The Information Security Supervisor assists the Chief Information Security Officer in establishing and maintaining a corporate-wide information security program to ensure that information assets are adequately protected. This position is responsible for identifying, evaluating, and reporting on information security risks in a manner that meets compliance and regulatory requirements, and aligns with and supports the cyber risk posture of the Bank.
In addition, the Information Security Supervisor will take a primary role in overseeing, assigning, leading production, and filing deadlines and targets for the Information Security Department. This position is responsible for quality control reviews for direct reports while collaborating with risk and IT management to ensure the Bank meets the information security goals.
Duties and Qualifications
The duties listed below may not include all responsibilities that the person in this role may be asked to perform. The incumbent may be required to perform other related duties as assigned.
- Assist the Chief Information Security Officer in the overall Information Security Program management
- Supervises the monitoring efforts of the Information Security Department
- Leads all information security risk assessments for the Bank
- Perform appropriate quality control assessments over Information Security Program components
- Perform research as appropriate to provide sound, well-reasoned information security advice and support
- Monitor compliance with GLBA and privacy regulations regarding data confidentiality, transmission, and storage
- Prepare, analyze, and monitor production statistics to meet both production and quality expectations
- Work with auditors and examiners during regulatory compliance audits/examinations
- Participates in job-specific training and other various Bank training programs, as necessary
- Comply with all federal and state laws and regulations, and all established bank policies and procedures
- Maintain current knowledge of all information security and cybersecurity best practices, rules, regulations, and laws
- Proactive identification and mitigation of IS/IT risks as well as assisting in the development of periodic reports and dashboards presenting the level of controls compliance and current IS/IT risk posture.
- Maintains current knowledge of all rules, regulations, and laws as they apply to BSA/OFAC/USA Patriot Act/CIP/AML, and ensures adherence by the respective department personnel
QUALIFICATIONS
These specifications are general guidelines based on the minimum experience normally considered essential to the satisfactory performance of this position. The requirements listed below are representative of the knowledge, skill and/or ability required to perform the position satisfactorily. Individual abilities may result in some deviation from these guidelines.
- A Bachelor’s degree in Information Security, Information Technology, or a related field or is working towards completion of such a degree (relevant work experience may be substituted for degree requirement)
- Must possess a minimum of 7 in an Information Security or Information Technology role with working knowledge of the regulatory environment and applicable banking regulations
- Computer proficiency in Windows, Microsoft Excel, and Word
- Good organizational, interpersonal, and communication skills
- Attention to detail and mental concentration are necessary for accurately performing multiple tasks in a fast-paced environment with frequent interruptions, as well as the ability to meet deadlines and multitask
- Prior project management experience
- Extensive PC knowledge to train and direct employees using applications and operating systems
- Ability to work effectively in a fast-paced environment and meet deadlines
- Knowledge of IS/IT processes and controls and a strong understanding of risk and control frameworks such as (FFIEC, CoBIT, ISO, NIST, ITIL, PCI).
- Must be able to work flexible hours (Monday - Friday, and occasional Saturdays)