• Developing, implementing, and monitoring of the organization's Information Security and Third Party Risk Management Programs.
• Ensuring the Bank's information security practices follow state/federal laws and regulations, as well as industry best practices.
• Working with management to understand the flows of information, the risks to that information, and the best ways to protect the information.
• Overseeing outsourced penetration testing to identify flaws, collaborating with Management and IT to improve security.
• Responsible for the oversight of identified vulnerabilities and working with the IT Department to resolve them, ensuring that our network and data remain secure.
• Performing risk assessments, analyzing business impacts, and providing education to employees and the Board of Directors as needed or when appropriate.
• Manage security training modules, ensuring all employees complete assigned trainings and monitor phishing testing and alerts from our security education vendor.
• Review messages held by the Proofpoint system for sensitive data and follow up as needed.
• Updating Information Security Program and Information Security Risk Assessment for review/approval by the Board Technology Committee.
• Assist IT Manager with review/update of the Wide Area Network (WAN) Services Policy and Computer and Cyber Security Incident Response Plan.
• Track IT’s internal monitoring procedures to ensure they are updated at least annually.
• Review vendor SOC Assessments for the Bank’s third parties.
• Review and work with Compliance on GLBA, Red Flags, and IT Controls risk assessments for updates and ensure assessments are completed, ensure residual risks match Bank’s ERM Analysis.
• Present pertinent information security items to the quarterly Board Technology Committee, including reports on Admin passwords and patch management.
• Present ISO/Red Flags Report, which summarizes the key items in the Bank’s information security program, to the Audit Committee annually.
• Work with IT to complete the Cyber Security Self-Assessment Tool annually.
• Maintain the original contract files and ensure records and files are all uploaded accurately in the System.
• Onboard new vendors into the System.
• Review Risk Assessments, complete Due Diligence and Questionnaires.
• Upload contracts into the System.
• Oversight management of policy settings within the System.
• Manage the review and updates of the Bank’s Third-Party Risk Management Policy and Program.
• Monitor vendor Service Level Agreements.
• Information Security Privacy includes SOC & Cybersecurity assessments.
• Setup Workflows to communicate with Department and Branch Managers.
• Review alerts and pull management reports from the System.
• Promote and train on the TPRM Program with Department Managers, Branch Managers, Executive Team and Board of Directors.
• Provide support in regulatory audits & examinations.
• Review auditor and examiner findings to draft responses with proposed timelines.
• Maintain the safety, integrity, and confidentiality of customer and Bank information.
• Help maintain a safe and secure work environment.
• Build, develop, and maintain partnerships with teammates and other departments to maximize effectiveness.
• Regular and reliable attendance.
• Comply with all applicable policies and procedures as well as governing laws and regulations.
• Other duties as assigned.

Required Qualifications

• Bachelor's Degree in Computer Science, Management Information Systems, Cybersecurity; or CISSP, CISA, CISM, CISO or similar certification; or at least 3 years equivalent applicable experience in an information security role (Required)

Preferred Qualifications

• Third Party Risk Management experience; CTPRP or similar certification preferred
• Project Management background or skills
• Strong knowledge of banking policies, procedures, and bank products/services
• Experience working in a highly regulated and policy driven work environment
• Experience operating Windows based PC with Microsoft Applications including Word, Excel, and Outlook.
• Experience with general office equipment such as copier, scanner, fax, 10-key, filing systems.
• Proficient knowledge of basic addition and subtraction.

Attributes:

• Ability to build and maintain relationships with branch team members and vendors
• Excellent customer service skills
• Dedication to organization’s goals, objectives, cultural values, mission, and vision
• Enjoy working in a diverse team environment
• Works well with individuals and groups at all organizational levels
• Strong leadership, interpersonal, and written and verbal communication skills
• Adaptable to change, self-motivated to create opportunities for learning
• Applies strong critical thinking and problem-solving skills
• Ability to communicate effectively in writing and verbally
• Ability to prioritize tasks using strong time-management
• Ability to work accurately with close attention to detail
• Exhibit a professional, business-like appearance and demeanor

Benefits

Citizens Bank offers competitive compensation and outstanding benefits:

• Medical, Dental, and Vision Insurance
• 401(k) with Employer Matching
• Employee Assistance and Wellness Program
• Life, Short-term and Long-term Disability
• Up to 11 Paid Holidays
• Health and Dependent Care Reimbursement Accounts
• Paid Time Off; Paid Family Leave
• Banking Privileges

Working Conditions

• Climate controlled office environment.
• May be exposed to outside climate conditions and/or required to wear protective devices during site visits.
• Work involves being able to concentrate on the matter at hand, under sometimes distracting work conditions.
• Frequent employee and customer contacts and interruptions during the day.
• Work requires willingness to work flexible schedule which may require evening work.

Physical Requirements

• Work may involve the constant use of computer screens, reading of reports, and sitting throughout the day.
• Ability to operate a computer keyboard, multi-line telephone, photocopier, scanner, facsimile, which requires dexterity of hands and fingers.
• Typically sitting at a desk; intermittently standing, stooping, bending.
• Occasional lifting 10 - 20 lbs. (files, boxes).

Disclaimer

Citizens Bank is an Equal Opportunity and Affirmative Action employer and is committed to employing a diverse workforce. Qualified applicants will receive consideration without regard to race, color, religion, sex, pregnancy, national origin, age, sexual orientation, gender identity, military or veteran status, or disability. All offers are contingent upon the candidate successfully passing a credit check, criminal background check, and pre-employment drug screening, which includes screening for marijuana. Citizens Bank is a federally regulated banking institution. At the federal level, marijuana is an illegal Schedule I drug; therefore, we will not employ any person who tests positive for marijuana, regardless of state legalization.