Information Security Officer
New York, NY (Midtown)
To 130K base / 150K-160K package
International Public Bank - for over 100 years has provided wholesale and retail banking, commercial, and mortgage loans, and financial and international business services. The company offers its products to individuals and companies of all sizes.
Duties and Responsibilities:
* Overall Responsibility for Information Security at the Branch
* Advising Senior Management and Risk Committee on Information Security Issues
* Conduct the information security risk assessment program. Handling of Information Security Incidents in collaboration with IT Dept.
* Developing and Maintaining Information Security standards and procedures.
* Oversees the access control program to ensure documentation pertaining to account creations, deletions and permissions are correctly maintained and approved.
* Perform reviews on all business application and servers.
* Perform reviews on all applications and systems users and their access privileges.
* Monitors and evaluates vulnerability information through reports and logs.
* Work closely with the System department and Compliance departments to ensure close cooperation and coordination
between their respective activities relative to Information Security (Operational, Business and Development).
* Oversee Information Security Training Program.
* Acts as an independent observer to the branch's IT / Systems Business Continuity Plan (DR) and coordinates and retains
all respective documentation for DR Tests.
* Oversee the access control program to ensure the security administrative processes performed by Systems
Administrators relative to numerous applications and servers, including rights given or deleted for new, transferred and
* Work closely with the IT and business units to obtain rights and permissions documentation since the ISO does have
direct access to the branch's servers, applications or infrastructure.
* Develop and maintain incident reporting and response procedure to address branch's security incident, respond to policy
violations, or complains from external parties. Serve as an official contact point for information security, privacy, and
copyright infringement incidents.
* Maintain knowledge by keeping up to date with latest security and privacy legislation, regulations, advisories, alters, and
Skills and Qualifications:
3+ years in the banking industry
* Bachelor's degree in computer science, information systems, computer engineering, system analysis or related field of
study, or equivalent experience
* Information Security & Technology professional with 7+ years' experience.
* Relevant industry-accepted security certifications ( CISSP, SANS, etc.) a plus.
* Strong knowledge of bank products, systems, services and policies and procedures
* Subject matter expertise in application security, vulnerability testing and development of risk appetite. Network Security
(Firewalls, Routers, IDS etc), Operating System Security, etc
* Experience evaluating cyber security controls and providing guidance for platform or distributed computing platforms.
* Knowledge in Windows, Midrange and Mainframe Platforms with emphasis on security and access controls
* A hands-on, detail-oriented, individual contributor. Ability to work with senior management, including creating and making
presentations for various committees.
* Excellent influencing and problem resolution skills
* Drives required risk culture and partnership with peer technology teams
* Ability to be comfortable delivering messages across a wide spectrum of individuals having varying degrees of technical
* Strong leadership skills and qualities which enable you to work with peers and various levels of management