Information Security Officer
Company: ConnectOne Bank
Location: Englewood Cliffs
Posted on: November 20, 2022
The purpose of this role is to support the core mission of
ConnectOne Bank to achieve the highest standards of information
risk and cyber security within the Bank. The candidate will monitor
the Bank's commitment to preserving the confidentiality, integrity,
and availability of all the physical and electronic information
assets throughout the Bank. The candidate will plan, direct, and
coordinate the Bank's data and cybersecurity policies and
guidelines to ensure that all information systems are secure, and
safeguarded throughout the Bank and follow privacy, customer trust
and information security laws and regulations applicable to
financial institutions. Key Responsibilities
- To apply a deep understanding of industry standards relating to
current data/cyber security products and data/cyber security
- To help represent the Bank on project boards that have a strong
security posture to ensure that appropriate actions are taken to
ensure continued compliance with corporate data security standards.
As well as prepare written reports as needed.
- To monitor appropriate segregation of duties within and across
- Responsible for Incident Response Plan and annual testing of
- Responsible for ensuring training is sufficient and encompasses
current policies and procedures.
- To document, implement and review data and cybersecurity
policies and risk assessments that affect all business units within
the Bank and support the IT Risk Management process.
- Ensure that data and cyber security policies are implemented,
enforced, and monitored and to ensure the Bank embraces a culture
- To provide leadership as well as ensuring the technical and
administrative support for the development and maintenance of
Business Continuity and Business Impact Analysis programs for the
- Review the results and responses for the annual health check of
all Bank IT infrastructure systems and facilities, to include, but
not restricted to, the following: (a) a full penetration test, (b)
a network summary that will identify all IP addressable devices,
(c) network analysis, including exploitable switches and gateways,
(d) vulnerability analysis, including patch levels, poor passwords
and services used, (d) exploitation analysis.
- Review the results of the data protection audit making
recommendations for improvements. This will involve liaison with
senior staff across the organization.
- Ensure that all information security incidents are recorded and
assist in the investigation ensuring that all 'evidence' related to
any incident is recorded and maintained for legal retention
- To monitor the Bank's Intranet site, ensuring that it contains
the most up-to-date and accurate information with regards to
- To actively promote best practices across the Bank relating to
the use of email, anti-virus software and Internet access.
- To use and assist others in the use of information technology
systems to carry out duties in the most secure manner.
- In-depth knowledge and experience in the following
information/cyber security areas.
- Information/cybersecurity assessment from both technical and
- Vulnerability scanning and auditing tools
- Enterprise-scale network, host-based IDS architectures firewall
- Computer investigation and forensics methods and
- E-commerce application security Skills
- Strong knowledge of regulatory bodies, and the regulations and
guidance issued by these bodies, overseeing banks, and financial
services organizations, such as FDIC, FinCEN, FRB and OCC.
- Strong knowledge of privacy laws, such as GLBA and SOX
- Must possess strong project management and leadership aptitude;
demonstrated professionalism in managing multiple projects and
- Should have experience with business continuity planning,
auditing, and risk management, as well as contract and vendor
- Outstanding communication skills- must be proficient
communicating across all levels of the organization as well as
building successful relationships.
- Strong People First interest and ability Other Requirements
- Minimum 8+ years of progressive experience in Information
Technology/Cyber Security and banking industry
- Must be an intelligent and persuasive leader who can serve as
an effective member of the senior management team and who is able
to communicate security-related concepts to a broad range of
technical and non-technical staff. Acting as a bridge between IT
and business process owners.
- Certification such as CISA, CISM or CISSP
- Bachelor's Degree in computer science, accounting or related.
ConnectOne Bank is an equal opportunity employer and does not
discriminate with respect to any term, condition or privilege of
employment based on race, color, religion, sex, sexual orientation,
gender identity or expression, age, disability, military or veteran
status, marital status, or status of an individual in any group or
class protected by applicable federal, state, or local law.
ConnectOne Bank also provides reasonable accommodations for
qualified individuals with disabilities in accordance with the
Americans with Disabilities Act and applicable state and local
laws. If an accommodation is needed to participate in the job
application or interview process, please contact Talent
Keywords: ConnectOne Bank, Yonkers , Information Security Officer, Other , Englewood Cliffs, New York
Didn't find what you're looking for? Search again!