Information Security Business Liaison_

Middletown

Information Security Business Liaison

Middletown, CT 06457, USA Req #1561

Tuesday, June 18, 2024

At Liberty, we are proud to integrate our Diversity, Equity and Inclusion (DE&I) throughout all functions and areas of the Bank in order to maximize our impact and exceed goals. We believe that deepening our DE&I strategies in the workplace and communities we serve, creates a much better place to work for our teammates and a safe place where our customers are connected and supported. We take pride in promoting through initiatives and investment a socially responsible and sustainable future.

SUMMARY OF THE JOB:

The Information Security Business Liaison is a newly created position within the Bank's Operational Risk Management department, reporting to the Chief Information Security Officer (CISO). This position is within the Information Security function of the Bank, which provides a Second Line of Defense in the form of governance, risk management, compliance, and cybersecurity assurance activities.

ESSENTIAL FUNCTIONS:

This incumbent will be primarily responsible for managing the day-to-day information security project/non-project engagements. Additionally, the Information Security Business Liaison will support the Chief Information Security Officer in preparing reports communicating the Bank’s information security posture and status of the Information Security Program and related projects/initiatives.

The Information Security Business Liaison will also be expected to build effective relationships with all respective stakeholders (e.g., Business Line Management, Information Technology, System Security Group, Risk Management peers, Internal Audit, etc.), and participate in Committees, audits, and examinations.

PRINCIPAL ACCOUNTABILITIES:

+ Assess and prioritize information security and cybersecurity risk across the Bank;

+ Inform the proper stakeholders of important concerns and risks associated with projects;

+ Lead the involvement of Information Security in all projects across the Bank;

+ Provide ongoing support to the Bank’s Internal Audit function and External Auditors through the identification and delivery of requested artifacts;

+ Manage the portfolio of Information Security Internal Audit, self-identified and risk response action plans;

+ Ensure all new projects and third parties meet or integrate security requirements into their development/onboarding;

+ Collaborate with Information Security Analysts to identify existing security policies, standards, processes and procedures within the Bank and prioritize recommendations for alignment with requirements defined within the Information Security Program and related regulatory requirements;

+ Be proactive in seeking out areas for improvement and offer insightful advice and value-added guidance on process and control enhancements;

+ Assisting with determining and quantifying the organizational risk appetite or tolerance;

+ Monitor compliance against industry frameworks;

+ Contribute to the design, creation, and maintenance of risk-based metrics; and

+ Other duties as assigned.

MINIMUM REQUIREMENTS:

+ Bachelor’s degree in computer science, management information systems, or related discipline. Information Security certifications preferred (CISSP, CRISC, GSEC, CISM, CISA)

+ Minimum of 5-7 years’ experience working directly in an information security role. Working in technical roles preferred.

+ Experience analyzing information security risk, working with national and international regulatory compliance/control frameworks such as NIST and familiarity with FFIEC guidance.

+ Knowledge of common cybersecurity technologies and services. Direct experience a plus.

+ Strong organization and planning skills with the ability to manage multiple projects and/or initiatives while executing daily activities

+ An ability to cultivate and build collaborative, effective working relationships with a broad range of enterprise stakeholders

+ A well-developed understanding of and appreciation for business needs and a commitment to a service-oriented approach to delivering high quality deliverables and work-product

+ Strong decision-making capabilities, with a proven ability to weigh the relative risk and rewards of potential actions and identify the most appropriate one

+ The ability to effectively communicate complex and technical issues to diverse audiences, orally and in writing, and in a clear and concise manner

+ A working knowledge of the following areas: information security policy, information security management, information security assurance / continuous monitoring, information security risk assessment, incident response, and IT audit.

PHYSICAL REQUIREMENTS:

+ General Office Equipment

+ Keyboard Dexterity

+ Prolonged Sitting

COMPLIANCE

Acts affirmatively in all activities under his/her control in conformance with the Bank’s Affirmative Action, Equal Employment Opportunity, and Fair Lending Programs to achieve the Bank’s goals and objectives. The bank shall provide equal employment opportunity to all qualified persons, and continue to recruit, hire, train and evaluate persons in all jobs without regard to race, color, religion, sex, national origin or veteran status.

Liberty Bank is an Equal Opportunity employer. It is the policy of Liberty Bank to provide equal employment opportunities to all qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, protected veteran or disabled status, or genetic information.

#LI-Hybrid

Other details

+ Job Family Operational Risk Mgmt

+ Job Function Staff

+ Pay Type Salary

Apply Now

+ Middletown, CT 06457, USA