Information Security Officer- VP in Hamden, CT at Vaco

Date Posted: 6/11/2019

Job Snapshot

Job Description

Information Security Officer
Client Industry: Banking
Location: Hamden, CT
Full Time, Direct Hire role

The Information Security Officer is responsible for the development, coordination, and validation of the Bank's Information Security Program. The position will lead all internal cybersecurity Governance, Risk, and Compliance efforts, in support of the Bank's mission, strategy, and regulatory requirements. Responsibilities include, but are not limited to the following:

  • Overseeing and developing the Bank's information security strategy, security architecture, and design to ensure the confidentiality, integrity, and availability of the company data and information systems
  • Providing technical and engineering leadership/mentoring for deployed security monitoring platforms and security operations
  • Daily monitoring and reviewing of all potential security incidents, cyber threats, and malware events
  • Managing the defined Security Incident Escalation process
  • Developing, reviewing, updating, and maintaining the Bank's Information Security Policies and Procedures
  • Managing the information security standards to comply with regulatory requirements
  • Leading the cybersecurity Threat and Vulnerability Management programs
  • Reviewing reports for security events and incidents, and preparing executive level summaries for CIO
  • Performing formal reviews of systems and network access reports on a regular basis
  • Managing and coordinating all external/third party Pen Testing engagements and IT Security audits
  • Performing and overseeing recurring systems and network risk assessments to mitigate risks to production systems, applications, and networks
  • Managing, coordinating, executing, and validating the Bank's Business Continuity Plan (BCP)
  • Reviewing and validating the IT Patch Management processes
  • Leading internal and external security review efforts, in support of the Bank's Risk Management program
  • Overseeing the evaluation, assessment, and testing of new security solutions, in support of the Bank's regulatory requirements and formal policies
  • Documenting internal processes and procedures related to duties and responsibilities
  • Partnering closely with internal Security, Systems, and End User/Application Support teams to enhance the Bank's cybersecurity posture

Qualifications & Skills:

  • Previous technical experience as an IT Security Analyst, and IT Security Manager, in a complex multi-site environment
  • Solid understanding of industry standard Network and Systems Infrastructure design
  • Strong working knowledge of Network and Systems Security Best Practices as well as Network Security Monitoring
  • Strong working knowledge of Pen Testing tools and applications (Open Source and Commercial)
  • Prior experience with threat/vulnerability analysis and management
  • Experience developing, coordinating, and testing Disaster Recovery and Business Continuity Plans
  • Proven experience with security issue/incident investigations and incident response handling, including the proactive review and reporting of logs and system events
  • Experience with Event Detection and Correlation tools (SIEM)
  • Thrives in a high pressure environment and has the ability to work with tight deadlines
  • 6-9 years of progressive IT Security Management experience required, 10-15+ years preferred.
  • IT Security experience in the Financial Services or Banking Industry strongly desired.
  • FFIEC, GLBA, and auditing experience desired.
  • Professional IT Certifications desired: CISM, CISSP, CRISC, GSLC, CCISO, CGEIT, ITIL