Job Description
Job Details
Description Looking to join a Great Place to Work Employer and become a valued member of our growing team? At SmartBank, we're not just offering a job; we're inviting you to be a part of a culture built on excellence. In this role, you’ll be responsible for providing oversight and management to protect the information assets of SmartBank and actively work with business partners and services providers to institutionalize a solid security and overall IT governance framework.
Major Duties And Responsibilities Core Values and Organizational Culture - Upholds SmartBank Core Values and Purpose.
- Follows the practices outlined in the SmartBank Way, including acting, looking, and being smart.
Security Strategy Development - Design and implement a comprehensive information security strategy aligned with the organization's business goals and risk appetite.
- Advise management on industry developments in business practice, technology, security issues and legislation that impact the company’s security policy.
- Edit and maintain IRP plan and report changes to appropriate committees.
- Perform ongoing monitoring for the occurrence of security incidents, as well as prioritize resolution and follow up to confirm remediation of issues.
- Develops, maintains, and coordinates the Bank’s Business Continuity Program.
- Develop and deliver organization-wide security awareness programs to educate employees on the best practices and promote a security-conscious culture.
Risk Management - Lead the Information Security risk assessments, evaluate, present and propose remediation solutions to the appropriate oversight committees.
- Maintain information security risk assessments designed to evaluate inherent risks, controls, and residual risks to confidential information and information systems.
- Assess the quality of cyber and information security controls, including physical controls that ensure both physical and logical security, and make recommendations to management for enhancements to address residual risks identified.
Policy and Governance - Develop, maintain, and enforce information security policies, standards, and procedures to ensure compliance with industry regulations (e.g., FFIEC, NIST, GLBA) and best practices.
- Evaluate newly proposed security policies, partner with other business areas to identify required technology changes to comply with and provide recommendations to management.
- Partner with business lines and users to enforce corporate information security policy and procedures, aid in identifying risk(s) and associated controls required for ongoing processes, as well as proposed projects.
- Provide regular updates to the executive leadership team and board of directors on the state of information security, including risks, incidents, and program performance.
- Prepare the annual report to the Board of Directors that address the results of the risk assessment process; risk management and control decisions; service provider arrangements; results of security monitoring and testing; security breaches or violations and management’s responses; and recommendations for changes to the information security program.
Vendor Management - Conduct due diligence to evaluate vendors' security practices before onboarding.
- Assess risks associated with vendors’ access to data, systems, or services (e.g., data breaches, non-compliance with regulations).
- Verify that critical vendors meet SmartBank’s security policies and regulatory requirements.
Education Position Requirements and Qualifications: - Bachelor’s degree in business, Information Technology, Computer information systems, Computer science or equivalent is required.
- Ten years of relevant work experience in information security and the financial services industry.
- Experience with Business Continuity Planning, Incident Response Planning and Vendor Due Diligence
Training Requirements (licenses, Programs, Or Certificates)- ISACA Certified Information Security Manager (CISM), ISC2 Certified Information Systems Security professional (CISSP), or an equivalent certification required.
Knowledge, Skills, And Abilities - Experience and knowledge of application and operational security systems, security audits, and vulnerability assessments.
- Ability to apply knowledge and sound judgment in decision-making using established guidelines.
- Knowledge of regulations and guidance as it pertains to privacy, information security and risk management.
- Strong written and oral communication skills.
- Detail oriented and ability to work independently or within a Team Environment as the job dictates.
- Ability to weigh business risks and enforce appropriate information security measures.
- High level of integrity and confidentiality.
- Ability to troubleshoot and resolve issues.
- Ability to multitask and handle various requests and tasks at a time.
Work Conditions - Ability to stand for long periods of time as needed.
- Frequently and regularly required movements using wrists, hands, and/or fingers.
- Average, ordinary, visual acuity necessary to prepare and inspect documents or products and operate machinery.
- Must be able to work nights and weekends as needed for after-hours projects.
- May be required to travel to training sessions or meetings as required.
SmartBank Associate Benefits SmartBank can offer you a comprehensive benefits package, including:
- Medical, dental, vision, life, and disability insurance.
- A 401(k) plan with an employer match of up to 4%.
- Generous paid time off (PTO), including a minimum of 3 weeks.
- SmartFlex Days.
- Up to 11 Paid Company Holidays.
- Mental health benefits, include 8 free sessions with a coach or certified professional.
- Paid community involvement opportunities.
- Company-provided apparel at no cost.
- Learning and development opportunities, including professional and career development and tuition reimbursement
Are you ready to be a part of the SmartBank team and experience all these incredible benefits? We look forward to welcoming you to our exceptional team!
Job Tags
Work experience placement, Night shift, Weekend work,