Data Privacy & Security Manager
Ocean Bank · Miami, FL · 2 mo ago
Information TechnologyFull-time
Responsibilities
- Drive and maintain privacy and information security policies, standards, and annual manual reviews.
- Lead vendor security due diligence, risk scoring, and ongoing monitoring (including AI/vendor risk considerations).
- Perform and coordinate key regulatory/security assessments (e.g., SWIFT CSP, Fedline, GLBA/FDICIA/FACTA reviews).
- Oversee risk assessments for restricted information and ensure timely resolution of security violations.
- Collaborate closely with the CISO & Head of Security, Compliance, IT, and Marketing on incident response, breach notification, and regulatory communications, State and Federal regulators in accordance with legal and policy obligations.
- Prepare clear reporting and presentations for Management and the Board.
- Aid in developing and delivering employee training on privacy and information security.
- Serve as a point of contact for regulatory agencies and internal auditors.
Qualifications
- Education/Experience: Bachelor’s degree in Information Security, Accounting, Cybersecurity, Computer Science or Risk Management related. 5+ years of experience working with data security, compliance, Information Technology, IT Audit, and in conducting regulatory research.
- Knowledge of laws and regulations affecting individual privacy, electronic security and/or information technology. Familiarity with FFIEC, FDIC, GLBA, FACTA, SWIFT CSP, Fedline requirements.
- Broad range of technical knowledge about systems, networks, and telecommunications (SWIFT, CSP, Feldline, DLP). Combination of education and experience will be considered.
Skills & Competencies
- Must be proficient in the use of personal computer(s) that utilize a variety of operating systems (e.g., Microsoft Windows XX, Macintosh, linux).
- Must have familiarity of, or the ability to gain a fundamental understanding of prevailing laws such as Federal Trade Commission's Red Flag Rules, Gramm-Leach-Bliley Act (GLBA), BSA, FFIEC.
- Ability to interpret SOC reports, FDICIA, and regulatory guidelines.
- Policies Development & Governance: Creating and maintaining security/privacy manuals. Strong project management and policy development skills.
- Must possess strong organizational, analytical, interpersonal, problem solving, written and verbal communication skills. Must be able to handle confidential and sensitive information.
- Computer proficient in MS Software, (e.g. Excel, Word, and Outlook).
Preferences
- Experience working in the Banking industry and auditors.
Licenses/Certifications
- CISM (Certified Information Security Manager), Highly preferred
- CISA (Certified Information Systems Auditor), Highly preferred
- CISSP (Certified Information Systems Security Professional), Preferred
- CIPM or CIPP (Privacy certifications), Preferred
- CRISC (Certified in Risk and Information Systems Control), Preferred
- CompTIA Security+ or Certified Ethical Hacker (CEH) for technical depth, Preferred