I am...

Position Overview

The goal of The Information Security Officer is to ensure that each functional area of the Bank achieves and maintains an adequate level of compliance with all applicable laws, rules and regulations, in order to protect the interests of the Bank and prevent fines, penalties or other regulatory sanctions, as well as reduce exposure to risk and potential litigation. This includes ensuring the Bank has industry standard controls to protect the confidentiality, integrity and availability of information owned, controlled or processed by the Bank.

• Develop, implement, and maintain the bank’s information security program in alignment with industry standards and regulatory requirements (e.g., GLBA, FFIEC, NIST, ISO 27001).

• Annual director and staff InfoSec training.

• Annual policy review/update.

• Annual user access reviews.

• Oversight of the incident response program.

• Liaise between the IT Team and Compliance, Audit, Legal and HR management.

• Work directly with the business units to facilitate IT risk analysis and risk management.

• Process, identify acceptable levels of risk, and establish roles and responsibilities with regard to information classification and protection.

• Participate in IT-related management committees in an advisory and leadership role.

• Oversight/tracking of audit/regulatory findings/corrective actions related to InfoSec.

• Administration of quarterly penetration testing, i.e. oversight of the vendor; follow-up.

• Administration of the quarterly phishing test program.

• Perform daily, weekly, monthly reviews of user activity.

• Produce periodic reports to the Board and senior level committees on the current state of the Information Security program.

• Assist in the development and execution of comprehensive Bank-wide risk management and compliance programs.

• Develop and maintain written risk management and compliance policies and procedures.

• Maintain a current awareness of the regulatory environment and a working knowledge of state and federal laws and regulations.

• Assist or partner with third-party or internal audits/reviews of the adequacy and effectiveness of the Bank’s internal controls and operating procedures with respect to applicable laws and regulations and adherence to the Bank’s risk management and compliance policies.

• Analyze and evaluate audit findings, and, if appropriate, assist in initiating changes in the Bank’s policies, procedures, and control systems for compliance and risk management.

• Lead investigations of security incidents and breaches, providing recommendations for corrective actions and reporting findings to senior management.

• Research Information Security issues and questions and provide interpretations of clarifications to employees or auditors.

• Participate in the development of new products and services to ensure proper controls for the confidentiality, integrity and availability of data and systems.

• Set priorities while working independently on multiple concurrent projects without direct supervision.

• Continuously assess and enhance the bank’s security program to address evolving cyber threats and changes in regulatory requirements.

• Work in a cross-functional team environment and interact with senior risk management staff, line of business management, Internal Audit, Legal, Compliance personnel, and all levels of Bank staff.

• Demonstrate a willingness to be a contributing and engaged member of the team by sharing knowledge, working towards common goals and maintaining a positive attitude.

• Acts as a cultural ambassador to internal and external clients, providing a professional, exceptional, and supportive experience with each interaction.

Minimum Qualifications

• 8 years of financial services experience

• 8 years of information security, IT/IS auditing, IT/IS risk management and/or IT/IS bank management experience

• 4- year Undergraduate Degree (e.g., BS or BA) or equivalent combination of education and experience

• Knowledge of banking laws or regulations, constructing bank policies, generally accepted operating procedures, and internal controls.

• Advanced communication skills, with the ability to communicate effectively at all levels of the Bank.

• Strong analytical and planning skills, critical-perceptive judgement, and creativity in identifying and solving complex issues.

• Proficient in Microsoft Office suite.

Preferred Qualifications

• CISSP, CISM, CompTIA Security+, or other security/technical certifications.

• Self-motivated with action and results delivery orientation; demonstrated initiative and accountability by willingness to assume additional duties other than assigned.

• Consult, facilitate and build relationships in order to foster partnership, collaboration & teamwork across all levels of the organization.

• Works independently and with others to identify issues and develop solutions.

• Demonstrates strong interpersonal and written/ verbal communication (listening, confidence, professionalism, persuasion) with individuals across all levels of the organization.

• Resourceful and flexible with regard to shifting priorities, new demands and challenge.

Our Way

Preserve and enhance our culture in which the values of honesty, integrity, confidentiality, trust and respect are the underlying principles by which we work

Make a meaningful difference in our community through our service and financial support

Maintain a safe and sound institution that operates in conformity with the spirit as well as the letter of all applicable laws, rules and regulations, and to maintain open and forthright communication with our regulators

Benefits

You will have the opportunity to participate, subject to the terms and conditions of the respective plans, in a comprehensive package of benefits. As a highlight:

• Eligibility for health, dental, vision, life and disability insurance coverages

• Retirement Plan - 401k with matching

• ESOP- Employee Stock Ownership Plan

• Time away from work – vacation time, sick time and holidays

• Paid parental leave

• Tuition Assistance

• Professional development opportunities

THE BANK OF TAMPA IS AN EQUAL OPPORTUNITY EMPLOYER

A DRUG FREE WORKPLACE

E-VERIFY EMPLOYER

Company Description

A best-in-class city that attracts best-in-class talent, Philadelphia is an incredible place to build a career. From our thriving arts scene and rich history to our culture of passion and grit, there are countless reasons to love living and working here. With a workforce of over 30,000 people, and more than 1,000 different job categories, the City of Philadelphia offers boundless opportunities to make an impact.

As an employer, the City of Philadelphia values inclusion, integrity, innovation, empowerment, and hard work above all else. We offer a vibrant work environment, comprehensive health care and benefits, and the experience you need to grow and excel. If you’re interested in working with a passionate team of people who care about the future of Philadelphia, start here.

What we offer

• Impact - The work you do here matters to millions.
• Growth - Philadelphia is growing, why not grow with it?
• Diversity & Inclusion - Find a career in a place where everyone belongs.
• Benefits - We care about your well-being.

Agency Description

The Office of Innovation & Technology (OIT) is the central IT agency for the City of Philadelphia headed by the Chief Information Officer (CIO). OIT oversees all major information and communications technology initiatives for the City of Philadelphia - increasing the effectiveness of the information technology infrastructure, where the services provided are advanced, optimized, and responsive to the needs of the City of Philadelphia’s businesses, residents, and visitors. OIT responsibilities include: identifying the most effective approach for implementing new information technology directions throughout city government; improving the value of the city’s technology assets and the return on the city’s technology investments; ensuring data security continuity; planning for continuing operations in the event of disruption of information technology or communications services; and supporting accountable, efficient and effective government across every city department, board, commission and agency.

In partnership with the Office of the Chief Administrative Officer (CAO) and the Office of the Director of Finance, the Office of Innovation and Technology (OIT) is undertaking a major Citywide project to modernize core financial, grants, procurement, and supply chain business processes. This project (Optimize Procurement and Accounting Logistics Enterprise Resource Planning and Data Warehouse/Business Intelligence Tool, or “OPAL ERP and DW/BI project”) will replace the existing General Ledger and Procurement systems (i.e. FAMIS, ADPICS, ACIS, PHLContracts, etc.) that support these business processes and will enable the City to realize benefits such as reducing transaction processing time and effort, providing better access to information for reporting and analysis, and making it easier to onboard new employees into these functions.

• Gather and document security and access control requirements.
• Meet with functional areas to understand desired controls, segregation of duties and data access requirements.
• Document role-based security profiles for each functional area including require functions and data access for each role.
• Participate in discovery activities with the ERP vendor(s) and share documented requirements.
• Work with functional areas to refine requirements as needed based on future ERP system capabilities and vendor recommendations.
• Learn ERP system functionality including security and access control capabilities.
• Participate in training sessions.
• Review and understand system documentation.
• Configure and deploy security and access controls.
• Participate in development activities when required by ERP vendor(s)
• Validate decisions made by ERP vendor(s) match requirements.
• Document configurations to facilitate future support of access controls and security.
• Participate in other required activities to meet delivery schedule.
• Execute and document unit test cases.
• Develop test cases based on required controls, segregation of duties and data access.
• Validate test cases with functional areas.
• Perform and document testing activities and share results with ERP vendor(s).
• Provide weekly tasks reports to development leads.
• Update and maintain access profiles as needed for any changes in application.
• Prepare for software updates and identify required testing scenarios.
• Review system enhancements and documentation as they are released by the vendor(s).
• Participate in regression testing efforts.
• Monitor system security and access controls.

Required Qualifications

• Completion of a Bachelor's or Master’s degree in information systems, computer engineering, or a related field or equivalent experience.
• 2 – 5 years of experience with ERP systems (Workday), workflows and system security.

Preferred Qualifications

• Experience with implementing ERP and/or DW/BI solutions strongly preferred.

TO APPLY: Interested candidates must submit a cover letter, writing sample, references and resume.

Salary: $90,000

Did you know?

• We are a Public Service Loan Forgiveness Program qualified employer
• 25% tuition discount program for City employees (and sometimes spouses and dependents as well) in partnership with area colleges and universities
• We offer Comprehensive health coverage for employees and their eligible dependents
• Our wellness program offers eligibility into the discounted medical plan
• Employees receive paid vacation, sick leave, and holidays
• Generous retirement savings options are available

The successful candidate must be a city of Philadelphia resident within six months of hire

Effective May 22, 2023, vaccinations are no longer required for new employees that work in non-medical, non-emergency or patient facing positions with the City of Philadelphia. As a result, only employees in positions providing services that are patient-facing medical care (ex: Nurses, doctors, emergency medical personnel), must be fully vaccinated.

The City of Philadelphia is an Equal Opportunity employer and does not permit discrimination based on race, ethnicity, color, sex, sexual orientation, gender identity, religion, national origin, ancestry, age, disability, marital status, source of income, familial status, genetic information or domestic or sexual violence victim status. If you believe you were discriminated against, call the Philadelphia Commission on Human Relations at 215-686-4670 or send an email to [email protected].

For more information, go to: Human Relations Website: http://www.phila.gov/humanrelations/Pages/default.aspx

What’s so interesting about this role?

As we enter our second year as a public company, Grindr is building on the success we’ve had over our 15-year history in connecting, supporting, and improving the lives of the LGBTQ+ community globally.

As the Director of Cybersecurity at Grindr, your primary focus would be to safeguard the platform's integrity, user data, and privacy while fostering a secure environment for the LGBTQ+ community. Grindr, as a leading social platform for millions of users worldwide, has a unique responsibility to protect its user base from potential threats, given the sensitive nature of the data exchanged on the platform. A successful candidate will bring a strong background in cybersecurity strategy, risk management, and privacy advocacy, ensuring that Grindr remains not only a safe space but also a leader in digital safety for its community.

About Grindr

Grindr is building the global gayborhood in your pocket. With more than 13.5 million monthly active users, Grindr has become a fundamental part of the LGBTQ+ community and is charting a path to make the world more free, equal, and just. Since 2015, Grindr for Equality has advanced safety, health, and human rights for millions of Grindr users and the global LGBTQ+ community in partnership with more than 100 community organizations in every region of the world.

Our next evolution is underway as a public company that continues to grow and build meaningful experiences for our users. From social issues to product innovations, we're setting audacious goals for our community and the business, and leveraging the latest tech stacks and a culture of engineering excellence to make it happen. At the heart of our work in this new chapter is a shared set of operating principles centered around cultivating curiosity, thinking big, setting and expediting our ambitious goals, and growing through iteration; all while keeping our users #1.

Grindr is headquartered in West Hollywood, California, with offices in the Bay Area, Chicago, and New York.With a track record of strong financial performance and plans for continued headcount growth, we’re building a team of talented, passionate, and open-minded people who want to disrupt the dating app space, innovate products, and advance LGBTQ+ culture. Come be a part of this exciting journey with us.

• Implementing and maintaining a cybersecurity program that aligns with business objectives as well as industry-leading frameworks and best practices.
• Leading a team focused on maintaining a risk management program for the company that covers cybersecurity and other critical operations of the business.
• Designing, implementing, and maintaining a robust vulnerability and patch management program that covers all company data assets.
• Ensure that emerging threats are understood and assessed for potential impact and loss of function to our business operations.
• Maintain compliance with multiple regulations and frameworks such as SOX and NIST-Cybersecurity framework, specifically.
• Lead efficient and proactive communications with stakeholders to ensure clarity and alignment on cybersecurity efforts and priorities.
• Collaborate with external auditors and stakeholders to ensure alignment with large compliance efforts.
• Managing an enterprise budget for cybersecurity tools and resources including forecasting and planning.
• You will help to foster diverse thoughts and ideas among your team. Becoming a key part of Grindr’s engineering culture of diversity.

What We'll Love About You

• You have at least 7+ years of experience in leading or managing a program + teams of engineers and enjoy a player-coach role. You can coach and mentor other engineers on best engineering practices as well as their careers!
• Demonstrated knowledge of security technologies, threat analysis, incident response, and security architecture.
• In-depth knowledge of relevant regulations, including Sarbanes-Oxley (SOX), HIPAA, PCI-DSS, and GDPR.
• Strong understanding of business operations and risk management principles.
• Ability to work with product partners to build user-facing safety features, enhance safety protocols, and develop automated tools that address Trust & Safety needs.
• Demonstrates ability to identify safety gaps in new products and define scalable solutions that protect users.
• Strong understanding of cloud platforms, AWS & GCP preferred.
• Deep knowledge of modern deployment pipelines and experience with implementing security controls into the SDLC, GitHub Actions, and Terraform modules are preferred.
• You have been working closely with various levels of business stakeholders, from the C-Suite, VP level, and down, and understand value alignment.
• You have excellent communication, presentation, and documentation skills with the ability to define and communicate the \“big picture\” to key stakeholders at various levels.
• You enjoy working in an in-office environment and collaborating face-to-face with engineers at least 2 days per week.

We'll Really Swoon If You Have

• Experience working within the social networking or dating industry would be a plus.
• Knowledge of Terraform, Helm, Ansible, Chef, Cloudformation, and/or other configuration management tools.
• Experience leading employees through security training and awareness.

This is a hybrid role based in our Chicago or San Francisco offices and will require you to be in the office on Tuesdays and Thursdays.

What you'll love about us

• Mission and Impact: Grindr is building the global gayborhood in your pocket. Your role will impact the lives of millions of LGBTQ+ people around the world. Through our success, we are making a world where the lives of our community are free, equal, and just.
• Family Insurance: Insurance premium coverage for health, dental, and vision for you and partial coverage for your dependents.
• Retirement Savings: Generous 401K plan with 6% match and immediate vest in the U.S.
• Compensation: Industry-competitive compensation and eligibility for company bonus and equity programs.
• Queer-Inclusive Benefits: Industry-leading gender-affirming offerings with up to 90% cost coverage, access to Included Health, monthly stipends for HRT, and more.
• Additional Benefits: Flexible vacation policy, monthly stipends for cell phone, internet, wellness, food, and commuting, breakfast/lunch provided onsite, and yearly travel & leisure stipend.

Grindr is an equal-opportunity employer

To learn more about how we handle the personal data of applicants, visit our Employee and Candidate Privacy Policy.

#LI-Hybrid

Grindr is committed to fair and equitable compensation practices. This base pay range is for the U.S. and is not applicable to locations outside of the U.S. The actual base pay is dependent upon many factors, such as training, transferable skills, work experience, business needs, location, and market demands. The base pay range is subject to change and may be modified in the future. This role will also be eligible for equity, benefits, and a company bonus program.

Chicago Base Pay Range

$218,500 — $257,000 USD

Bay Area Base Pay Range

$249,000 — $293,000 USD