Apply on Employer Site

Amalgamated Bank · 2 months ago

Chief Information Security Officer

New York, NY

Full-time

Hybrid

Director/Executive

$240K/yr - $260K/yr

10+ years exp

Amalgamated Bank is seeking a dedicated Chief Information Security Officer to be responsible for designing and implementing the Bank’s Information Security program while protecting the business from cyber security threats. This role involves managing a team, ensuring compliance with security laws, and continuously monitoring threats to the Bank’s operating environment.

Banking

No H1B

Responsibilities

Develop and maintain an Enterprise Information Security Program

Design a critical response process for Cyber Security incidents

Identify, report and control Cyber Security incidents

Manage and train Information Security staff and develop and deliver Information Security training to the Bank’s employees

Continuously monitor threats to the Bank’s operating environment

Approve and administer identity access policies

Maintain a current understanding of the IT and Cyber Security threat landscape for the industry

Ensure Bank compliance with relevant Information Security laws and applicable regulations

Lead, and assess the results of periodic security tests, including internal and external penetration testing and phishing

Schedule table-top exercises for Crisis Team and senior management and report findings to management, including implementation of recommendations

Review and approve Information Security policies, procedures and controls

Ensure that they are kept current and are communicated to staff/consultants

Ensure staff/vendor compliance with the Bank’s security policies and procedures

Manage a team of employees, contractors and vendors involved in Information Security

Brief the Executive Team on status and risks, overall strategy and necessary budget

Communicate best practices and risks to the Bank

Perform a risk assessment of the Bank’s vulnerabilities in the Cybersecurity landscape and develop the Bank’s risk appetite for Information Security

Develop Key Risk Indicators (KRIs) and dashboard metrics reporting to both the Management Team and the Board of Directors

Establish strong working relationships with the Heads of IT and business lines

Develop and present quarterly reports to the Board of Directors

Qualification

Enterprise Information Security ProgramCyber Security incident managementInformation Security trainingRisk assessmentData Privacy LawsInformation security engineeringCISSPCISACISMAnalytical skillsProblem solvingCommunication skillsPresentation skills

Required

Master's degree or equivalent experience

Minimum of ten (10) years of experience, at least five (5) years focused on managing information security in a complex, matrixed environment

Extensive experience in regulated industries, especially financial services; banking experience is preferred

Proven ability to create and maintain enterprise-level information security programs

Motivated individual with strong analytical, problem solving and root cause analysis skills

Ability to work on multiple, time-critical projects simultaneously

Knowledge of Data Privacy Laws

Working knowledge of information security engineering concepts and principles

Familiarity with DFS 500 and similar regulations

Experience working with external regulators, including NY DFS and FDIC

Excellent verbal and written communications, including presentation of complex data in easily, understood ways

Ability to confidently interact at multiple levels in the organization and lead cross-departmental team projects

Experience presenting to senior levels, including Board of Directors

Preferred

CISSP, CISA or CISM designations preferred

Company

Amalgamated Bank

For over a century, Amalgamated Bank has been America’s Socially Responsible bank supporting thousands of people, organizations, causes and businesses.

Founded in 1923

New York, New York, USA

201-500 employees