Website Central Pacific Bank
Where People Like Banking
Responsible for developing and maintaining information security risk management processes that are clear and understandable, workable, up-to-date, and reflect regulatory and CPB-specific requirements and issues. Keep up with current laws, regulations and compliance issues which affect all phases of information security. Work closely with Legal/Compliance and proactively involve other departments that have a stake in the development of specific information security risk management processes. Assist in communicating such processes throughout the system, including holding training sessions where appropriate. Assist with the planning, coordinating, implementation, and management of security measures that manage risks to computer systems and data, to prevent unauthorized modification, destruction, or disclosure of information, including outsider service providers. Analyze and appraise new products and/or systems for security weaknesses and provide measures to prevent exposure and loss.
- Develops and updates information security risk management processes. Uses research, analysis, and sound judgment and tailors unique information security practices to fit particular bank needs. Performs risk analyses pertaining to the security needs of the bank and prepares recommendations based on risk/exposure versus cost. Prepares and presents research findings in written and/or oral form. Presents objectives, alternatives, risk analyses, and cost/benefit analyses.
- Assists the Information Security Manager with the planning and directing of information security activities of the bank to ensure compliance with internal/external audits, and to federal and State regulations, which include FDIC, relevant sections of the Gramm-Leach-Bliley Act (GLBA), and Sarbanes-Oxley Act Section 404 provisions.
- Maintains an outward-facing and forward-looking view to provide solutions to ensure that the bank’s Information Security Program is current and relevant. Keeps up with new regulations with assistance from Legal/Compliance, gathers concerns from the Information Security Manager, and other managers, and periodically assesses existing risk management processes to determine what needs to be changed and makes corresponding changes.
- Designs, implements, and manages Information Security data identification, aggregation, analytics, and validation to meet department goals.
- H.S. Diploma required.
- Bachelor’s Degree from an accredited 4-year university in the field of Audit, MIS, or Computer Science is preferred.
- CISSP or CISA certification.
- 6+ of previous experience and working knowledge in information security, audit, controls, and regulations & privacy laws pertaining to release of information, and security & access control technologies.
- 2+ years of previous data processing or analytics and related technical experience
- Multi-tasking individual with strong project management and communication skills.
- Excellent written and verbal skills.
- Advanced ability in the use of the PC and MS Office.
We are proud to be an EEO/AA employer M/F/D/V. We maintain a drug-free workplace and perform pre-employment substance abuse testing.
To apply for this job please visit workforcenow.adp.com.