The Senior Information Security Compliance Specialist provides innovative insight and direction on the Information Security Governance, Risk and Compliance Program and maximizes effectiveness within methods and approaches to ensure implementation of appropriate security policies, procedures and controls that comply with regulatory standards and mitigate risk for the organization.
Duties and responsibilities include:
Governance and Compliance
Support the development and design of information security program, policies, procedures and controls to assure compliance with applicable regulatory and legal requirements as well as good business practices and coordinate with all teams to synergize deliverables across all divisions to ensure appropriate implementation and minimize business disruption
Coordinate IT General Controls (ITGC) and compliance testing activities and communications with the internal and external auditors and assessors.
Provide recommendations on applicable security controls to strengthen technology solutions, support and follow-up to ensure appropriate and adequate controls are maintained and adhere to FFIEC Guidelines SOX and Privacy regulatory requirements.
Ensure compliance with FFIEC, GLBA, SOX and other industry specific regulations.
Perform the annual Information Security and GLBA Risk Assessments while implementing improvements to the current process.
Coordinate Cybersecurity Self Assessments and provide recommendation for improvements.
Back-up Chair of the Change Advisory Board (CAB) and manage Requests for Changes (RFC’s) throughout the change process life cycle.
Functional Skills & Knowledge:
Excellent planning and time management skills.
Exceptional analytical and problem solving skills, attention to detail, wide knowledge of technology, security compliance and regulatory standards.
Demonstrated ability to apply analytical skills in dealing with issues that are not readily defined or that conflict with available information.
Minimum Education and /or Certifications:
Bachelors’ Degree in Computer Science, Information Technology, Management Information Systems or similar discipline. PMP, CGEIT, CRISC, CISA, CISSP. ITIL or equivalent Information Technology audit or security certifications a plus.
Candidate must be knowledgeable and competent in assessing, controlling and managing a variety of risks, with experience in risk exposure identification, risk evaluation, and risk control. Thorough knowledge of the Banking industry policies & procedures as well as applicable banking regulations is desired.
Minimum Work Experience Requirements:
Minimum five years of IT Risk Management, IT Audit and or IS Compliance. Minimum two years work experience in IT and information security, access management or technical support.
Minimum five years’ experience policy, procedure, and standards development for a large IT environment and in Information Security, Governance & Compliance, Auditing or related disciplines.
Technical and/or Essential Knowledge:
Extensive knowledge of Information Security standards and best practices.
Computer literate with proficiency in Microsoft Office and Microsoft Project Microsoft Office, Information Security, GRC Platforms experience
Knowledge of COBIT and COSO and Sarbanes Oxley legislation and impact, and other regulations.
Extensive understanding of IT and Security impacting banking regulations and standards such as GLBA and PCI.
An understanding of financial services industry core banking applications and systems.
Physical Demands: Air-conditioned office. Sitting at workstation 85%; lifting and carrying equipment 5% of the time.
This position requires some weekend and evening assignments as well as availability during off-hours for participation in scheduled and unscheduled activities.
Employer does not assist with relocation costs.
Internal Number: 411
About Amerant Bank
Amerant Bank, N.A., the largest community bank headquartered in Florida, is a wholly-owned subsidiary of Amerant Bancorp Inc. (NASDAQ: AMTB and AMTBB).
For almost 40 years, the Bank has developed strong community relationships, always adapting to our customers' lives and specific needs, in a dynamic and positive way.
The Bank provides individuals and businesses with deposit and credit products, as well as wealth management services through its investment and trust subsidiaries, Amerant Investments, Inc. and Amerant Trust, N.A.
Headquartered in Coral Gables, Amerant operates 23 banking centers – 15 in South Florida and 8 in Houston – as well as commercial real estate loan production office in Manhattan, New York and a loan production office in Dallas, TX.
Twitter: @AmerantBank and @AmerantBankES (Spanish)
Instagram: @Amerant Bank
Facebook: Amerant Bank