IT Security Program Officer

Job Description
Responsible for the Bank's IT security program, oversight as well as day-to-day maintenance of IT security functions including risk assessments, security reports, vulnerability management program, user permissions management, and business continuity planning and maintenance.

ESSENTIAL DUTIES & RESPONSIBILITIES

• Serve as IT liaison for federal examiners, external and internal auditors
• Responsible for ongoing development of IT Risk Assessments, Continuity Planning and documentation
• Align IT security goals with FFIEC standards and the NIST Cybersecurity Framework
• Annually review, and administer FFIEC Cyber Security Self Assessment Test (CAT) and Ransomware Self Assessment Test (R-SAT)
• Developing and administer ongoing program for data leakage prevention & protection (DLP)
• Review key systems daily for IT security exceptions: vulnerability scanning, antivirus, data backup, replication. Report exceptions to management
• Oversee the bank's incident response program
• Responsible for vulnerability management program including asset and vulnerability discovery, risk prioritization, patch management reporting, remediation and exception tracking. Provide monthly report to IT management
• Responsible for monthly security assessment of network perimeter systems and the testing of externally facing assets
• Responsible for software asset management including the tracking of the purchase, utilization, version upgrade, and disposal of software applications
• Responsible for user permission management and permission reviews with lines of businesses.
• Responsible for reviews of application access and privileges with lines of business
• Responsible for assembling the business continuity and disaster recovery documentation. Maintain and distribute the written BCP/DR plan to line of businesses
• Schedule and report on business continuity testing as determined by the BCP testing matrix
• Support IT risk assessments data and documentation collection and assist with IT risk assessments.
• Administer and monitor social engineering testing; provide monthly reports to the supervisor.
• Coordinate cybersecurity education to end users.
• Perform additional duties as requested, needed or assigned.

Experience and Skills
JOB REQUIREMENTS

• Understanding of regulatory requirements in order to oversee IT Security Program effectively for the Bank
• Skill in understanding various aspects of information security and related technology concepts
• General knowledge of the Bank's software applications, technological infrastructure, networking and network design, and data processing systems
• Willingness to continue education and pursue cybersecurity certifications
• Strong organizational skills
• Ability to manage multiple concurrent tasks
• Excellent oral and written communication skills
• Must be able to communicate with users with all levels of computer experience
• Ability to adhere to Needham Bank's Core Values (Focus on Customer Relationship, Embrace Change, Work as a Team, Be an Asset to Your Community, Always Learn, and Do the Right Thing)

EDUCATION & EXPERIENCE

• Bachelor's degree in IT Cybersecurity or equivalent work experience
• 4-6 years banking and/or technology cyber security experience
• IT Security certifications preferred (CISSP, CISM, CEH, CCSP)

WORKING CONDITIONS/PHYSICAL DEMANDS

• Must be able to routinely perform work on computer for an average of 6-8 hours per day, when necessary
• Must be able to work extended hours if required or by management
• Must be capable of regular, reliable and timely attendance
• Ability to interact with the staff, co-workers, in a service-oriented manner
• High level of organizational proficiency and ability to multitask successfully

Needham Bank offers a competitive salary and an amazing benefit package for a full-time employee which includes fully paid medical and dental insurance, HRA, 401(k) plan with an 8% bank match, paid time off (PTO), paid holidays, a bonus program, flexible spending accounts, vision service plan, group term life insurance, short and long term disability insurance, tuition reimbursement, and an Employee Assistance Program. We offer a great benefit package to our eligible part-time employees as well.

At NB, we are dedicated to building a diverse, inclusive and authentic workplace - if you are excited about this role, but your past experience doesn't align perfectly with every qualification in the job description, we still encourage you to apply. You may be just the right candidate for this or other roles.

Needham Bank is an Equal Opportunity/Affirmative Action Employer. Needham Bank will provide all applicants for employment and all employees with equal opportunity for employment and promotion regardless of race, color, religion, gender, national origin or ancestry, age, disability, veteran status, military service, sexual orientation, genetic information, or gender identity.