Senior Information Security Officer (Sr. BISO) - Technology

Job Description:

The Senior Technology Information Security Officer will be a member of the Business Information Security Officer's (BISO) organization and work closely with the line of business Front Line Units (FLU) / Operations (Ops) executives. In this role, you will support a team to develop a deep understanding of the business to facilitate specialized, risk-based information security discussions. This relationship will help prioritize the right risks and ensure effective guidance on information security topics, policies, and controls.

Scale/Scope

1. Contribute to ongoing information security initiatives, including development, implementation, and maintenance of security measures for FLU/Ops.
2. Serve as an Information Security subject matter expert, participating in the development, implementation, and maintenance of security protocols.
3. Provide guidance and advocate for investment prioritization impacting information security.
4. Advise management on risk issues related to information security and recommend appropriate actions aligning with the bank's risk management and compliance programs.
5. Monitor internal and external information security trends and keep leadership informed.
6. Manage quality control and reporting functions.
7. Ensure compliance with policies and legal requirements.

Risk Management

1. Drive GIS/FLU/Ops risk deliverables.
2. Collaborate with risk partners on critical information security priorities.
3. Participate in senior FLU/Ops risk management and business continuity routines.
4. Identify and evaluate global information security controls on key business processes or channels.

Required Skills

• 10+ years of experience in Information Security & Technology.
• 5+ years of risk management experience with proven ability to apply risk principles effectively.
• Subject matter expertise in application security, vulnerability testing, and risk appetite development.
• Experience evaluating cybersecurity controls and advising on platform security, including Cloud, PaaS, NoSQL, Big Data, and unstructured data stores like Cassandra, Hadoop, and Teradata.
• Knowledge of Windows, Midrange, and Mainframe platforms with emphasis on security and access controls.
• Exceptional communication and executive presentation skills.
• Strong influencing and problem-solving abilities.
• Comfortable communicating complex messages to diverse audiences.
• Strong leadership qualities to collaborate effectively across various management levels.

Desired Skills

• Bachelor's and/or Master's degree in Computer Science, Information Technology, or related fields.

This position will be open and accepting applications for at least seven days from the posting date.