Information Security Officer (ISO) will be a part of the team responsible for implementing and maintaining NY DFS Part 500 Cybersecurity compliance strategy to secure information assets, services, and the processes that depend on them, building trust with clients and stakeholders, and protecting the non-public information of the Branch.
The ideal candidate is a driven team-player with experience working in a dynamic environment and the ability to wear multiple hats in the information security realm. Candidate should have a proven history of sound Cybersecurity governance including but not limited to policy/procedure design, cybersecurity metrics and reporting and information security program delivery in one or more security domains. The candidate should also have experience in IT risk management activities including control assessments, gap analysis, external or internal audit, IT risk management concepts and methodologies. Candidate should be able to leverage multiple
forms of communication to articulate complex security concepts with proficiency to technical contributors, Management and other affected stakeholders.
• Draft information security policies, procedures, management reports, dashboards, meeting minutes and detailed presentations for senior management and business leaders and clearly demonstrate an understanding of IT risks and findings.
• Perform activities to measure and monitor successful IT control implementation.
• Manage and deliver security enhancement projects.
• Knowledge of core banking systems including but not limited to Prime, Surety, MTS, and Fircosoft.
• Coordinate IT controls testing, risk assessments, maturity assessments, and evaluation of controls and measurements against policies, standards and processes.
• Experience dealing with both Internal Audits and Regulatory Exams.
• Some degree of proficiency with cybersecurity controls, including but not limited to SIEM Splunk, Symantec DLP, CyberArk, Qualys and others.
• Contribute to NY DFS Part 500 Cybersecurity Regulation-related deliverables.
Knowledge & Experience Requirements:
• Minimum 7 years’ experience in information security control assessments, audit, or compliance.
• Big 4 experience preferred or comparable experience.
• Bachelor’ s degree, preferably in Computer Science or a related field, or equivalent experience.
• CISSP, CISM, Security +, or other specialized information security certification(s) preferred.
• Ability to work both independently and cooperatively, but always a team player.
• Demonstrate expertise with MS Office applications (including SharePoint) and other related tools as required.
• Ability to multi-task to the max without omissions and mistakes.
• Strong research skills with a keen attention to details.
• Strong organizational, communication, both written and verbal communication skills and the ability to interact well with different levels within the organization.
• Understanding and/or experience working at FBO is preferred.