Job Specifications
International Bank seeks a Chief Information Security Officer:
Key Responsibilities:
Implement and oversee the development, implementation, and maintenance of the Information Security Program in alignment with established cybersecurity responsibilities, head office policies, and local regulatory requirements
Define branch-specific Information Security requirements and assess the impact of emerging technologies, threats, countermeasures, and regulatory changes on the bank’s security level
Serve as the central point of contact and escalation instance for information security issues and conflicts of interest, both internally and externally, including regulatory liaison
Coordinate and track the investigation, escalation, and remediation of security incidents and breaches, fulfilling all local and regulatory reporting obligations (including mandated NYCRR500 notifications)
Define and review service level agreements (SLAs) for IT and second line support services in the context of information security
Advise and support business units in understanding and implementing security requirements, including third party/vendor relationships and contract negotiations
Plan and deliver targeted security awareness and training initiatives for employees at the New York branch
Coordinate and support regulatory self-assessments, compliance reviews, and regular cyber risk and threat analyses (including penetration testing, data leakage risk assessments, and NYCRR500-specific requirements)
Collaborate closely with IT, business lines, and group functions to develop and implement effective technical and organizational security measures
Stay up to date on current and emerging regulatory requirements, technologies, threats, and best practices relevant to information and cyber security in the financial sector
Requirements:
8 to 10 plus years experience in information and cyber security, within the banking industry
Profound knowledge of US and NY regulatory requirements (NYCRR500, DFS 500, FFIEC) and best practices (e.g. ISO 27001)
Experience in risk management, incident handling, and audit support
Recognized security certifications (e.g. CISSP, CISM, CRISC) are an advantage
Strong analytical, organizational, and communication skills
About the Company
Stone Management is an executive recruitment firm, founded in 1987. Our corporate clients and candidates appreciate our personal attention and integrity. We have built our reputation by successfully serving clients specializing in : Accounting, Finance and Marketing/ Advertising, Human Resources, Financial Systems, Brokerage Operations, etc.. We serve the following industries: financial services, media, communications, entertainment, publishing, and social media. Applying the latest in recruitment technologies, Stone Managem...
Know more