Job Details
**Description**
Information Security Officer
Walpole Co-operative Bank
Walpole, MA
About Walpole Co-operative Bank
Walpole Co-operative Bank is a community bank dedicated to meeting the needs of the communities we have served for the last century. Our office is located in the heart of Walpole and our focus has always been helping local people, businesses and non-profit organizations reach their goals. Our perspective is unique because it is local and hyper-focused on the specific needs of our wonderful community. We are a high performing, financially sound independent community bank. Our commitment is to provide quality banking solutions that support the economic vitality of the individuals and businesses within the markets we serve. This commitment strengthens local com munities, creating a positive impact on peoples lives. Walpole Co-operative Bank believes in rewarding its employees for their hard work and contributions to the team. Full-time employees enjoy a comprehensive benefits package including 401(k).
Positio n Summary
Walpol e Co-operative Bank is seeking an Information Security Officer , r eporting directly to the President and Chief Executive Officer . The Information Security Officer will be responsible for planning, implementing, and maintaining information s ecurity controls to safeguard the Banks corporate, customer, and employee data against intentional or unintentional disclosure, modification, or destruction while ensuring the confidentiality, integrity, and availability of the Banks information assets.
Information Security Officer Job Responsibilities
* Oversee the Information Security Program, including policies, procedures and standards while adhering to suitable information security frameworks and relevant best practices
* Maintain effective information security and asset-based risk assessments designed to evaluate inherent risks, controls, and residual risks; ensure appropriate security controls and processes are in place to mitigate residual risks
* Oversee the Information Security Awareness Program, incl uding ongoing development and training
* Maintain the Incident Response Policy and procedures, and co-leads with the Banks Security Officer on the Banks Incident Response Team, including ongoing development, training, and testing
* In conjunction with the IT Director , m aintains the Business Continuity Program, including ongoing development, training, and testing
* Analyze current business processes and future projects to determine applicable information security and possible business continuity requirements and provide best practice recommendations
* Maintain the Vendor Management Program, including oversight of the ongoing review of vendors and contracts
* Establish and maintain professional relationships with employees, service providers, industry experts, regulat ory agencies, and law enforcement
* Maintain the Identity Theft/Red Flags Program, Corporate Account Takeover (CATO), including ongoing development and training , in conjunction with the Vice President, Deposit Operations Officer.
* Monitor and evaluate applic able regulations, industry trends, and best practices; implement changes to policies, procedures, and standards when needed to ensure compliance
* Subscribe to and participate in various information security forums hosted by industry and regulatory agencies, including the Federal Reserves Information Security and Cyber Threat Forum and the Massachusetts Bankers Associations Chief Information Officer (CIO) Sessions
* Discuss and promote various information security topics for various committees
* Report monthly information security summaries and annual program updates to the Board of Directors, including incident response items
* Review security-related controls and systems to ensure compliance with bank policies and procedures; follow-up on detected security issue s and implements solutions to reduce security risk
* Review s security -related controls on a daily, weekly, and monthly basis. L ogs, and reports, including those for anti-virus, email, firewall, IPS/IDS, operating system, patch, VPN, vulnerability scans, and web traffic; escalate concerns and issues of non-compliance with the Banks policies, procedures, and standards for potential risk mitigation or risk acceptance
* Participate in internal and external audits and reviews applicable to information security, inc luding information technology and privacy
* Participate in Community Reinvestment activities; may participate in selected community or civic organizations and target and meet community needs through product development and promotion
* Meet compliance/audit goa ls and objectives, as well as company strategic goals
* Attend Board meetings, Compliance Committee, Audit Committee, Information Technology Steering Committee, and manager meetings as required
Information Security Officer Education, Experience, and Skills
* Bachelors degree in Computer Information Systems, Information Security or a technology- related field
* Minimum 5 years experience in an information security or information technology required; banking/financial service experience preferred
* Current Certif ied Information Systems Security Professional (CISSP) or willingness to obtain certification is required.
* Strong knowledge and experience in information security/asset-based risk assessments , data protection , patch/vulnerability management , architecture ha rdening and security ( e.g., firewalls, virtualization, Windows OS)
* Strong knowledge of regulatory bodies and regulations issued by these bodies, including the Federal Reserve Board, FFIEC, and FinCEN
* Strong knowledge of privacy laws, such as the Gramm-Lea ch-Bliley Act (GLBA)
* Experience with business continuity planning and/or vendor management is preferred
* Experience with the Microsoft Office Suite
* Exceptional communication skills with the ability to interact with all levels of an organization
* Strong prese ntation skills ; policy writing ex perience
* Minimal travel may be required for attendance at seminars and/or meetings
* Excellent interpersonal skills
* Ability to adapt to a fast-moving threat landscape, and keep pace with new thinking and technologies
* Efficie nt multitasking and time management
* Creative thinking skills
Disclaimers: Applicants, as well as position incumbents, who become disabled as defined under the Americans with Disabilities Act must be able to perform the essential job functions (as listed) either unaided or with the assistance of a reasonable accommodation to be determined by management on a case by case basis.
Walpole Co-operative Bank is committed to the principle of equal employment opportunity. Applicants for employment and employees are reviewed on their individual qualifications for a position. Under no circumstances will Walpole Co-operative Bank discriminate against qualified persons on the basis of race, color, religious creed, retaliation, national origin, ancestry, sexual orie ntation, gender, gender identity/expression, disability, mental illness, genetics, choice of health insurance, marital status, age, veteran status, or any other basis prohibited under applicable law.
WCB1