Contact Us Locations
ALMA Bank, headquartered in Long Island City, New York and having 12 branches located throughout Queens, NYC, New Jersey, Brooklyn and the Bronx, brings personal service back to personal banking. We have genuine banking professionals ready to serve our customers, and offer a full range of products and services. ALMA delivers a private banking style experience to our business banking customers.
Come join our winning team!
ALMA Bank is currently looking to hire an Information Security Officer. This position will be located in Long Island City, NY.
The Information Security Officer is responsible for oversight of the Information Security Department and responsible for the execution of the Bank’s Information Security, Data Governance, and Business Continuity Programs.
• Develop, implement and monitor a strategic, comprehensive enterprise information security program to ensure the integrity, confidentiality and availability of data.
• Document and maintain a risk assessment framework covering information security, data governance and business continuity.
• Develop and maintain information security policies, standards and guidelines.
• Oversee the approval, training, and dissemination of information security policies, standards and guidelines.
• Develop and oversee effective business continuity and disaster recovery policies and standards to align with enterprise business continuity management program goals. Coordinate the development of implementation plans and procedures to ensure systems are recovered in the event of a security event.
• Monitor the external threat environment for emerging threats, and advise relevant stakeholders on the appropriate courses of action.
• Manage security incidents and events to protect corporate assets, including intellectual property, regulated data and the company's reputation.
• Partner with the Enterprise Risk Management to define standards and processes and provide subject-matter expertise to oversee vendor information security risk and periodic audits of third-party service providers' information security and business continuity controls.
• Provide regular and consistent reporting on the current status of the information security program to enterprise risk teams, senior business leaders and the board of directors as part of the strategic enterprise risk management program
• Provide strategic risk guidance for IT projects, including the evaluation and recommendation of technical controls.
• Define and facilitate the information security risk assessment process, including the reporting and oversight of treatment efforts to address findings.
• Develop and manage information security budgets, and monitor them for variances.
• Responsible and accountable for the day-to-day implementation and management of the Information Security Program.
• Promote awareness of applicable regulatory standards, upstream risks and industry best practices across the Bank.
• Lead information security awareness and training initiatives to educate workforce about information risks.
• Lead an incident response team to contain, investigate, and prevent future computer security breaches.
• Review and verify in a daily, weekly and monthly basis user access to applications and systems.
• Serve on and support the efforts of the IT Steering Committee.
• Address questions from internal and external audits and examinations.
• Analyze and track reports of inappropriate use of technology and institutional/personal information, including computer security incidents, and guide the investigation and resolution of such incidents.
• Responsible for the direction, coordination, implementation, executive, control and completion of strategic projects, while remaining aligned with strategy, commitments and goals of the organization.
• Must have 5+ years’ experience in banking regulatory compliance or similar work experience in compliance or risk management.
• Must have extensive knowledge of privacy and data protection laws, regulations and best practices, including GLBA; GRC tools and implementation; data breach handling and cross-border data transfer requirements and industry standards/frameworks (NIST, ISO27k, COBIT 5, FFIEC).
• Strong presentation and written communication skills and the ability to analyze and make effective, business-centric recommendations to business leaders and senior management.
• Experienced developing a comprehensive security program, including risk assessment framework.
• Working experience in project management.
• Must have security certification CISM, CISSP, or equivalent.
Alma Bank is an Equal Opportunity Employer that welcomes and encourages all applicants to apply regardless of age, race, sex, religion, color, national origin, disability, veteran status, sexual orientation, gender identity and/or expression, marital or parental status, ancestry, citizenship status, pregnancy or other reason protected by law.
No Agencies Please
© Copyright 2021 ALMA Bank - All rights Reserved.
Your privacy is very important to us. We would like to advise you that Internet email is not secure. Please do not submit any information that you consider confidential. We recommend you do not include your social security or account number or other specific identifying information.
You are leaving ALMA Bank's website and linking to a third party site. Please be advised that you will then link to a website hosted by another party, where you will no longer be subject to, or under the protection of, the privacy and security policies of ALMA Bank. We recommend that you review and evaluate the privacy and security policies of the site that you are entering. ALMA Bank assumes no liability for the content, information, security, policies or transactions provided by these other sites.