Responsible for managing the confidentiality, integrity and availability of enterprise wide Information Security Programs and systems. Evaluates and recommends improvements to enterprise information security. Also responsible for developing, implementing and administering all segments of the Banks Security Program, including physical, technical, personnel, procedural and electronic security.
- Initiate, facilitate, and promote activities to create information security awareness within the organization.
- Research information security best practices and integrate these practices into procedures that support information security policies and standards.
- Support information security service delivery projects including training associated with information security product implementations.
- Act as in-house security consultant including performing risk assessments, making policy determinations, and developing security processes.
- Participate as a key member and information security subject matter expert on project teams chartered with the implementation of various security technologies, new and existing applications and other infrastructure projects.
- Oversee and/or review the proper operation and setup of connection security for local area networks, the Bank's Web site and intranet, and e-mail communications.
- Oversee and/or review the security of databases and how data is transferred both internally and externally.
- Oversee and manage the process executed in the event of a security breach.
- Work with the Bank's legal representative and department leaders, ensuring that employees, customers, facilities, assets, records and proprietary information are protected.
- Develop the Banks Physical Security Program, including physical and procedural security measures for all locations and plans for reducing or eliminating premises liability issues and site analysis and threat assessment documentation.
- Develop and administer security training programs for all employees.
- Prepare periodic reports for the Audit Committee regarding regulatory compliance with security requirements.
- Conduct investigations as necessary.
- Maintain record of any crimes committed or attempted against the Bank.
- Develop and maintain corporate investigative practices and standards, and investigating all suspected internal and external criminal violations, suspicious incidents and policy violations that may become security issues.
- Act as the Banks Privacy Officer, responsible for overseeing the Banks Compliance with GLBA and Regulation P.
- Acts as the Fraud Officer.
- Responsible for adherence to all compliance programs, including but not limited to, completion of all required and assigned training modules by established due dates.
Knowledge and Skills:
- In-depth technical knowledge of computer workstations and platform operating/application systems.
- Strong knowledge of intrusion, detection and prevention techniques.
- Strong knowledge of industry -Best Practices and laws relating to data privacy and protection.
- Knowledge of law enforcement practices as related to security is helpful.
- High level of analytical and problem-solving abilities.
- Ability to conduct research into security issues and products as required.
- Strong organizational, oral communication and project management skills.
- Ability to effectively prioritize and execute tasks in a high-pressure environment.
Education and/or Experience:
10+ years of broad hands-on experience with the setup and administration of firewalls, intrusion detection systems, anti-virus software, and data encryption software. 5 years of direct network management experience with devices such as switches and routers. Experience working in a team-oriented, collaborative environment. CISSP or CISA certification. Experience working with, and presenting to, executive level management. Carries out supervisory responsibilities in accordance with the organizations policies and procedures and applicable laws. Responsibilities include, interviewing, hiring, and training employees; planning, assigning, and directing work; appraising performance; rewarding and disciplining employees; addressing complaints and resolving problems.
Responsible for direction supervision of the Information Security Department. This position will be responsible for managing projects, which may include the directing and supervising of multiple employees at varying levels that are assigned to these projects.
Software Powered by iCIMS