Director of Information Security
St. Cloud, Minnesota, United States of America
Full Time
2 hours ago
$120,000 - $190,000 USD
No H1B
Key skills
CloudCyber SecurityFirewallsSDLCTCP/IPLeadershipRisk ManagementChange ManagementCommunicationNetwork Security
About this role
Role Overview
- Lead and continuously evolve the Bank’s Information Security Program aligned with regulatory frameworks.
- Conduct or direct annual enterprise-wide IT risk assessments and identify threats and vulnerabilities.
- Develop and execute a multi-year enterprise security roadmap aligned with business strategies.
- Manage the cybersecurity self-assessment process and ensure findings are documented and reported.
- Serve as the primary security advisor to executive leadership and Board committees.
- Oversee the security alignment of IT architecture including network, cloud platforms, and core banking integrations.
- Ensure compliance with notification requirements of all relevant regulatory agencies.
- Develop policies for enterprise-level risk and compliance requirements.
- Maintain the Bank’s state breach notification matrix and coordinate customer notification processes.
- Ensure cyber resilience testing and conduct regular tabletop exercises.
Requirements
- 10+ years of progressive experience in cybersecurity, infrastructure security, or enterprise technology risk.
- Experience in a regulated financial institution (OCC or FDIC supervised preferred).
- Demonstrated experience leading security strategy in cloud or hybrid environments.
- Experience overseeing third-party and fintech technology risk.
- Demonstrated ability to lead cross-functional initiatives.
- Experience engaging directly with regulators and auditors.
- Strong program management capabilities.
- Proven working knowledge of requirements for GLBA, SOC, FFIEC and PCI and OCC and FDIC guidance on data security and IT examination requirements.
- Experience with auditing processes, including Network Security, SDLC/Change Management and IT related functions.
- Knowledge of the global IT Risk Regulatory Landscape and Risk Management Model (e.g. Threats, Vulnerabilities, and Controls)
- Strong technical skills (application and operating system hardening, vulnerability assessments, security audits, TCP/IP, intrusion detection systems, firewalls, etc.)
- Experience in developing and maintaining a technology Risk Assessment process.
- Must possess a high degree of integrity and trust along with strong communication skills and ability to work individually, within a team and with other business groups.
- Experience or understanding of Disaster Recovery, Business Continuity, and Incident Response initiatives.
- Must have ability to develop policies and procedures and communicate effectively.
- Understanding of federal and other regulatory requirements and the ability to keep current.
- Experience working with federal examiners.
- Must be open to working on-call.
- BS/MA degree in related technical and security disciplines.
- Certifications in data security and/or auditing procedures not required but preferred.
- Familiarity with banking related software (Fiserv preferred).
Tech Stack
- Cloud
- Cyber Security
- Firewalls
- SDLC
- TCP/IP
Benefits
- Employee Stock Ownership Plan & 401k Plan
- Healthcare (Medical, Dental, Vision, Telehealth, Life insurance)
- 12-week Paid Parental Leave and Medical Leave: With a cap of 20 weeks for eligible team members who qualify for both Medical and Parental Leave related to the birth of a child
- $5,000 Family Care Reimbursement: Childcare, Elder Care, Student Loan Debt, Pet expenses, Down Payment Assistance
- PTO from 13 to 23 days depending on tenure. Cashout and Carryover options
- 10 Days Sick Time
- 11 Paid Holidays
- 4 Days Volunteer Time
- 2 Days Self Allowance Time
- Tuition Assistance