This job has expired, please see additional jobs below
Information Security Specialist
Eastern Bank
Lynn, MA, United States
Job Details - this job has expired, please see similar jobs below
Description
This position is responsible for developing and collaborating across divisions to implement Eastern Bank’s Information Security program. The primary goal of the program is to protect the confidentiality, integrity and availability of information resources while aligning to business goals and objectives.
Responsibilities:
• Maintain Information Security policies and procedures, ensuring adherence by engaging cross-functional organizational stakeholders in periodic policy review and changes.
• Monitor external threat landscape for changes and ensure that security practices and programs adequately address changing dynamics.
• Conduct periodic user access reviews to ensure effectiveness of identity and access management program and practices.
• Assist in the delivery of a Bank wide information security education and awareness program, ensuring that broad-based enterprise awareness objectives are met.
• Responsible for interfacing on a regular basis with technology departments to provide security architecture recommendations for improving configuration standards.
• Provide information security subject matter expertise in bank technology project meetings.
• Lead security risk assessments of Bank and third-party technology platforms and document findings/risks.
• Document and manage life cycle of critical cyber incidents.
• Provide oversight of the Bank’s vulnerability management program.
Requirements:
• Excellent communication skills, including ability to present to senior leadership and get buy-in from internal stakeholders.
• Experience in performing risk and technology assessments.
• Effective written and oral communication skills.
• Experience in the oversight and execution of a continuous monitoring and improvement program including security control assessments.
• Strong technical, organizational and administrative skills.
• Makes recommendations to manager on decisions of complex, multifaceted nature.
• Independently drives and coordinates solutions to complex matters
Qualifications
Education and Experience:
• 3-5 years experience in delivering or managing information security services, policies, standards, and programs.
• BS in Management Information Systems, Computer Information Systems, Information Technology, Information Assurance, or Information Security or equivalent combination of training and experience
Skills/Knowledge:
• Security-related professional designation preferred: CISSP, CISM, CISA certifications
• Deep understanding of information security threats, risks, processes, and controls
• Proficiency with current and emerging technology architectures including: Windows, Linux, Networking, public cloud architecture, virtualization, security technologies, etc.
• Proficiency with application development and testing
• Basic understanding of security frameworks, such as CIS CSCs, NIST CSF, and ISO 27001
• Identifying key risks and controls, recommend improved controls, perform controls readiness projects and identify and assess configuration of controls in IT infrastructure (security, change management, operations, and program development)