Jobs · Information Technology · Utah

Information Security Officer

Fortis Bank · Midvale, UT · 1 wk ago
Information TechnologyFull-time

Responsibilities

  • Develop, implement, and maintain the bank's information security policies, procedures, and standards in alignment with regulatory requirements and industry best practices.
  • Lead risk assessments, vulnerability management, and security incident response efforts, including coordination with internal teams and external partners during security incidents.
  • Oversee the design and execution of security controls for IT systems, networks, cloud environments, and third-party vendors.
  • Conduct regular security audits, IT risk assessments, penetration testing, and compliance reviews to identify and remediate potential weaknesses.
  • Collaborate with senior leadership to integrate security into business processes, including new product launches and technology acquisitions.
  • Manage security awareness training programs for employees and ensure ongoing education on emerging threats.
  • Prepare and present reports on security metrics, risks, and compliance status to executive management and the board of directors.
  • Manage the business continuity/disaster recovery program for the Bank, including annual tabletop exercises.
  • Stay abreast of evolving cyber threats, regulatory changes, and technological advancements to proactively enhance the bank's security posture.
  • Cook up with regulators during examinations and audits, ensuring timely response to findings and implementation of corrective actions.

Requirements

  • Bachelor's degree in Information Security, Computer Science, or a related field; Master's degree preferred.
  • Minimum of 7-10 years of experience in information security, with at least 3 years in a leadership role within the banking or financial services industry.
  • Proven experience with FDIC examinations, including preparation, participation, and follow-up on findings for banks with assets in the $1-2 billion range.
  • Demonstrated expertise in conducting and managing other relevant audits, such as financial statement audits, IT general controls audits, and compliance reviews typical for mid-sized community banks (e.g., under GLBA, FFIEC guidelines, and BSA/AML frameworks).
  • Hands-on experience implementing cybersecurity frameworks, including CRI Profile of NIST Cybersecurity Framework (CSF) 2.0 and CIS 8.1, with a track record of mapping controls to regulator requirements.
  • Professional certifications such as CISSP, CISM, CRISC, or equivalent.
  • Strong knowledge of security technologies, including firewalls, intrusion detection/prevention systems, encryption, and endpoint protection.
  • Excellent communication skills, with the ability to translate complex technical concepts to non-technical stakeholders.
  • Able to work in a fast-paced environment and manage multiple priorities effectively.
  • Strong organizational time management skills, problem solving skills, and the ability to quickly grasp concepts and processes with limited guidance from management.
  • Strong written and verbal communication skills.
  • Must be able to work in a team environment with the ability to interact well, and in a positive manner, with co-workers and management.
  • Strong written and verbal communication skills.
  • A positive and collaborative approach with both peers and management.
  • Versatility, flexibility, and a willingness to work on consistently changing priorities with enthusiasm.

Qualifications

  • Bachelor's degree in Information Security, Computer Science, or a related field; Master's degree preferred.
  • Minimum of 7-10 years of experience in information security, with at least 3 years in a leadership role within the banking or financial services industry.
  • Proven experience with FDIC examinations, including preparation, participation, and follow-up on findings for banks with assets in the $1-2 billion range.
  • Demonstrated expertise in conducting and managing other relevant audits, such as financial statement audits, IT general controls audits, and compliance reviews typical for mid-sized community banks (e.g., under GLBA, FFIEC guidelines, and BSA/AML frameworks).
  • Hands-on experience implementing cybersecurity frameworks, including CRI Profile of NIST Cybersecurity Framework (CSF) 2.0 and CIS 8.1, with a track record of mapping controls to regulator requirements.
  • Professional certifications such as CISSP, CISM, CRISC, or equivalent.
  • Strong knowledge of security technologies, including firewalls, intrusion detection/prevention systems, encryption, and endpoint protection.
  • Excellent communication skills, with the ability to translate complex technical concepts to non-technical stakeholders.
  • Able to work in a fast-paced environment and manage multiple priorities effectively.
  • Strong organizational time management skills, problem solving skills, and the ability to quickly grasp concepts and processes with limited guidance from management.
  • Strong written and verbal communication skills.
  • Must be able to work in a team environment with the ability to interact well, and in a positive manner, with co-workers and management.
  • Strong written and verbal communication skills.
  • A positive and collaborative approach with both peers and management.
  • Versatility, flexibility, and a willingness to work on consistently changing priorities with enthusiasm.

Skills

  • Strategic thinking
  • Regulatory compliance
  • Risk assessment
  • Security incident response
  • IT system security
  • Cloud environment security
  • Third-party vendor security
  • Security audits
  • Penetration testing
  • Compliance reviews
  • Business process integration
  • Security awareness training
  • Business continuity/disaster recovery
  • Evolving cyber threats
  • Regulatory changes
  • Technological advancements
  • FDIC examinations
  • Financial statement audits
  • IT general controls audits
  • Compliance reviews
  • Security frameworks (CIS 8.1, NIST CSF 2.0)

Benefits

  • Competitive salary commensurate with experience.
  • Employee stock purchase plan.
  • Health, dental, and vision insurance.
  • 401(k) retirement plan with company match.
  • Flexible work schedule.
  • Professional development opportunities.
  • Work-life balance initiatives.

Pay

  • Competitive salary commensurate with experience.

Schedule

  • This position is required to be in the office 5 days per week.

Similar jobs

Security Officer

Lifepoint Health®Hancock, MI· 2 wk ago
Information Technologyapply on jobs.lifepointhealth.net

Security Officer

Securitas Security Services USA, Inc.Solway, MN· 1 wk ago
Information Technology$17/hrapply on ekaw.fa.us2.oraclecloud.com

Security Officer

Securitas Security Services USA, Inc.Auburn Hills, MI· 1 wk ago
Information Technology$20/hrapply on ekaw.fa.us2.oraclecloud.com

Security Officer

Pacific SecurityMoses Lake, WA· 2 wk ago
Information Technology$17.5–$18.5/hrapply on pacsecurity.exacthire.com

Security Officer

Prairie MeadowsAltoona, IA· 2 wk ago
Information Technology$20/hrapply on workforcenow.adp.com

SECURITY OFFICER

Oneida HealthOneida, NY· 2 wk ago
Information Technologyapply on paycomonline.net