Address
Form of workInformation Security Officer
Harwood Heights, IL
Some Responsibilities/Tasks:
Job Qualifications:
Harwood Heights, IL
Some Responsibilities/Tasks:
- Monitor access to all systems and maintains access control profiles on computer network and systems. Track documentation of access authorizations to all resources.
- Install, modify, enhance and maintain data system security software.
- Work on determining acceptable risk levels for the enterprise and ensuring the IT environments are adequately protected from potential risks and threats.
- Participate in development and implementation of the appropriate and effective controls to mitigate identified threats and risks.
- Assist in the research, development, communication, maintaining and working with the operational units on the enforcement of IT security architecture, policies, procedures, solutions and standards.
- Oversee incident response planning as well as the investigation of security breaches, and assist with disciplinary and legal matters associated with such breaches as necessary
- Support improved data security awareness and education including on-call availability.
- Responsible for staying abreast of the latest industry security practices and technologies
- Meet with Senior Management to analyze, document and define requirements associated with new development or maintenance and enhancements to existing security roles and permissions. Review completed roles/permissions with users to ensure requirements are fully met.
- Deliver services that meet regulatory specifications. Work with internal and external auditors to document and confirm that all security administrative duties are properly performed as well as demonstrate overall compliance.
- Performs additional related duties as assigned by management.
Job Qualifications:
- A Bachelor's degree in computer science or related field
- Minimum 8+ years of progressive experience in information Security and banking industry
- Must have experience with business continuity planning, auditing, and risk management, as well as contract and vendor negotiation.
- In-depth knowledge and experience in the following Information Security areas:
- Information security assessment and auditing procedures, from both technical and business perspectives, and the use of formal methodologies such as NSA IAM
- Vulnerability scanning and auditing tools
- Enterprise-scale network and host-based IDS architectures
- E-commerce application security
- Computer investigation and forensics methods and technologies
- Strong Knowledge of regulatory bodies, and the regulations and guidance issued by these bodies, overseeing banks, credit unions, and financial services organizations, such as the FDIC, FinCEN, Client Board, Office of Thrift Supervision, and NCUA.
- Strong knowledge of privacy laws, such as GLBA, SB1386, SOX
