Information Security Controls Specialist
Middletown, CT 06457, USA Req #1446
Wednesday, January 3, 2024
At Liberty, we are proud to integrate our Diversity, Equity and Inclusion (DE&I) throughout all functions and areas of the Bank in order to maximize our impact and exceed goals. We believe that deepening our DE&I strategies in the workplace and communities we serve, creates a much better place to work for our teammates and a safe place where our customers are connected and supported. We take pride in promoting through initiatives and investment a socially responsible and sustainable future.
SUMMARY OF THE JOB :
Reporting to the Chief Information Security Officer ("CISO") the Information Security Controls Specialist ("ISCS") is primarily responsible for supporting the Bank's Information Security Program ("ISP") through completion of information security control design and effectiveness testing and performance of oversight functions to ensure continued effectiveness of the ISP. Additionally, the ISCS supports broader ISP components such as, internal / external audits, and training and awareness; takes ownership of a number of related initiatives underway; and provides operational and program-level support as directed by the CISO. The incumbent will be knowledgeable and have demonstrated experience in information/cyber security controls assessment, execution of broader risk management functions, and other information security general concepts.
Essential Functions
Facilitate and conduct risk evaluation, control design and operating effectiveness testing of information security controls;
Analyze control weaknesses to identify root cause and recommend improvements;
Assist in coordinating internal and external testing of cybersecurity controls;
Perform initial and periodic assessments of risk on the Bank's information and technology assets;
Support business stakeholders and Information Technology in the development of risk response plans;
Conduct evaluations of vendor security controls to ensure they align with the Bank's Information Security policies and standards.
Provide consultation on projects, initiatives and related requests;
Collaborate with Information Technology in the identification, assessment, monitoring and reporting on new and emerging threats and vulnerabilities;
Provide support for the continued maintenance of key information libraries (e.g., risk, controls, etc.) within the Bank's integrated risk management platform;
Aid in security awareness and culture initiatives for the Bank.
Implement key risk oversight functions in support of the information security assurance and continuous monitoring program;
Maintain current knowledge of systems and technologies (e.g., Microsoft, Linux, Unix, etc.) as well as acquiring knowledge of emerging technologies (Cloud), risks, and threats.
Build strong relationships with technology subject matter experts within the Information Technology and Cybersecurity groups.
MINIMUM REQUIREMENTS:
Education and Experience:
The competencies for this position would typically be acquired through a Bachelor level degree or equivalent education in an information systems or security related concentration with at the least three ("3") years of experience in information security risk management.
Business Competencies:
IT audit, IT risk management or IT compliance experience with a Bachelor's Degree in computer related field or equivalent;
Certification in information security and/or audit (e.g., CISA, Security+, CISSP, SSCP, GSEC, etc.) is required;
Strong knowledge of security and regulatory control frameworks such as NIST CSF, NIST 800-53, CIS Top 18, FFIEC and others;
Working knowledge of information security methodologies, policies, standards and procedures, more specifically information security risk management;
Ability to comprehend and communicate effectively; including facilitation and presentation to technical and non-technical audiences including, but not limited to, Information Technology, Business Line Managers and other stakeholders.
Ability to multi-task while still maintaining appropriate attention to detail.
Ability to manage and execute tasks/assignments on multiple projects, initiatives and/or work streams simultaneously.
Strong analytical skills with the ability to apply creative thinking and balanced approaches to solving complex business problems is required.
Strong ability to translate objectives into work plans, products and tasks and deliver quality results on time and within scope.
Strong ability to maintain focus, complete objectives and achieve results in a changing and evolving work environment.
Strong ability to adapt to changing priorities and work assignments.
Strong ability to work independently, under limited direction, in the completion of assigned work;
Financial services provider experience preferred.
Technical Skills:
Working knowledge of Information Technology concepts, hardware (e.g., server, network, etc.), core software (e.g., operating systems, databases); operational practices (e.g., identity management, change control, asset management, etc.) and related security capabilities (e.g., firewall, routers, IDS/IPS, SIEM, DLP, etc.).
Working knowledge of common productivity software applications (i.e., MS Outlook, Word, Excel, PowerPoint, etc.)
PHYSICAL REQUIREMENTS:
General Office Equipment
Keyboard Dexterity
Lifting/carrying up to 25 lbs.
Use of general office equipment
Ability to travel
COMPLIANCE
Acts affirmatively in all activities under his/her control in conformance with the Bank's Affirmative Action, Equal Employment Opportunity, and Fair Lending Programs to achieve the Bank's goals and objectives. The bank shall provide equal employment opportunity to all qualified persons, and continue to recruit, hire, train and evaluate persons in all jobs without regard to race, color, religion, sex, national origin or veteran status.
Liberty Bank is an Equal Opportunity employer. It is the policy of Liberty Bank to provide equal employment opportunities to all qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, protected veteran or disabled status, or genetic information.
*LI-HYBRID
Other details
Job Family Operational Risk Mgmt
Job Function Staff
Pay Type Salary
Apply Now
Middletown, CT 06457, USA
#J-18808-Ljbffr
