VP, Information Security Officer
Lead security-related projects of moderate to advanced complexity through the application of skills, tools and techniques that deliver assigned processes and systems in accordance with and/or exceeding stakeholder needs and expectations. Plan and execute security-related activities and resources to ensure that established cost, time and quality goals are met. Act as an advocate for information security awareness and education and ensure user community’s adherence to the established information security policies, procedures, standards, and protocols.
Duties and Responsibilities:
- Define, review and enforce information security policy standards and guidelines for business operations and technology implementations.
- Proactively identify IT security risks with new technology vendors, IT technical software and hardware application implementations and/or business operational processes and procedures. Work with software development teams to define security objectives and guidelines. Conduct vendor risk assessment due diligence.
- Conduct security assessments and audits. Identify security issues and risk, and develop and implement mitigation plans with appropriate business leaders.
- Conduct forensic IT and incident management. Assist with group and/or company-wide IT security matters such as incident response, intrusion detection management and IT security advisories. Participate in incident handling and post-incident assessments as assigned.
- Architect, design, implement, support, and evaluate security-focused tools and services. Analyze and recommend new and emerging security products and technologies. Assess applicability to company operations, perform cost/benefit analysis and prepare and present findings to management.
- Develop and deliver training materials and perform general security awareness and specific security technology training. Evangelize security within the company and be an advocate for customer trust.
- Develop and interpret security policies and procedures. Respond to questions from internal and external teams regarding security policies, processes, and/or procedures. Advise clients as needed on best solution to issue or question.
- Participate in security project implementations, projects that develop new intellectual property, and security compliance efforts (e.g. PCIDSS, SOX).
- Participate in tier 2 and tier 3 security operations support.
- Mentor junior members of the team.
- Perform other related duties as assigned.
- An undergraduate degree in a related field.A graduate degree with a background in information security and business management disciplines is a plus.
- A minimum of 5years information security or network related experience.
- A minimum of at least one of several relevant professional certifications, such as CISSP, CISA, or CISM
- Experience managing projects or programs to achieve information security objectives
- Strong working knowledge and understanding of current technology and regulatory trends affecting financial institution information security programs. A broad based knowledge of technology trends in multiple areas is preferred
- Excellent verbal, written, and interpersonal communication skills
- A team player able to work effectively in a team fostered, multi-tasking environment to ensure security compliance.
- Ability to influence others in a wide range of positions and levels during projects
- Demonstrated ability to analyze security and technology control effectiveness.
The Bancorp is an Equal Opportunity Employer