APPLICANT MUST BE LOCATED WITHIN 50 MILES OF BRANCH LOCATION. HYBRID/REMOTE MAY BE CONSIDERED FOR THIS POSITION, WITHIN CERTAIN MILEAGE OF BRANCH LOCATION. SUMMARY The Information Security Specialist shares responsibility for the protection of critical information and assets of the organization by integrating information and cyber security best practices and risk management. This specialist assists with bank-wide information security risk management, participating as directed in various department processes. With an exceptional attention to detail, a strategic mindset, and the ability to stay organized in a fast-paced environment, the Information Security Specialist helps to improve monitoring and situational awareness. Collaborating across the company, this specialist supports the alignment of cybersecurity efforts with organizational strategic plans. All employees are expected to protect the information and assets of the organization through heightened awareness of information security, cybersecurity, and risk management best practices, as well as complying with all applicable laws, regulations, and organizational policies. ESSENTIAL DUTIES
- Assist with the bank-wide information security risk management program and alignment with information security frameworks.
- Contribute to Vendor Management Program due diligence, review, and reporting requirements.
- Aid in the creation, maintenance, and delivery of information security, cybersecurity awareness, and social engineering training programs.
- Maintain current knowledge of information security best practices and cybersecurity threats to support information security program requirements and minimize risks to the organization.
- Assist with evaluation, testing, and assessment of technology use to ensure alignment with information security program requirements and objectives.
- Assist with preparation of reports for Management, Board of Directors, and auditors in support of the information security program.
- Assist with preparation, file management, and associated documentation for the Information Security Committee.
- Participate in projects to provide information security advisement.
- Participate in and perform access and system reviews in support of Information Security Program oversight requirements.
- Gather evidence for and assist in the completion of information security and compliance framework assessments.
- Assist with monitoring vulnerability scanning and other information security governance activities.
- Assist with monitoring of Information Security Program to ensure policies, programs, and cybersecurity controls align with Information Security Program requirements.
- Assist with Incident Response and Business Continuation testing, analysis, and recovery.
- Assume responsibility for additional projects as assigned.
EDUCATION & CERTIFICATIONS
- Bachelor's degree or technical certification in relevant field or commensurate combination of education and experience required.
MINIMUM REQUIREMENTS
- Working knowledge of core enterprise applications and interworking of various data processing functions and inherent risks.
- Exceptional attention to detail with the ability to remain organized and produce accurate, efficient work in a fast-paced environment.
- Strong critical-thinking skills and the ability to analyze potential project outcomes with the adaptability to redirect attention as needed to meet targets and deadlines.
- Ability to complete standard calculations and apply basic mathematical concepts in practical situations.
- Excellent communication skills and the ability to communicate effectively, verbally and in writing, with internal and external customers at all levels.
- A positive and proactive approach to work, demonstrating enthusiasm, adaptability, and the ability to maintain composure and professionalism in stressful or adverse conditions.
- Proficient computer literacy, including comfort with Microsoft systems and Office Suite.
- Intermediate typing skills to meet the needs of this position.
- Current driver's license and reliable transportation with appropriate insurance coverage; additionally, the ability to drive occasionally in the course of performing assigned duties and responsibilities.
- The ability to work with minimal or no supervision.
ADDITIONAL QUALIFICATIONS
- Advanced, specialized training in cyber security, IT infrastructure, or a related field strongly preferred.
- Demonstrable understanding of banking operations preferred.
PHYSICAL DEMANDS AND WORK ENVIRONMENT The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this position. Reasonable accommodations may be made to enable individuals with disabilities to perform the functions. While performing the duties of this position, the employee is regularly required to talk or hear. The employee frequently is required to use hands or fingers; handle or feel objects, tools, or controls. The employee is occasionally required to stand; walk; sit; and reach with hands and arms. The employee must occasionally lift and/or move up to 25 pounds. Specific vision abilities required by this position include close vision, distance vision, and the ability to adjust focus. The noise level in the work environment is usually low to moderate. NOTE This job description in no way states or implies that these are the only duties to be performed by the employee(s) incumbent in this position. Employees will be required to follow any other job-related instructions and to perform any other job-related duties requested by any person authorized to give instructions or assignments. All duties and responsibilities are essential functions and requirements and are subject to possible modification to reasonably accommodate individuals with disabilities. To perform this job successfully, the incumbents will possess the skills, aptitudes, and abilities to perform each duty proficiently. Some requirements may exclude individuals who pose a direct threat or significant risk to the health or safety of themselves or others. The requirements listed in this document are the minimum levels of knowledge, skills, or abilities. This document does not create an employment contract, implied or otherwise, other than an at will relationship. The company is an Equal Opportunity Employer, drug-free workplace, and complies with ADA regulations and other laws/regulations as applicable.