At ServisFirst, Our Name is Our Mission.
DUTIES AND RESPONSIBILITIES
The Information Security Officer (ISO) provides the vision and creates the strategies necessary to ensure the confidentiality, integrity, and availability of ServisFirst’s electronic information. The ISO communicates risk to senior administration and ensures compliance with regulatory requirements. The ISO coordinates with other departments for evaluation, procurement and deployment of security-related products and education on information security awareness. Additionally, the ISO ensures the Bank’s system-wide disaster recovery and incident response plans are in place.
The incumbent will:
- Create information security strategies in support of the Bank’s goals.
- Direct an ongoing risk assessment program for new and existing systems within the Bank
- Present recommendations to mitigate risks in cost-benefit terms to senior administration
- Oversee activities related to the development, implementation and maintenance of the Bank’s information security procedures
- Ensure vulnerabilities are managed by directing periodic vulnerability scans of servers connected to the Bank’s networks.
- Maintain a strong knowledge of privacy laws, such as GLBA, SB1386, SOX
- Develop information security awareness training and education programs to present to Bank employees and Bank customers
- Ensure sufficient resources are allocated to projects and provide periodic budget reports to the Chief Information Officer.
- Proactively prevent potential disaster situations by ensuring proper protections are in place, such as intrusion detection and prevention systems, firewalls and effective physical safeguards
- Evaluate security incidents and determine what response is needed
- Remain competent and current through self-directed professional reading, attending professional development courses, training and conferences and obtain certifications relevant to job duties as directed by the supervisor
- Contribute to the overall success of the Bank by performing all other duties and responsibilities as assigned.
Note: Reasonable accommodation may be made to enable otherwise qualified associates/applicants with disabilities to perform the essential functions of the job.
- Bachelor’s degree in Management Information Systems or related degree
- Eight (8) years of varied information technology experience is required, including computer and networking infrastructure, operating systems, application software development, project management, regulatory compliance, risk management and providing training
- Two (2) years of direct experience in information security-related duties is required.
- Experience in a Bank setting is preferred.
- Experience managing multiple concurrent projects with analytical reasoning
- Experience with business continuity planning, auditing, and risk management, as well as contract and vendor negotiation
- Ability to lead teams effectively and train people possessing differing levels of technical knowledge.
- Possess effective verbal and written communication skills and proficiency in writing technical specifications.
- Strong presentation and project documentation skills
PHYSICAL REQUIREMENTS AND ENVIRONMENTAL CONDITIONS
The physical requirements and environmental conditions of this position consist primarily of:
- Sustained standing and sitting
- Frequent use of PC, including typing or sustained attention to monitor
- Occasional presentations requiring public speaking to small groups
- Occasional lifting of basic office files or equipment up to 20 lbs
- Normal office environment with comfortable internal temperatures and low level noise