- Provides subject matter expertise for a key security capability.
- Monitors and assesses technology needs against security concerns and recommends necessary changes to enhance information systems security .
- Assesses security posture at the enterprise level for potential vulnerabilities and threats. Provides recommendations to resolve potential findings and increase security capabilities for enterprise systems.
- Provide a risk based approach and guidance to line of business service partners to improve key security controls.
- Provides enterprise or line of business consolidated risk based reporting and metrics based on potential vulnerabilities and threats.
Manages Risk - Working Experience
- Assesses and effectively manages all of the risks associated with their business objectives and activities to ensure activities are in alignment with the bank's and unit's risk appetite and risk management framework.
Customer Focus - Extensive Experience
- Knowledge of the values and practices that align customer needs and satisfaction as primary considerations in all business decisions, and ability to leverage that information in creating customized customer solutions.
Job Specific Competencies
INFORMATION SECURITY MANAGEMENT - Working Experience
- Knowledge of and the ability to manage the processes, tools, techniques and practices for assuring adherence to standards associated with accessing, altering and protecting organizational data.
IT Standards, Procedures & Policies - Extensive Experience
- Knowledge of and the ability to utilize a variety of administrative skill sets and technical knowledge to manage organizational IT policies, standards, and procedures.
IT ENVIRONMENT - Extensive Experience
- Knowledge of an organization's IT purposes, activities and standards; ability to create an effective IT environment for business operations.
Problem Solving - Extensive Experience
- Knowledge of approaches, tools, techniques for recognizing, anticipating, and resolving organizational, operational or process problems; ability to apply this knowledge appropriately to diverse situations.
Effective Communications - Extensive Experience
- Understanding of effective communication concepts, tools and techniques; ability to effectively transmit, receive, and accurately interpret ideas, information, and needs through the application of appropriate communication behaviors.
Analytical Thinking - Extensive Experience
- Knowledge of techniques and tools that promote effective analysis and the ability to determine the root cause of organizational problems and create alternative solutions that resolve the problems in the best interest of the business.
Knowledge of Organization - Extensive Experience
- Knowledge of the organization's vision, structure, culture, philosophy, operating principles, values, and code of ethics; ability to apply this understanding appropriately to diverse situations.
Information Security Technologies - Extensive Experience
- Knowledge of technologies and technology-based solutions dealing with information security issues.
CISA, CISSP, and CISM preferred.
RequiredEducation and Experience
Roles at this level typically require a university / college degree. Higher level education such as a Masters degree, PhD, or certifications is desirable. Industry relevant experience is typically 8+ years. Specific certifications are often required. In lieu of a degree, a comparable combination of education and experience (including military service) may be considered.