AMVETS Jobs

Reference #: 54ff3e8c-258c-4265-8dec-22ac7fd7d4be Description

The Chief Information Security Officer is responsible for creating, and overseeing the enterprise-wide vision, budget, strategy, architecture, policies, and programs to ensure information assets are protected. The successful incumbent will create and information privacy and security-conscious culture by developing and implementing information security initiatives. Will conduct and oversee the monitoring and auditing of compliance with regulatory and internal standards, including investigations related to policy violations, security breaches and computer crimes.

Essential Functions * Oversee the development, implementation, and maintenance of global security policy, enterprise security standards, guidelines and procedures; develops emergency procedures and incident response protocols; acts as the control point during significant privacy and security incidents * Create and oversee the enterprise-wide vision, strategy, budget architecture, policies, and programs to ensure assets are protected * Create an information privacy and security-conscious culture * Manage institution wide information security governance processes, developing and enforcing Northwest's security practice * Ability to provide leadership and expert information security updates to appropriate management and board level committees * Direct and manage the activities and personnel of the Information Security team * Establish annual and long-range security and compliance goals, defining security strategies, metrics, reporting mechanisms and program services; and maintain FFIEC Cybersecurity assessment model and a roadmap for continual program improvements * Leadership and working knowledge of FFIEC handbooks and experience driving regulator exam responses * Research information security issues and regulatory changes and communicate to management and the Board on a regular basis about those topics * Engage in professional development to maintain continual growth in professional skills and knowledge essential to the position * Mentor the Information Security team and implement professional development plans for all members of the team * Create education and awareness programs and advising business units at all levels on security issues, best practices, and vulnerabilities * Serve as an expert advisor and working with the Board and Executive management in the development, implementation, and maintenance of a highly effective GLBA compliant Information Security Program * Pursue employee and customer security initiatives to address unique needs in protecting identity theft, mobile security and online reputation program * Lead the development and implementation of effective and reasonable policies, programs and practices to secure sensitive data and ensure information security and compliance with relevant legislation and legal interpretation * Lead efforts to internally assess, evaluate and make recommendations to management regarding the adequacy of the security controls for the Bank's information and technology systems * Ensure understanding and compliance with GLBA, Sarbanes Oxley, PII standards, FFIEC guidance and other related oversight requirements * Work with Internal Audit, State and Federal Regulators and outside consultants as appropriate on required security assessments and audits; and with auditors as appropriate to keep audit focus in scope and maintain ongoing excellent relationships with audit entities * Coordinate and track all security related audits including scope of audits, timelines, auditing parties and outcomes * Provide guidance, evaluation and advocacy on audit responses and remediation activities * Oversee first-line risk assessment efforts for GLBA, 23 NYCRR 500, Payment systems, FFIEC Authentication and Access * Monitor security incidents and acting as primary control point during significant information security incidents * Provide Information Securit leadership, and expertise as a member of the Business Response Team (BIRT) as needed, or requested, in addressing and investigating security incidences that arise * Provide security incident reports to appropriate management and board level committees * Provide audit response dashboard to appropriate management and board level committees * Develop , implement, and administer technical security standards, as well as a suite of security services and tools to address and mitigate security threats and vulnerabilities * Provide leadership, direction and guidance in assessing and evaluating information security risks and monitor compliance with security standards and appropriate policies including third ad fourth party risk * Examine impacts of new technologies on the Bank's overall information security * Establish processes to review implementation of new technologies, products, and services to ensure security compliance * Monitor emerging risks and implementing mitigations

Additional Essential Functions * Ensure compliance with Northwest's policies and procedures, and Federal/State regulations * Navigate Microsoft Office Software, computer applications, and software specific to the department in order to maximize technology tools and gain efficiency * Work as part of a team * Work with on-site equipment

Additional Responsibilities * Complete special projects as assigned

Safety and Health for Supervisors with Direct Reports * Provide leadership and positive direction for maintaining the safety and loss prevention program * Actively participate in and support employee participation in the safety and loss prevention program by ensuring that employees know how to properly report a safety issue, making sure that all accidents are promptly reported to Human Resources and documented, and ensuring that prompt action is taken whenever workplace hazards are identified * Help implement emergency procedures

QUALIFICATIONS To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions

Education Bachelor's Degree

Work Experience 6 - 8 years of experience or an equivalent combination of education and related work experience

Executive Knowledge, Skills, and Abilities * Ability to develop and implement an organizational vision which integrates key strategic goals, priorities, values, and other factors * Ability to balance change and continuity - to continually strive to improve customer service and program performance, to create a work environment that encourages creative thinking, and to maintain focus, intensity and persistence, even under adversity * Ability to design and implement strategies which maximize employee potential and foster high ethical standards in meeting the Northwest's vision, mission, and goals * Ability to make timely and effective decisions and produce results through strategic planning and the implementation and evaluation of programs and policies * Ability to acquire and administer human, financial, material, and information resources in a manner which instills public trust and accomplishes Northwest's mission, and to use new technology to enhance decision making * Ability to explain, advocate and express facts and ideas in a convincing manner, and negotiate with individuals and groups internally and externally * Ability to develop an expansive