Support the implementation of the Bank’s Cyber and Information Security Governance Program including the Written Information Security Program (“WISP”):
Ensure processes and initiatives are in place to comply with the Program
Enhance / draft new, as needed, Bank Information Security policies, standards, controls, and procedures:
That are aligned to the WISP and U.S. regulatory requirements
Support changing threats and evolution of technology in use by the business and technology teams across the Bank
Perform regular assessments of the Program and update it to meeting changing requirements, changing risk landscape, changes in inherent risk, and other indicators
Track related issues to resolution
Provide regular reporting on the Program
Coordinate various contract engagements supporting the program
Performs other duties as assigned
Requirements
QUALIFICATIONS
GLBA and FFIEC CAT assessment and compliance experience or other related assessments at a financial institution
Program management and reporting experience
Cyber and Information Security knowledge and experience
Broad understanding of technology and security controls in a regulated environment
Requires 10+ years minimum prior relevant experience.
Bachelor's Degree or relevant experience in lieu
Strong working knowledge of U.S. cyber and information security legal and regulatory requirements and guidance applicable to financial institutions
Experience in writing Cyber and Information Security policies, standards and procedures