Lead security-related projects of moderate to advanced complexity through the application of skills, tools and techniques that deliver assigned processes and systems in accordance with and/or exceeding stakeholder needs and expectations. Plan and execute security-related activities and resources to ensure that established cost, time, and quality goals are met. Provide SME level support for Identity, Access Management (IAM) implementation and Data Management program. Act as an advocate for information security awareness and education and ensure user community’s adherence to the established information security policies, procedures, standards, and protocols.
1. Define, review and enforce information security policy standards and guidelines for business operations and technology implementations.
2. Proactively identify IT security risks with new technology vendors, IT technical software and hardware application implementations and/or business operational processes and procedures. Work with software development teams to define security objectives and guidelines. Conduct vendor risk assessment due diligence.
3. Conduct security assessments and audits. Identify security issues and risk, and develop and implement mitigation plans with appropriate business leaders.
4. Conduct forensic IT and incident management. Assist with group and/or company-wide IT security matters such as incident response, intrusion detection management and IT security advisories. Participate in incident handling and post-incident assessments as assigned.
5. Architect, design, implement, support, and evaluate security-focused tools and services. Analyze and recommend new and emerging security products and technologies. Assess applicability to company operations, perform cost/benefit analysis and prepare and present findings to management.
6. Develop and deliver training materials and perform general security awareness and specific security technology training. Evangelize security within the company and be an advocate for customer trust.
7. Develop and interpret security policies and procedures. Respond to questions from internal and external teams regarding security policies, processes, and/or procedures. Advise clients as needed on best solution to issue or question.
8. Develop, implement, and maintain the IAM strategy, policies, and procedures.
9. Knowledge and understanding of regulations, and industry standards, including but not limited to PCI-DSS, NIST CSF, ISO27001, and GLBA.
10. Knowledge and understanding of national and international data protection and privacy legislation and requirements including but not limited to CCPA and GDPR.
11. Formulate, enforce, and inspect data management policies and procedures to ensure data confidentiality, integrity, and availability.
12. Participate in security project implementations, projects that develop new intellectual property, and security compliance efforts (e.g. PCIDSS, GLBA and SOX).
13. Participate in tier 2 and tier 3 security operations support.
14. Mentor junior members of the team.
15. Perform other related duties as assigned.
• An undergraduate degree in a related field or an equivalent combination of training and experience. A graduate degree with a background in information security and business management disciplines is a plus.
• A minimum of 7 years information security related experience.
• A minimum of at least one of several relevant professional certifications, such as CISSP, CISA, or CISM
• Experience with IAM implementation requirements and tools
• Experience with data privacy and data protection regulatory requirements
• Experience managing projects or programs to achieve information security objectives
• Strong working knowledge and understanding of current technology and regulatory trends affecting financial institution information security programs. A broad based knowledge of technology trends in multiple areas is preferred
• Excellent verbal, written, and interpersonal communication skills
• A team player able to work effectively in a team fostered, multi-tasking environment to ensure security compliance.
• Ability to influence others in a wide range of positions and levels during projects
• Demonstrated ability to analyze security and technology control effectiveness.
• Able to effectively prioritize and execute tasks in a high pressure environment.
Diversity & Inclusion at The Bancorp Bank: click here
The Bancorp Bank, N.A. is an EQUAL OPPORTUNITY EMPLOYER and will not discriminate on the basis of race, color, religion, gender, gender identity, sexual orientation, pregnancy, citizenship, national origin, age, disability, genetic information, veteran status or other protected category with respect to recruitment, hiring, training, promotion, and other terms and conditions of employment.
Employment with The Bancorp Bank, N.A. includes successfully passing a background check including credit, criminal, education, employment, OFAC, and social media background history.