MUST SPEAK SPANISH - SALARY 130K
Duties and Responsibilities:
" Overall Responsibility for Information Security at the Branch
" Advising Senior Management and Risk Committee on Information Security Issues
" Conduct the information security risk assessment program. Handling of Information Security Incidents in collaboration with IT Dept.
" Developing and Maintaining Information Security standards and procedures.
" Oversees the access control program to ensure documentation pertaining to account creations, deletions and permissions are correctly maintained and approved.
" Perform reviews on all business application and servers.
" Perform reviews on all applications and systems users and their access privileges.
" Monitors and evaluates vulnerability information through reports and logs.
" Work closely with the System department and Compliance departments to ensure close cooperation and coordination between their respective activities relative to Information Security (Operational, Business and Development).
" Oversee Information Security Training Program.
" Acts as an independent observer to the branch's IT / Systems Business Continuity Plan (DR) and coordinates and retains all respective documentation for DR Tests.
" Oversee the access control program to ensure the security administrative processes performed by Systems Administrators relative to numerous applications and servers, including rights given or deleted for new, transferred and terminated employees.
" Work closely with the IT and business units to obtain rights and permissions documentation since the ISO does have direct access to the branch's servers, applications or infrastructure.
" Develop and maintain incident reporting and response procedure to address branch's security incident, respond to policy violations, or complains from external parties. Serve as an official contact point for information security, privacy, and copyright infringement incidents.
" Maintain knowledge by keeping up to date with latest security and privacy legislation, regulations, advisories, alters, and vulnerabilities.
Skills and Qualifications:
" Bachelor's degree in computer science, information systems, computer engineering, system analysis or related field of study, or equivalent experience
" Information Security & Technology professional with 7+ years' experience.
" Relevant industry-accepted security certifications ( CISSP, SANS, etc.) a plus.
" Strong knowledge of bank products, systems, services and policies and procedures
" Subject matter expertise in application security, vulnerability testing and development of risk appetite. Network Security (Firewalls, Routers, IDS etc), Operating System Security, etc
" Experience evaluating cyber security controls and providing guidance for platform or distributed computing platforms.
" Knowledge in Windows, Midrange and Mainframe Platforms with emphasis on security and access controls
" A hands-on, detail-oriented, individual contributor. Ability to work with senior management, including creating and making presentations for various committees.
" Excellent influencing and problem resolution skills
" Drives required risk culture and partnership with peer technology teams
" Ability to be comfortable delivering messages across a wide spectrum of individuals having varying degrees of technical understanding
" Strong leadership skills and qualities which enable you to work with peers and various levels of management