||Information Security Officer
The Information Security Officer the Bank’s enterprise Information Technology Security initiatives, and identifies vulnerabilities and performs risk assessments on the Bank’s IT function.
The duties listed below may not include all responsibilities that the person in this role may be asked to perform. Incumbent may be required to perform other related duties, as assigned, including cross training across other departments, as necessary.
Develops, maintains and documents IT security programs according to regulatory compliance requirements
- Manages the preparation of the Information Technology Systems Security portion of the Bank’s audits and examinations
- Oversees the management of the IT Security Administrators
- Establishes and promotes information security awareness training
- Manages the hiring, daily activities, coaching, evaluating and counseling of reporting staff
- Participates in job specific training and other various Bank training programs, as necessary
- Maintains current knowledge of internal risk controls and loss prevention, including reporting of suspicious or unusual customer activity per Bank policy, and ensures adherence by the respective department personnel
- Maintains current knowledge and complies with all federal and state laws and regulations and all established Bank policies and procedures, including internal audit controls related to department operations, and ensures adherence by the respective department personnel
- Maintains current knowledge of all rules, regulations, and laws as they apply to BSA/OFAC/USA Patriot Act/CIP/AML, and ensures adherence by the respective department personnel
These specifications are general guidelines based on the minimum experience normally considered essential to the satisfactory performance of this position. The requirements listed below are representative of the knowledge, skill and/or ability required to perform the position in a satisfactory manner. Individual abilities may result in some deviation from these guidelines.
Bachelor’s degree in Computer Information Systems or a related field
- Five years of banking experience, including three years of experience in information systems security management, using Windows NT/2000 and network security
- Strong knowledge of IP networking, networking protocols and understanding of security related technologies, including encryption, Ipsec, VPNs, firewalls, proxy services, DNS, electronic mail and access lists, Internet, web, application and network security techniques
- Extensive knowledge of information, computer system architecture and communications security principles
- Experience in the development of information security policies, intrusion response procedures, risk analysis and administering the operations of a complex security infrastructure
- Good written and verbal communication, presentational, organizational and interpersonal skills
- Problem solving and the ability to prioritize tasks
- Experience in developing policies, procedures and project plans
- Skills must include personal computer experience with working knowledge of Microsoft Office Professional
- Visual and mental concentration are necessary for accurately performing tasks, working at computer for long periods of time, working in a fast-paced environment and handling frequent interruptions
- Position requires extended periods of sitting
- Bilingual in English and Spanish is desired
This position reports to the Chief Risk Officer
- This position oversees the IS Senior Analyst
All employees are required to attend scheduled mandatory trainings and complete online regulatory compliance training courses applicable to their specific job function. In all situations, employees must ensure that their actions fully comply with all federal banking laws and regulations, including internal bank policies and procedures.
The Bank’s Mission Statement includes a commitment to helping our communities grow by serving them with pride and integrity. All employees are encouraged to volunteer for bank sponsored activities, civic, charitable and community events and to be active in the communities we serve.