Information Security Officer

Minimum Requirements, Activities, & Responsibilities

Education and Experience: 

• Bachelor’s degree in information security or comparable field OR any combination of experience, education, or training required.
• 5-8 years or more of experience in information security or a security related position, of which, a minimum of two years in a supervisory role; knowledge of financial institution operations, policies and procedures and pertinent codes required.
• Experience designing policies and procedures for a risk management discipline such as information security, business continuity planning, quality assurance, or contract and vendor management required.
• Certifications preferred: Certified Information Systems Security Professional (CISSP), Certified Chief Information Security Officer (CCISO), Certified Information Security Manager (CISM), and/or Certified Ethical Hacker (CEH).

Essential Functions:

• Develop and maintain information security risk assessments designed to evaluate inherent risks, threats, controls, and residual risks to confidential information and information systems. 
• Assess the quality of cyber and information security controls, including physical controls that ensure both physical and environmental security, and make recommendations to Management for enhancements to address residual risks identified.
• Perform security monitoring, prevention, and risk mitigation to ensure intrusion detection/prevention systems and antivirus protection are current and firewall rules are configured properly and reviewed. Monitor system alerts to identify, prevent, and contain cyber-attacks. Conduct phishing exercises and oversee penetration testing, vulnerability scans, and social engineering testing.
• Prepare reports to management, Risk Committee, and the Board of Directors that address the results of various risk processes and testing.
• Oversee and support security awareness activities for Bank associates and customers to include training, job aids, and client-facing tools.
• Assist with preparation for regulatory examinations and audits. Respond to examiner and auditor questions during examinations and audits.  
• Ensure that appropriate security controls and risks are considered during vendor selection and internal development efforts.
• Monitor regulations and technology trends that affect financial institutions. Evaluate Bank readiness and develop project plans for compliance with regards to information security.
• Establish and maintain successful external relationships with security technology and service providers, industry experts, local and federal law enforcement, industry consortiums, and regulatory agencies. 
• Work closely with Technology professionals responsible for user security and access controls to review privileged levels of access and changes to the technology environment for risk.
• Validate business continuity and disaster recovery plans by participating in mock disaster or tabletop exercises and coordinate with business unit leaders to update business continuity and disaster recovery plans to address information security threats. 
• Other duties as assigned.

Skills and Capabilities:

• Superior writing skills.
• Proven ability to design technology solutions to address business process issues, which are both database-driven and network-delivered.
• Ability to make independent decisions within authority and assigned responsibilities.
• Ability to define problems, collect data, establish facts, and draw conclusions.
• Ability to interpret an extensive variety of technical documents and deal with several abstract and concrete variables.
• Analytical and critical thinking skills.
• Attention to thoroughness, accuracy, and detail.
• Strong knowledge of standard computer applications including MS Word, Excel, and Outlook.
• Strong organizational, problem-solving, and time management skills.
• Ability to lead by example in a team setting and work independently while performing duties.
• Must be able to perform this position safely, without endangering the health or safety of himself or herself or others.
• Must be capable of regular, reliable, and timely attendance.
• Must be able to effectively handle multiple, simultaneous, and changing priorities.
• Must be able to demonstrate highest levels of customer service and confidentiality with internal and external customers.

Interested in applying? Visit our website at www.montecito.bank/careers 

Review opening using the “Apply Now” tab on our Careers web page 

Once you've selected desired position, click “Apply" on the top right-hand corner of the web page

Create a personal log-in to submit your expression of interest

A member of our Human Resources department will reach out to you to let you know whether or not you have been selected to move forward in the interview process

Equal Opportunity Employer/Disabled/Veteran

** The typical hiring range based on qualifications and pay equity is $140,577.49-$169,370.47