GENERAL SUMMARY: Responsible for the Client’s information security and assurance program activities in order to ensure a comprehensive approach to the management of information security risk in all facets of the enterprise.
DUTIES AND RESPONSIBILITIES:
- Oversee and coordinate security efforts across the organization including departments such as information technology, human resources, marketing, lending, member services, compliance, finance management and other groups, and identifies and establishes information security assurance initiatives and standards throughout the organization.
- Assist in establishing and implementing effective security management and risk mitigation programs aligned with the organization’s risk management objectives.
- Collaborate with information security and cybersecurity counterparts in providing functional leadership, expertise to manage the security program and ensure consistent, effective, implementation of best practices, policy, and procedures.
- Strong knowledge of security standards required (e.g. NIST, ISO/IEC 27000, PCI DSS, COBIT, ITIL, etc.).
- Knowledge of information security or privacy related regulations/guidelines g. (GLBA, CCPA, GDPR, FFIEC)
- Extensive knowledge in network, function, design, and architecture.