Information Security Officer

ESSENTIAL DUTIES AND RESPONSIBILITIES:

• Be knowledgeable about applicable financial regulations and state laws governing the banking industry.
• Develops, implements, reviews, and updates the Information Security Program, information security policy and information technology (IT) procedures to ensure that the bank complies with information security related regulatory requirements.
• Coordinates the Information Technology Risk Management Program inclusive of Third-Party Risk (Vendor) Management and application/system risk assessment. Conducts vendor risk assessments, maintains the information technology vendor/application inventory, and stores the IT vendor contracts.
• Ensures that all employees have access to pertinent security information and knowledge. Accountable for design, development, training, and release of security information.
• Responsible for determining bank information security standards. Develops and implements information security standards and procedures. Ensures that all information systems are secured. Identifies, reports, and resolves information security violations.
• Provides the overall Information Security program oversight through working with the Regional SVP’s.
• Provides Information Security Awareness Training and testing to Bank staff.
• Prepares information security related reports and presents them to the Board of Directors and Security & Risk Committee.
• Serves as a member of the Incident Response Team; participates in investigations and addresses information security incidents.
• Serves as an appointed member and Secretary of the Security & Risk Committee.
• Serves as a member of the BSA Committee.
• Assists Internal Audit with preparations for IT audits and exams including interface with external IT auditors and regulatory examiners.
• Maintains IT Change Control and Policy Exception tracking.
• Reviews daily iSeries monitoring reports for compliance with policy and procedures
• Monitors the network server SIEM alerts as they are issued by the MSSP, Jack Henry Gladiator and works with the IT department to investigate and resolve potential security incidents.
• Manage the E-mail Security products Egress Defend and Egress Prevent
• Responds to reports of malicious or potentially malicious e-mails ensuring that those e-mails are removed from all inboxes and incoming/outgoing blocks are applied.
• Manage the Bank’s ZIX e-mail encryption product.
• Manage the Bank’s Sharefile secure file sharing product.
• Perform other duties as assigned by supervisor including:
  • 4|Sight Item Processing systems administrator. Third line contact for user access to the Web Research application, and resolution of any processing totals balancing issues.
  • Assists the iSeries administrator with End of Year Processing tasks, parameter settings, tax form generation and printing, Tax form reporting to IRS.

MINIMUM EDUCATION AND EXPERIENCE:

• Bachelor’s Degree - Computer Science, IT, Accounting, Business and/or Finance
• Work Experience may be considered in lieu of a Bachelor’s Degree.
• Five or more years of information security related banking experience

MINIMUM SKILLS AND ABILITIES:

• Strong listening, written and verbal communication skills.
• Leadership and interpersonal skills
• Ability to handle confidential information.
• Working knowledge of Word and Excel
• Excellent networking skills
• Detail oriented and organized.
• Professional

COMPLIANCE: The employee has the responsibility to acquire and maintain the required knowledge of State and Federal Banking regulations and policies and those regulations and policies inherent to position requirements.

PHYSICAL DEMANDS: The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job.

While performing the duties of this Job, the employee is regularly required to talk and hear. The employee is frequently required to stand, walk and sit. The employee is occasionally required to reach with hands and arms. The employee must occasionally lift and/or move up to 25 pounds. Specific vision abilities required by this job include close vision.

WORK ENVIRONMENT: Typical office environment.

CONFIDENTIALITY: Confidential information concerning a customer, system, design, program or product unique to First Bank & Trust Company shall not be used for personal gain. Such information shall not be revealed to any person outside the Bank without the consent of the individual or organization involved or as otherwise permitted by law.

The statements on this job description are intended to describe the general nature and level of work being performed. They are not intended to be an exhaustive list of all responsibilities, duties, and skills required. Employees may perform other duties as assigned. In addition, all First Bank and Trust employees are expected to:

• Promote teamwork and cooperative effort.
• Help train and give guidance to other employees.
• Maintain a clean, safe, and unobstructed work area.
• Provide customers with the highest quality of products and service.
• Understand and apply appropriate quality improvement processes.
• Comply with corporate policies and procedures.

First Bank and Trust is an Equal Opportunity Employer EOE/AA/M/F/Disabled/Veteran