Info Security Manager

https://recruiting2.ultipro.com/FIR1026FBHC/JobBoard/871b88b3-5f2a-47fa-8f51-cb062c7f0a20/OpportunityDetail?opportunityId=eaf29ab1-21d4-46b3-8e0b-83e431ce81ca
 

Job Details

Description

 

*Relocation assistance is not provided and this is not a fully remote position. FirstBank does not sponsor work visas.

Salary Range

$135,000.00 – $170,000.00
 

Founded in 1963, FirstBank maintains more than $20 billion in assets and operates over 110 branch locations across Colorado, Arizona and California. Its growth can be attributed to one simple philosophy: do right by customers, communities and employees, which is at the center of the company’s “banking for good” mantra. FirstBank believes that a company is nothing without the people that comprise it, and prides itself in hiring and training a diverse and talented group. By joining the FirstBank team you will experience its great team culture with ample opportunity for growth. There’s an opportunity for everyone with positions all across the company, from Teller and Call Center to Technology and Lending. Apply today to learn more and join the team!

A Brief Overview

The IT Manager of Security is responsible for the oversight and implementation of the security strategy. They will manage employees of the Security team to ensure the highest standards of security controls for the organization. They are responsible for prevention, detection, and response controls for the company.

What you will do

  • Oversee the security controls for the organization.
  • Ensure best practices are followed when implementing new processes or technology.
  • Responsible for defining, developing, and implementing the security architecture for the company.
  • Play a critical role in managing the successful response to a wide range of potential incidents.
  • Coordinate the daily activities and training of Security staff to develop their technical expertise.
  • Assign tasks and projects to Security staff; monitor progress of projects and task assignments to ensure work is being completed by agreed upon time frames.
  • Make decisions as necessary to keep projects on schedule.
  • Monitor industry trends and provide guidance to the company as appropriate.
  • Train other personnel on the company’s security policies and procedures; maintain and update company-wide security training programs.
  • Coordinate with law enforcement to ensure all crimes against FirstBank are properly handled.
  • Perform other duties and projects as assigned.
  • Understand and comply with all provisions of the Safety in the Workplace policy.

Supervises the work of a group of direct reports. Responsible for performance management and evaluations; hiring and staffing, scheduling. Enforces policies and procedures. Directs day-to-day work of employees, through supervision of lead staff or directly. Supervisory responsibilities may be limited to a specific shift or a portion of a function, facility or location. May assist with training and payroll. Coaches and develops staff.

Minimum Requirements

  • Typically requires a bachelor’s degree in related field and a minimum of 5 years of related experience and prior supervisory or management experience.
  • A combination of post-high school education, job related certification, and related experience equivalent to 7 years may be considered in lieu of minimum requirements

Preferred Requirements

  • Bachelor’s degree in Computer Science or other technical field
  • Minimum of six years related work experience
  • Strong background in information security, and associated best practices
  • Hands on knowledge of security technologies and frameworks

Knowledge, Skills, and Abilities

  • Strong organizational skills; ability to balance responsibilities for multiple projects
  • Excellent verbal and written communication skills
  • Good understanding of data communication topologies, protocols, various types of data communications equipment and FirstBank network structure
  • Excellent understanding of the following technologies: VPN, IPSEC, DKIM, SPF, DMARC, DNS, SMTP, Red Team testing methodologies, Penetration Testing, SANS CSC 20 critical controls
  • Excellent understanding of web application technologies and exploits, including OWASP Top 10, Cross Site Scripting (XSS), SQL Injection, Cross Site requireduest Forgery (CSRF)
  • Excellent knowledge of how security is implemented in networking equipment and on various platforms; knowledge should include a thorough understanding of firewalls, packet filtering routers and security mechanisms implemented in various operating systems, databases, and applications
  • Strong understanding of various security technologies, including remote access systems, strong authentication techniques, encryption, and digital certificates
  • Excellent knowledge of various security tools, including syslog analyzers, intrusion detection software, penetration scanning software, and auditing software
  • Strong knowledge of law enforcement practices, and the ability to successfully support and interact with law enforcement during an emergency. Including physical security best practices and their implementation
  • Strong understanding of cloud technologies and how to properly secure them #BI-REMOTE

Working Conditions and Physical Requirements

  • Frequently remains stationary throughout a typical business day
  • Frequently operates a computer and other office machinery, such as a calculator, copy machine, and computer printer
  • Occasionally moves about inside the office to access file cabinets, office machinery, and other rooms
  • Occasionally positions self to access drawers and shelves of various heights
  • Frequently reaches for and handles paperwork and files
  • Constantly communicates with customers, coworkers, and management in-person and on the phone
  • Must be able to exchange accurate information

 

This Job may be eligible for the:

  • Retention Bonus Plan

Statement of Benefits

FirstBank offers a suite of benefits that support our employees’ professional, financial, physical, emotional and spiritual well-being. Benefits currently offered with our positions include: Paid Time Off/paid leave programs, 401K/Employee Stock Ownership, United Healthcare medical, MetLife dental, VSP vision, Employee tuition reimbursement, Volunteer Time Off, Short-Term Disability, Long-Term Disability, and Group Life Insurance/AD&D

FirstBank is an EOE/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to age, race, color, religion, sex, sexual orientation, gender identity, national origin, genetic information, disability, veteran status, or any other applicable status protected by state or local law. FirstBank does not permit pay inequities. Anyone who believes they have been subject to pay inequity should immediately report their concerns to the Human Resource Department.


Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities

The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor’s legal duty to furnish information. 41 CFR 60-1.35(c)

Vice President of IT Security

Job Title:  VP, IT – Security & Controls

Department: IT

Location:  Broomfield, CO

FLSA Status:  Exempt

 

SUMMARY:

The VP of IT – Security & Controls serves as the senior leader within the security function. The position has the responsibility to build and lead a high performing team to define an enterprise-wide cyber security program and risk strategy by providing full oversight, strategic direction, and technical leadership. Key responsibilities for this role will be operational and strategic and will require collaboration, relationship building and teamwork with leaders across the enterprise. The ideal candidate is an innovative thought leader adept at building consensus within a complex, high growth organization while integrating solutions, people, and processes.

The VP of IT – Security & Controls will report to the SVP of Global IT and will be part of the IT leadership team. The position is based in Broomfield and will be responsible for a team.  

ESSENTIAL DUTIES AND RESPONSIBILITES:

  • Lead and develop a Security team responsible for standards, governance, policies, procedures, compliance
  • Champion and Lead on our Cybersecurity Program
  • Responsible for developing and executing IT Security Program strategic vision and roadmap
  • Ensure compliance and adherence to SOX, PCI and Identity Theft Laws as well as company / industry best practices
  • Build excellent relationships through strong interpersonal skills and educate on “Why” to influence advancement of Security strategy
  • Prioritize and implement security initiatives to protect the business and brand while allowing for speed and flexibility of enterprise objectives
  • Responsible for IT Security Projects while meeting project timelines and staying on budget
  • Oversee, create, and document technology procedures and controls to assure compliance with applicable regulatory and legal requirements
  • Provide security oversite of 3rd parties and contractors with regards to accessing enterprise systems and services
  • Advance formal risk analysis and assessment programs for all new and existing IT system
  • Manage IT Security vendors, contractors, consultants, and external teams and hold them accountable to performance expectations and service level agreements including 3rd party vendors for testing programs.
  • Accountable to proactively monitor for intrusion attempts and all other security threats and implement practices to safeguard the enterprises data and technology assets
  • Key stakeholder for security breaches and incidents associated with all systems and services
  • Oversee and maintain incident response plan, security training and awareness strategy
  • Collaborate with Internal Audit, General Counsel and Risk Management to remediate new and outstanding issues
  • Work with business leaders and staff on data classification, security requirements and exposure mitigation steps
  • Maintain a framework that allows for flexible adherence to regulatory requirements as it applies to platform technologies
  • Develop and maintain a risk matrix of potential threats to the enterprises existing platform and data.
  • Promote and advocate enterprise-wide security awareness programs
  • Maintain expertise on security trends through training, research, and development to mitigate potential security exposures
  • Participate in gathering information to support legal or HR investigations
  • Provide Security updates to Executive Team on an as needed basis.

JOB REQUIREMENTS

Minimum Qualifications:

  • Education: Bachelor’s degree in Computer Science or related filed is required. Professional experience, beyond requirement, in a related field may substitute for a Bachelor’s degree requirement on a year for year basis.
  • Experience:  Fifteen (15) years of experience leading an information security team in a global company including working experience in retail is required.  

Knowledge, Skills, and Abilities:

  • Demonstrated positive business impact through the use of technology
  • Experience ranging from Strategic Planning to driving daily operations
  • Ability to influence at all levels of the organization
  • Excellent verbal and written communication skills.
  • Demonstrated strong leadership skills and high emotional intelligence
  • Experience with multiple labor models (shared services/onshore/offshore).
  • Solid experience with:
    • Large project management
    • Budget development and management
    • Team development and retention
    • Vendor Assessment and Management

Crocs is an Equal Opportunity Employer committed to a diverse and inclusive work environment.?

Title: Vice President of IT Security and Controls 

Job Level: C- VP

Salary Range: $255,000 – $295,000 base + bonus and stock 

Workplace Persona: Collaborator (hybrid work schedule; in office 60-80%)

This position is eligible to participate in a company incentive program.

This position is eligible for company benefits including but not limited to medical, dental, and vision coverage, life and AD&D, short and long-term disability coverage, paid time off, employee assistance, bonus, participation in a 401k program that includes company match, and many other additional voluntary benefits.