A community bank in Marion Ohio is seeking a Security Officer to join their organization for a full time, hybrid onsite role. The Security Officer will ensure the security of data as defined by GLBA section 501 (b) and FFIEC IT Handbook along with the development and maintenance of Disaster Recovery and Business Resumption Plan. Ensure bank cyber and network security is in place to protect their customer data. Collaborate with third parties to uphold physical security requirements (badge system, alarm, cameras, etc.).
Develop and implement internal system controls so that system policies and procedures are enforcing system security.
Ensure that associates are knowledgeable of system software (including usage of the systems) and adhere to information technology policies for system security protection.
Maintains the Information Security Program as defined by GLBA 501(b) and the FFLEC IT Handbook; including Policies, Procedures, Risk Assessments, Manage and Control Risks, Servicer Provider oversight, Program Adjustments, Board Reporting, and Program implementation.
Coordinates information technology and security audits (reviewed by Third Party to ensure required compliance is met as defined by GLBA Section 501 (b) and FFLRC IT Handbook) including an annual risk assessment, and that any needed changes receive proper follow-up to ensure system security protection and that findings are reported to the Audit Committee and Board of Directors.
Coordinates Regulatory IT exams, and ensures changes needed receive proper follow-up to ensure systems security, protection, and compliance. Including reporting to Audit Committee and Board of Directors.
Ensure user systems permissions are appropriate for individual job functions by reviewing according to the systems risk assessment ratings. Also accountable for daily, weekly, and monthly log / report reviews are completed and results reported to the Board of Directors.
Maintain enhancement of technology systems to satisfy compliance requirements and bank computer efficiency needs to support the banks strategic business goals, including the development of the annual information technology strategic plan and budget to ensure proper business planning and financial control.
Ensures that the bank is protected from disasters that are caused by internal and external threats through the development and annual testing of disaster Recovery and Business Resumption Plan, and to report the status of the plan to management and the Board of Directors.
Oversee the bank wide physical security compliance, including alarm systems, the security program, branch security, camera functionality, cash drawer audits and reporting to the Board of Directors.
Oversight of Vendor Management Program; including annual vendor reviews as defined by the FFIEC IT Handbook and assisting the Project Manager with contract review for policy compliance.
Oversight of the bank Cybersecurity; including, protection, identification, assessments and controls.
Co-Leader of the Information Technology Steering Committee.
Member of the Risk Management Committee, Compliance Committee, Project Committee and Audit Committee.
Oversight of employee and board security training and policy acceptance.
Oversight of the bank IT Incident Response Program including the Incident Response policy, procedures, team, and playbook. As well as the Incident Response team leader.
Responsible for approval of invoices related to security (training site, enterprise risk site, etc.)
Secondary Backup to oversight of Managed Service providers (MSP)
Supervisor to Facilities and Security Specialist
Participation in projects to ensure appropriate security level is maintained
We are a company committed to creating inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity employer that believes everyone matters. Qualified candidates will receive consideration for employment opportunities without regard to race, religion, sex, age, marital status, national origin, sexual orientation, citizenship status, disability, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to
Human Resources Request Form. The EEOC "Know Your Rights" Poster is available
here.
To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy:
https://insightglobal.com/workforce-privacy-policy/ .
5+ years of experience with networking firewalls and cyber security
2+ years of experience auditing bank security, policies and procedures
2+ years of experience auditing against GLBA section 501 (b) and FFIEC IT Handbook, NIST-CSF or other similar security policy requirements
Experience training employees on incident response best practices to maintain a strong security posture
Experience writing reports for the audit committee
Excellent communication and capability of relaying risks to non-technical leadership
Understanding of Loan/deposit regulations
Benefit packages for this role will start on the 31st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.