Information Security Manager - Banking Industry
GENERAL SUMMARY
Manages the technical and operational duties of staff engaged in network systems security, design, support and operations. Performing related duties as required.
PRINCIPAL DUTIES AND RESPONSIBILITIES
Formulates, develops, implements and administrates integrated security system architectures for company automated and non-automated information systems. Provides planning, leadership, direction, and technical expertise regarding information systems security services; serves as high level technical expert in regards to the security of all company information systems and associated issues. Ensures that the company is in compliance with all applicable laws and regulations regarding information security. Maintains a broad knowledge of current and emerging state-of-the-art information system security technologies, architectures, and products. Performs miscellaneous job related duties as required.
Job Requirements
Bachelor’s degree and/or at least 6 years of experience that is directly related to the duties and responsibilities as described above.
Information Security or technology related certifications are preferred (CISSP, GIAC, CCNA, CCSP, CCNP, MCSE, Security+, Network+)
Must be able to work nonstandard hours, nights, weekends and/or holidays when needed
Must be able to travel between regional area sites as requested
Must be able to lift up to 50lbs
Knowledge, Skills, and Abilities RequiredStrong interpersonal and communication skills and the ability to work effectively with a wide range of constituencies in a diverse community. Advanced understanding of IP addressing, routing, IP Subnetting, and LAN/WAN internetworking technologies: EIGRP,OSPF, RIP, QOS, BGP4Cisco Network Infrastructure including VoIP, Nokia Firewalls, Checkpoint VPN, iSCSI, Storage Area Networks, Windows 2000/XP/2003, Active Directory, ePolicy Orchestrator, Patchlink and McAfee Anti-Virus Suite.Advanced knowledge and understanding of a range of information systems software and hardware and related technologies. Ability to analyze and assess information systems architecture requirements and determine optimum, secure, cost-effective solutions. Ability to communicate technical information to non-technical personnel. Information systems planning skills. Knowledge of information systems infrastructure requirements and standards. Knowledge of current technological developments/trends in area of expertise. Advanced knowledge of information security systems, applications, procedures, and techniques. Ability to plan, develops, and coordinates multiple projects. Knowledge of contract documents and specifications. Ability to develop and present educational programs and/or workshops.
PRINCIPAL DUTIES AND RESPONSIBILITIES
1. Serve as Information Security Officer. Works with business unit management to ensure that confidential information is secure from unauthorized access, protected from inappropriate alternation, and available to authorized users in a timely fashion.
2. Oversee the Bank’s Information Security Program including, but not limited to, vendor management, incident response, and security awareness.
3. Serve as central analyst responsible for enterprise-wide monitoring of logical security.
4. Participate in planning for future hardware and software to assure proper information security controls are incorporated to the support future business needs.
5. Perform system risk assessments, information security analysis, and security audits.
6. Develop methods and techniques to evaluate the effectiveness of information security stems and establish methods to perform risk assessment of these information systems.
7. Develop strategies and plans to provide timely business resumption of information systems in the event of a serious disruption.
8. Analyze and monitor the security and integrity of local area network (LAN) and wide area network (WAN) infrastructures, including, but not limited to connectivity and access controls, firewall and intrusion prevention systems.
9. Monitor resources to ensure that appropriate system updates and patches are implemented in a timely manner.
10. Monitor security integrity, and performance of information technology processes and services. Review system and user maintenance reports, logs, and change forms. Recommend changes, enhancements, and control modification to the Chief Information Officer and other applicable management.
11. Monitor design and growth of LAN/WAN infrastructure, connectivity, and security.
12. Serve as a liaison for the Information Technology department during Information Technology audits and regulatory examinations.
13. Maintain a current working knowledge of industry standards, security and privacy guidelines, and updates related to information technology and information security in the financial sector.
14. Maintain a proficient knowledge of software applications in use by the Bank and access control parameters in order to determine whether appropriate security and access controls are implemented and maintained.
15. Prepare monitoring reports for Chief Information Officer and Information Technology Steering Committee regarding the security and performance of the Bank’s LAN/WAN infrastructure, PC-based and core based systems.
16. Monitor internal, external, and regulatory examinations. Ensure that recommendations are traced and reviewed and appropriate changes are implemented in a timely manner. Provide status reports to the Chief Information Officer and Information Technology Committee as required.
17. Analyze and monitor remote access, Internet access, intrusion prevention systems, and firewalls.
18. Oversee the annual penetration tests of the Bank’s systems and applications.
19. Lead and execute assignments in accordance with established security programs and project plans, ensuring consistent quality in communication, execution, and delivery of objectives.
20. Document work in accordance with departmental work paper formats.
Please include your salary history and requirement along with your resume for immediate consideration.
|
Banking 