Director of Information Security
Responsible for developing, implementing, administering, training and maintaining all aspects of the Information Security Program and related IT risk management programs. Provide risk-based thought leadership and support to the Board of Directors, Senior Management and EagleBank personnel on security direction and resource investments and appropriate policies to manage information security and cybersecurity risks.
- Ensures risk assessments are conducted that evaluate information and cybersecurity risk and the design and operating effectiveness of controls/mitigants in compliance with regulatory guidance, laws and regulations..
- Monitor/test information and cybersecurity controls/metrics/information to provide assurance of adherence to policies, procedures, standards and guidelines and identify emerging risks.
- Provide guidance and expertise to bank departments relating to information and data protection, including participation on new bank initiatives/projects, third party/vendor assessment, disaster recovery and business continuity planning.
- Investigate, coordinate and respond to information security breaches/incidents, industry alerts, industry surveys and coordination and/or participation in information security-related exercises. Identify, analyze and implement, if necessary, required changes to the Bank’s policies, procedures, standards and guidelines.
- Administer an effective information security training program to promote and communicate awareness throughout the entire organization.
- Facilitate regulatory and other external examinations relating to information security and cybersecurity.
- Assist in special projects required by the Board and/or senior management.
- Requires solid knowledge of laws and regulations relating to information security, including hands-on experience implementing security frameworks and implementing policies and standards.
- Experience with risk assessment and risk mitigation.
- Strong leadership skills including the ability to manage projects, build teams and lead change.
- Supervisory experience.
- Ability to drive positive tone at the top
- Ability to use MS Office tools or other security systems for analysis and report writing.
- Strong knowledge or technology environments, including information security, cyber security and defense in-depth solutions.
- Travel, as required.
- Ability to lift 10-15 pounds.
- Highly motivated, self-driven individual who can think strategically, operate independently and take accountability for the function.
- Ability to implement and administer programs designed to carry out Board and regulatory expectations.
- Ability to anticipate risks.
- Must be well organized.
- Strong interpersonal and management/supervisory skills.
- Ability to maintain a high level of diplomacy and integrity.
- Ability to interact, motivate, collaborate and influence others, both internally and externally.
- Must have the ability to multi-task in a fast paced environment and focus on most impactful activities.
- Strong oral and written communication skills when interacting with internal and external clients.
- Strong analytical, critical thinking and problem solving skills.
- Demonstrated use of analytical and critical thinking skills.
- Demonstrates a commitment to Relationships FIRST in all areas of job performance.
EagleBank promotes an equal employment opportunity workplace which includes reasonable accommodation of otherwise qualified disabled applicants and employees.
- Bachelor’s degree in computer science, information technology, cybersecurity or a related field.
- CISSP or CRISC certification required. Ideal candidate will have both.
- Minimum of 10 years of experience in a similar or related role.