Information Security Officer
Responsibilities
- Develop, implement, and maintain the bank's information security policies, procedures, and standards in alignment with regulatory requirements and industry best practices.
- Lead risk assessments, vulnerability management, and security incident response efforts, including coordination with internal teams and external partners during security incidents.
- Oversee the design and execution of security controls for IT systems, networks, cloud environments, and third-party vendors.
- Conduct regular security audits, IT risk assessments, penetration testing, and compliance reviews to identify and remediate potential weaknesses.
- Collaborate with senior leadership to integrate security into business processes, including new product launches and technology acquisitions.
- Manage security awareness training programs for employees and ensure ongoing education on emerging threats.
- Prepare and present reports on security metrics, risks, and compliance status to executive management and the board of directors.
- Manage the business continuity/disaster recovery program for the Bank, including annual tabletop exercises.
- Stay abreast of evolving cyber threats, regulatory changes, and technological advancements to proactively enhance the bank's security posture.
- Cook up with regulators during examinations and audits, ensuring timely response to findings and implementation of corrective actions.
Requirements
- Bachelor's degree in Information Security, Computer Science, or a related field; Master's degree preferred.
- Minimum of 7-10 years of experience in information security, with at least 3 years in a leadership role within the banking or financial services industry.
- Proven experience with FDIC examinations, including preparation, participation, and follow-up on findings for banks with assets in the $1-2 billion range.
- Demonstrated expertise in conducting and managing other relevant audits, such as financial statement audits, IT general controls audits, and compliance reviews typical for mid-sized community banks (e.g., under GLBA, FFIEC guidelines, and BSA/AML frameworks).
- Hands-on experience implementing cybersecurity frameworks, including CRI Profile of NIST Cybersecurity Framework (CSF) 2.0 and CIS 8.1, with a track record of mapping controls to regulator requirements.
- Professional certifications such as CISSP, CISM, CRISC, or equivalent.
- Strong knowledge of security technologies, including firewalls, intrusion detection/prevention systems, encryption, and endpoint protection.
- Excellent communication skills, with the ability to translate complex technical concepts to non-technical stakeholders.
- Able to work in a fast-paced environment and manage multiple priorities effectively.
- Strong organizational time management skills, problem solving skills, and the ability to quickly grasp concepts and processes with limited guidance from management.
- Strong written and verbal communication skills.
- Must be able to work in a team environment with the ability to interact well, and in a positive manner, with co-workers and management.
- A positive and collaborative approach with both peers and management.
- Versatility, flexibility, and a willingness to work on consistently changing priorities with enthusiasm.
Qualifications
- Must be able to work in the office 5 days per week.
- The position is open in the Denver and Salt Lake City Markets.
Benefits
Fortis Bank offers a competitive benefits package designed to support the health, wellness, and financial security of our employees. This includes:
- Health, dental, and vision insurance plans.
- Paid time off, including vacation, sick leave, and holidays.
- Flexible spending accounts for healthcare and dependent care expenses.
- 401(k) retirement savings plan with company match.
- Employee assistance program for personal and professional development.
- Discounts on Fortis Bank products and services for employees and their families.
Pay
The salary range for this position is $120,000 - $150,000 annually, depending on experience and qualifications.
Schedule
This position is required to be in the office 5 days per week.
About Fortis Bank
Fortis Bancorp is the $1.3 billion bank holding company for Fortis Bank. Fortis Bank is a full-service bank that provides loans, deposits, and cash management services to businesses and their principals, with branch locations in Colorado and Utah. More information about Fortis Bank is available at www.fortisbankus.com. At Fortis Bank, we pride ourselves in being a partner to our clients by offering comprehensive banking solutions while building trusted, long-term relationships. Every role at Fortis is connected to our company strategy and can drive high impact. Each of our hand-selected and talented team members work closely together to contribute to the heart of our company culture that combines banking expertise and personalized service to create an unparalleled client experience. We recognize, reward, and develop those individuals who make an outsized impact to our client experience and are committed to driving our business forward. Fortis is Great Place to Work-Certified™ Join a team where your expertise and passion can make a meaningful impact. Learn more today at https://www.fortisbankus.com/working-at-fortis.