The Director, Integrated Security, is responsible for developing, implementing, and maintaining a comprehensive information security program to protect the bank's data and systems, ensuring compliance with regulations and industry standards. Areas of oversight include Enterprise Security Governance, the Bank's policies and programs for Information Security, IT Risk Management, and Corporate Security.

What you'll do:

Develop and Maintain Security Programs:

• Create and maintain a comprehensive information security program, including policies, procedures, and standards.
• Ensure the program aligns with industry best practices and regulatory requirements.

Risk Assessment and Management:

• Conduct regular risk assessments to identify vulnerabilities and threats.
• Develop and implement risk mitigation strategies.

Compliance:

• Ensure compliance with relevant regulations, such as the Gramm-Leach-Bliley Act (GLBA) and the Financial Services Modernization Act (FSMA).
• Stay informed about emerging security threats and vulnerabilities.

Incident Response:

• Develop and maintain an incident response plan.
• Respond to and investigate security incidents.

Security Awareness and Training:

• Develop and deliver security awareness training to employees.
• Promote a culture of security within the organization.

Technology Security:

• Evaluate and recommend security technologies.
• Monitor and maintain security systems.

Collaboration:

• Collaborate with other departments, such as IT, audit, and legal, to ensure a holistic approach to security.
• Work with business leaders to understand their needs and ensure security measures are effective.

Reporting and Monitoring:

• Develop and maintain reports on security performance and compliance.
• Monitor security events and alerts.

Serves as Bank Protection Officer

Deliver an Annual Security Report to the Board

Advise on security awareness and training curriculum

Champion security and resilience initiatives across the enterprise

Other duties as assigned

What you'll need to be successful:

Success in this job relies on your time management skills, organization, and positive attitude. In addition, you'll need the following qualifications:

• Minimum of 10 years of experience administering Information Security and Physical Security programs within the Financial Sector
• Minimum of 5 years Mid to Large Bank security experience
• Bachelor's Degree preferred
• Expert knowledge of risk management practices and regulatory expectations.
• Strong analytical reasoning, problem solving and critical thinking skills
• Strong computer and organizational skills
• Strong oral and written presentation skills
• Ability to work independently with a multi-level team
• Ability to multi-task and meet deadlines
• Strong proficiency with Microsoft Office (Word, Excel, Outlook, etc.);

Preferred Certifications:

• Current Certified Information Systems Security Professional (CISSP)
• Current Certified in Risk and Information Systems Control (CRISC)
• ASIS Certified Protection Professional (CPP) or Physical Security Professional (PSP) preferred

What we offer:

Because we recognize and reward hard work, we offer a competitive salary, a full benefits package, and the potential for a performance-based bonus.

What to do next: If Cornerstone sounds like the place for you (and if you have the qualifications, drive, and passion to match), we invite you to become a member of our winning team! And remember, once you're part of our Cornerstone family, we'll continue to invest in you as a valuable asset in our company. As many of our team members can tell you, there's something special about working at Cornerstone.