Address
Form of workPurpose
Primary duties entail supporting multiple operational and administrative functions under the direct supervision of the Chief Information Security Officer (CISO). Under direct supervision, the Information Security Generalist helps with system and network analysis, assists in conducting research, monitoring systems, and working on access control and reviews. Secondary duties entail assisting the CISO in writing / developing information security training for employees and maintaining Information Security policies and standard operating procedures. Assist in providing oversight of the day-to-day information protection activities within the company.
Key Result Areas
• Assist in developing, reviewing, and implementation of all information security policies, standards, and procedures.
• Ensure adequacy for data security activities such as documentation, classification, regulatory compliance, and the implementation of data security controls.
• Assist the CISO with complex IT Security projects to include project planning, execution, timing, functionality, quality, and cost.
• Perform ongoing risk and vulnerability analysis as a means of generating useful metrics for measuring the effectiveness of the Information Security Program.
• Responsible for reviewing access controls and monitoring of security reports.
Supervised By
FVP-Chief Information Security Officer
Supervises
No one
Essential Functions - may include, but are not limited to:
• Ensure company service standards are continually achieved in areas of responsibility
• Participate with all lines of business in the development and implementation of a comprehensive information security compliance program including information security training and testing.
• Monitor system log files for exception processing and reporting to management.
• Ensure adequacy for data security activities such as documentation, classification, regulatory compliance (GLBA, HIPAA), and the implementation of data security controls. This position establishes accountability for data security and consistent application of data security controls, resulting in reduced risks to customer and corporate data.
• Assist in the review and implementation of all information security policies, standards, and procedures.
• Assist the CISO with planning and direction of information security reviews.
• Provide regular status updates and prepares presentations as requested.
Compliance
• Knowledge of Bank policies and procedures, State and Federal laws and regulations
• Responsible for compliance regulations related to this position and receiving appropriate training including but not limited to:
Annually
Ø Bank Secrecy Act (BSA)
Ø Office of Foreign Assets Control (OFAC)
Ø USA Patriot Act
Ø Reg. BB - Community Reinvestment Act (CRA)
Ø All other applicable compliance regulations are identified by subject matter experts and are listed in the master compliance training spreadsheet.
Other Functions
• Insight Administrator
• Entre user access administration
• Maintain thorough working knowledge of all personal computer system capabilities and documentation.
• Perform other duties as requested.
*The above is a description of the ordinary duties of the position. It should be expected that from time to time other duties, both related and unrelated to the above, may be assigned and, therefore, required.
Education and Experience
• Experience in security aspects of multiple platforms, operating systems, and software, communications and network protocols.
• Strong interpersonal skills including verbal, written, and technical communication. Must be able to discuss complex security issues at all levels of management.
• Banking or Financial Services experience in understanding regulatory and fiduciary responsibilities as well as security, recovery and control issues affecting customer financial transactions required.
• Thorough working knowledge of multiple technology platforms.
• Experience with current approaches to information security as well as traditional access control and auditing techniques is needed to properly advise management and business lines in the selection of security hardware and software; especially, in the areas where emerging technology is being used to support business objectives.
• Ability to prioritize multiple tasks and to collaborate on cross functional projects.
• Self-motivated with the ability to work independently or as a leader in a team environment.
Equipment and Software
Ability to operate teller terminal, personal computer, alarm system, fax, telephone, copier, various printers, proficient in Word and Excel, currently used Bank hardware and software.
Physical Qualifications
• Frequently work or visit one or more buildings of the Bank, and requiring movement outside of the Bank buildings
• Ability to sit or stand in an erect position and able to extend ones arm(s) in any direction.
• Ability to lift up to 20 pounds occasionally and/or a negligible amount of lifting frequently or constantly to move objects
Other Qualifications
• Knowledge of Bank policies and procedures, State and Federal regulations
• Ability to add, subtract, multiply, and divide all units of measure; to perform the four operations with common decimals and fractions; to perform arithmetic operations involving all American monetary units
• Ability to perform under stress when confronted with emergency, critical, or unusual situations
• Ability to perform a variety of duties, often changing from one task to another of a different nature without loss of efficiency or composure
• Ability to exchange information with others clearly and concisely; to present ideas, facts, and technical information
• Ability to maintain relationships that facilitate task accomplishment; to cooperate and
• Resolve conflicts; to recognize needs and be sensitive to others
• Ability to receive guidance and supervision; follow work rules, work procedures; meet deadlines, punctuality and attendance standards, etc.
• Ability to systematically identify and define problems, evaluate alternatives, and implement cost effective solutions
• Ability to identify task requirements and monitor progress toward accomplishment
Consider this description the foundation of your job, not its boundaries. Expect to participate in training sessions and activities not described here which enhance the quality of service to the customer.
Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities
The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor's legal duty to furnish information. 41 CFR 60-1.35(c)
Primary duties entail supporting multiple operational and administrative functions under the direct supervision of the Chief Information Security Officer (CISO). Under direct supervision, the Information Security Generalist helps with system and network analysis, assists in conducting research, monitoring systems, and working on access control and reviews. Secondary duties entail assisting the CISO in writing / developing information security training for employees and maintaining Information Security policies and standard operating procedures. Assist in providing oversight of the day-to-day information protection activities within the company.
Key Result Areas
• Assist in developing, reviewing, and implementation of all information security policies, standards, and procedures.
• Ensure adequacy for data security activities such as documentation, classification, regulatory compliance, and the implementation of data security controls.
• Assist the CISO with complex IT Security projects to include project planning, execution, timing, functionality, quality, and cost.
• Perform ongoing risk and vulnerability analysis as a means of generating useful metrics for measuring the effectiveness of the Information Security Program.
• Responsible for reviewing access controls and monitoring of security reports.
Supervised By
FVP-Chief Information Security Officer
Supervises
No one
Essential Functions - may include, but are not limited to:
• Ensure company service standards are continually achieved in areas of responsibility
• Participate with all lines of business in the development and implementation of a comprehensive information security compliance program including information security training and testing.
• Monitor system log files for exception processing and reporting to management.
• Ensure adequacy for data security activities such as documentation, classification, regulatory compliance (GLBA, HIPAA), and the implementation of data security controls. This position establishes accountability for data security and consistent application of data security controls, resulting in reduced risks to customer and corporate data.
• Assist in the review and implementation of all information security policies, standards, and procedures.
• Assist the CISO with planning and direction of information security reviews.
• Provide regular status updates and prepares presentations as requested.
Compliance
• Knowledge of Bank policies and procedures, State and Federal laws and regulations
• Responsible for compliance regulations related to this position and receiving appropriate training including but not limited to:
Annually
Ø Bank Secrecy Act (BSA)
Ø Office of Foreign Assets Control (OFAC)
Ø USA Patriot Act
Ø Reg. BB - Community Reinvestment Act (CRA)
Ø All other applicable compliance regulations are identified by subject matter experts and are listed in the master compliance training spreadsheet.
Other Functions
• Insight Administrator
• Entre user access administration
• Maintain thorough working knowledge of all personal computer system capabilities and documentation.
• Perform other duties as requested.
*The above is a description of the ordinary duties of the position. It should be expected that from time to time other duties, both related and unrelated to the above, may be assigned and, therefore, required.
Education and Experience
• Experience in security aspects of multiple platforms, operating systems, and software, communications and network protocols.
• Strong interpersonal skills including verbal, written, and technical communication. Must be able to discuss complex security issues at all levels of management.
• Banking or Financial Services experience in understanding regulatory and fiduciary responsibilities as well as security, recovery and control issues affecting customer financial transactions required.
• Thorough working knowledge of multiple technology platforms.
• Experience with current approaches to information security as well as traditional access control and auditing techniques is needed to properly advise management and business lines in the selection of security hardware and software; especially, in the areas where emerging technology is being used to support business objectives.
• Ability to prioritize multiple tasks and to collaborate on cross functional projects.
• Self-motivated with the ability to work independently or as a leader in a team environment.
Equipment and Software
Ability to operate teller terminal, personal computer, alarm system, fax, telephone, copier, various printers, proficient in Word and Excel, currently used Bank hardware and software.
Physical Qualifications
• Frequently work or visit one or more buildings of the Bank, and requiring movement outside of the Bank buildings
• Ability to sit or stand in an erect position and able to extend ones arm(s) in any direction.
• Ability to lift up to 20 pounds occasionally and/or a negligible amount of lifting frequently or constantly to move objects
Other Qualifications
• Knowledge of Bank policies and procedures, State and Federal regulations
• Ability to add, subtract, multiply, and divide all units of measure; to perform the four operations with common decimals and fractions; to perform arithmetic operations involving all American monetary units
• Ability to perform under stress when confronted with emergency, critical, or unusual situations
• Ability to perform a variety of duties, often changing from one task to another of a different nature without loss of efficiency or composure
• Ability to exchange information with others clearly and concisely; to present ideas, facts, and technical information
• Ability to maintain relationships that facilitate task accomplishment; to cooperate and
• Resolve conflicts; to recognize needs and be sensitive to others
• Ability to receive guidance and supervision; follow work rules, work procedures; meet deadlines, punctuality and attendance standards, etc.
• Ability to systematically identify and define problems, evaluate alternatives, and implement cost effective solutions
• Ability to identify task requirements and monitor progress toward accomplishment
Consider this description the foundation of your job, not its boundaries. Expect to participate in training sessions and activities not described here which enhance the quality of service to the customer.
Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities
The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor's legal duty to furnish information. 41 CFR 60-1.35(c)
