Information Security Officer
Dallas, TX, United States
A Banking client of ours headquartered in Kansas is hiring a new Information Security Officer. This is a full-time onsite role, to be based in Wichita, relocation is possible but this is NOT A REMOTE ROLE.
The Information Security Officer is a critical member of the organization responsible for safeguarding the company's information systems, data, and infrastructure from potential security threats. The ISO plays a crucial role in developing and implementing the organization's information security strategy, policies, and procedures to ensure the confidentiality, integrity, and availability of sensitive information.
Responsibilities:
Develop, implement and monitor a strategic, comprehensive enterprise security program to ensure the integrity, confidentiality and availability of data.
Document and maintain a risk assessment framework covering information security, data governance and business continuity.
Develop and maintain in depth understanding of business unit processes, systems, technologies, data, customers, consumers, partners.
Build relationships with business units to deliver security-by-design controls incorporated into projects, architecture, infrastructure and applications.
Act as a liaison to ensure cybersecurity practices are built into business unit initiatives for the entire lifecycle.
Work closely with senior leadership to instill cybersecurity policies and practices throughout business units to address security operations, incident response, application security and infrastructure.
Be actively informed and engaged in security projects across the business.
Maintain up-to-date knowledge related to security threats, vulnerabilities and mitigations set forth to reduce the attack surface; circulate this knowledge through the business units.
Provide regular and consistent reporting on the current status of the information security program to enterprise risk teams and senior business leaders.
Partner with Enterprise Risk Management to define standards and processes and provide subject matter expertise to oversee vendor information security risk.
Requirements:
Bachelor’s degree, Masters’ (highly preferred)
Must have security certification: CISM or CISSP
8+ years’ worth of cybersecurity experience
3+ years in financial services industry (highly preferred)
Bachelor's degree in computer science or information systems or equivalent experience.
Working knowledge of privacy and data protection laws, regulations and best practices including GLBA, GRC tools, data breach handling and industry standards/frameworks (NIST, COBIT, FFIEC)
Experience developing a comprehensive security program, including risk assessment framework
For more information and to apply, get in touch directly: [email protected]
#J-18808-Ljbffr