A community bank in Marion Ohio is seeking a Security Officer to join their organization for a full time, hybrid onsite role.
Summary: Ensure the security of data as defined by GLBA section 501 (b) and FFIEC IT Handbook along with the development and maintenance of Disaster Recovery and Business Resumption Plan. Ensure bank Physical Security requirements are fulfilled. Also, oversight of facilities physical security systems management and maintenance. This is not a hands on IT Security role, rather we are looking for someone who has experience assessing and determining risk levels for the bank and collecting information to meet audit requirements.
Essential Duties and Responsibilities:
Develop and implement internal system controls so that system policies and procedures are enforcing system security.
Maintains the Information Security Program as defined by GLBA 501(b) and the FFIEC IT Handbook; including Policies, Procedures, Risk Assessments, Manage and Control Risks, Servicer Provider oversight, Program Adjustments, Board Reporting, and Program implementation.
Coordinates information technology and security audits (reviewed by Third Party to ensure required compliance is met as defined by GLBA Section 501 (b) and FFIEC IT Handbook) including an annual risk assessment, and that any needed changes receive proper follow-up to ensure system security protection and that findings are reported to the Audit Committee and Board of Directors.
Coordinates Regulatory IT exams, and ensures changes needed receive proper follow-up to ensure systems security, protection, and compliance. Including reporting to Audit Committee and Board of Directors.
Ensure user systems permissions are appropriate for individual job functions by reviewing according to the systems risk assessment ratings. Also accountable for daily, weekly, and monthly log / report reviews are completed and results reported to the Board of Directors.
Ensures that the bank is protected from disasters that are caused by internal and external threats through the development and annual testing of disaster Recovery and Business Resumption Plan, and to report the status of the plan to management and the Board of Directors.
Oversee the bank wide physical security compliance, including alarm systems, the security program, branch security, camera functionality, cash drawer audits and reporting to the Board of Directors.
Oversight of Vendor Management Program; including annual vendor reviews as defined by the FFIEC IT Handbook and assisting the Project Manager with contract review for policy compliance.
Member of the Risk Management Committee, Compliance Committee, Project Committee and Audit Committee.
Oversight of employee and board security training and policy acceptance.
Oversight of the bank IT Incident Response Program including the Incident Response policy, procedures, team, and playbook. As well as the Incident Response team leader.
Responsible for approval of invoices related to security (training site, enterprise risk site, etc)
Secondary Backup to oversight of Managed Service providers (MSP)
Supervisor to Facilities and Security Specialist
Participation in projects to ensure appropriate security level is maintained
We are a company committed to creating inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity employer that believes everyone matters. Qualified candidates will receive consideration for employment opportunities without regard to race, religion, sex, age, marital status, national origin, sexual orientation, citizenship status, disability, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to
Human Resources Request Form. The EEOC "Know Your Rights" Poster is available
here.
To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy:
https://insightglobal.com/workforce-privacy-policy/ .
5+ years of experience auditing bank physical security, policies and procedures (familiarity with branch operations, and cash limits for monthly/annual audits)
2+ years of experience auditing against GLBA section 501 (b) and FFIEC IT Handbook requirements
Experience training employees on incident response best practices to maintain a strong security posture
Experience writing reports for the audit committee
Experience using M365 for risk audit
Benefit packages for this role will start on the 31st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.