POSITION SUMMARY
The Information Security Program Manager (PM) is responsible for managing all aspects of the Information Security Program including the Bank’s Security Awareness Program. You will drive continuous process improvement and collaborate effectively with cross-functional teams and departments to tackle to challenges and implement new solutions for driving adoption of security solutions across the Bank. This position requires both technical and creative skills and reports to the Chief Information Security Officer.
The Information Security Program Manager will have 7-10 years of professional experience, including previous experience in Cybersecurity and program/project management, and will drive the day-to-day coordination and execution of the Bank’s Information Security program. You will develop and maintain effective project management processes, workflows, and documentation in alignment with internal Bank project management procedures and to protect the integrity of our regulatory and compliance requirements. The InfoSec Program Manager will also manage and maintain the development and delivery of the Information Security awareness training and testing throughout the Bank.
You will be responsible for all aspects of the Bank’s Information Security Program including the development and maintenance of security policies, department policies and procedures, building key metrics reporting and monitoring, and defining and managing all program projects and tasks. You will also build out strategic workflows, project roadmaps, and build modules to streamline daily duties and initiatives for the program.
You will be responsible for bringing teams together to deliver on security project and initiatives, driving the execution of multiple tracks of work to achieve program goals, managing dependencies and risks, and regular communication of status to stakeholders. You will oversee and execute the Bank’s Security Awareness program which includes monthly newsletter creation, multiple annual awareness campaigns, and collaborating with Marketing to develop a plan to enhance and expand training material.
ESSENTIAL FUNCTIONS AND BASIC DUTIES
- Maintain and coordinate the Information Security Project Portfolio and routine InfoSec activities in accordance with the mission and goals of the Bank’s security master plan.
- Collaboration with the Chief Information Security Officer and other executives and leaders on implementing an evaluation method to assess program strengths and identify areas for improvement.
- Build metric reports and presentation for the Chief Information Security Officer to present during each of the quarterly Executive Committee meetings.
- Participate in the Bank’s change management program.
- Providing accountability on a team with a diverse array of talents and responsibilities.
- Support writing SOP and SLA documents where required.
- Ensuring department goals are tracked in areas including compliance, employee training and awareness, threat detection and response, data privacy security and third-party vendor evaluation.
- Engage with the broader team on developing content to train and test employees on good working habits as it relates to information security.
- Develop and enforce best practices to improve effectiveness of project meetings, including agendas, collecting participants' prep material, and clear objectives.
- Facilitates and reinforces a positive working environment conducive to productive communication, collaboration and continuous learning.
- Seeks to understand and communicate organizational goals to optimize team and project priorities.
- Implementing and reporting changes and interventions to ensure project goals are achieved.
- Meeting with stakeholders to make communication easy and transparent regarding project issues and decisions on adjustments.
- Producing regular communications reporting on program status to the enterprise and internal stakeholders.
- Working on information security awareness communication and promotion strategy with the marketing team.
OTHER RELATED FUNCTIONS:
- Knowledge and experience working in the full Microsoft Suite (i.e. Office, Power Platform, etc.).
- Create content and design for Security Awareness newsletters distributed monthly and quarterly.
- Maintain up-to-date knowledge of security related products & services as well as Bank procedures and regulations as they pertain to security.
- Provide second-line analytic reports by collecting, analyzing, and summarizing data and trends.
- Work effectively with other associates by practicing punctuality, respect for deadlines, collaborative problem solving, and honest communication.
QUALIFICATIONS
Education/Certification:
Bachelor’s degree in computer science, information assurance, MIS or related field, or equivalent work experience. Professional certifications including CISSP / CISM / CRISC / SANS a plus
Required Knowledge:
▪ Thorough knowledge of Bank products and services.
▪ Understanding of related computer applications.
▪ Knowledge or experience working with common Cybersecurity Frameworks including the NIST CSF
▪ Core understanding of fundamental project management principles and Methodologies
Experience Required:
▪ 7-10 years of professional experience and in related fields.
▪ 1-3 years of experience in an information security related role.
▪ 1-3 years of experience in Program/Project management role.
Skills/Abilities:
▪ Proven experience in program development and management.
▪ Proven stakeholder management skills.
▪ Proven experience facilitating and leading teams in projects.
▪ Competency in business document management and creation platforms
▪ Excellent verbal and written communication skills, including ability to translate Information Security terminology and concepts for easy consumption by cross functional stakeholders
▪ Exceptional organizational and time-management skills
▪ Understands service design and delivery concepts.
▪ Leverages subject matter expertise in security and compliance
▪ Possesses a high level of integrity, trustworthiness and confidence, andrepresents the organization with a high level of professionalism.