as, present information to groups of managers, employees, customers, and the general public.
  • Excellent interpersonal skills.
  • Excellent problem solving skills.
  • Strong knowledge of the business area(s) that are being supported.
  • Self-directed and motivated.
  • The ability to manage multiple tasks.
  • The ability to calculate figures as it relates to accounting processes.
  • Strong leadership skills with the ability to supervise others.
  • The ability to manage multiple tasks.
  • Technical writing, to include reports, procedure manuals, articles for publication, training documents, policies and procedures, and legal documents.
  • The ability to read, analyze and interpret financial statements, government regulations, professional journals, etc.
  • Must have ability to analyze and solve complex problems, develop automated systems.
  • Ability to respond to common inquiries or complaints from employees, customers, regulatory agencies, or members of the business community.
 

Recommended skills

Incident Response
Certified Information Security Manager
Risk Analysis
Information Security
Certified In Risk And Information Systems Control
Business Continuity Planning
Apply to this job.
Think you're the perfect candidate?
Apply on company site

Help us improve CareerBuilder by providing feedback about this job: Report this job

Report this Job

Once a job has been reported, we will investigate it further. If you require a response, submit your question or concern to our Trust and Site Security Team

Job ID: 592415

CAREERBUILDER TIP

For your privacy and protection, when applying to a job online, never give your social security number to a prospective employer, provide credit card or bank account information, or perform any sort of monetary transaction. Learn more.

By applying to a job using CareerBuilder you are agreeing to comply with and be subject to the CareerBuilder Terms and Conditions for use of our website. To use our website, you must agree with the Terms and Conditions and both meet and comply with their provisions.