Information Security Officer

Summary Description nbkc bank is currently looking for an Information Security Officer to join our Risk Management team.
As the Information Security Officer, you'll manage the bank's information security risk program, making sure it's aligned with industry best practices and regulations.
You'll work with the IT, compliance, and risk management teams, handle IT risk assessments, and lead business continuity and incident response efforts.
We're looking for someone with 5 years of experience in information security leadership, certifications like CISSP or CISA, and a strong understanding of cybersecurity and regulatory frameworks.
This position will work Flex (a combination of both in the office and at home) based out of our Kansas City, MO office.
Interested in learning more?
Check out more details below.
What you'll do Responsible for the ongoing development and maintenance of the Bank-wide information security risk management program incorporating interagency regulatory guidelines and industry best practices.
Works in conjunction with IT, Risk Management, Compliance, Auditing, and Physical Security Personnel to promote a cohesive ISP.
Ensures that all reasonable precautions are considered to protect all bank and customer information.
Conducts annual IT Risk Assessments and is responsible for ongoing board and committee reporting related to the Information Security Risk Management Program, including reporting residual risk levels.
Develop and lead processes supporting key privacy and cybersecurity laws and regulations, including (but not limited to) CCPA (and other US state privacy laws), GDPR, GLBA, and FTC Rules.
Leads the development, maintenance, training and testing of the Bank's business continuity/disaster recovery plans.
Responsible for all Vendor and Fintech partner Security Assessments and provider due diligence.
Responsible for the creation, implementation and management of a bank-wide incident response and reporting program.
This program should include the ongoing review/testing of incident notification channels and the training/testing of the overall program.
Works with insurance company and data breach coaches and acts a liaison with regulators on security incidents.
Responsible for documenting the Bank's information security risk appetite and cyber strategy.
Responsible for initial onboarding and ongoing training of Bank staff related to the Information Security Program, Business Continuity Plans and Incident Response Programs.
Conducts periodic phishing tests and counsels those employees failing the tests.
Responsible for sending periodic updates on security best practices, findings, etc.
to keep security top of mind for employee base In conjunction with IT Operations, reviews information systems and procedures to minimize the probability of security vulnerability.
Researches new security vulnerabilities, technologies and methods relative to environment.
Maintains ongoing Information Security calendar for oversight, review and testing required for the institution.
Responsible for the regular review of system reports to ensure appropriate controls over system changes, logical access to critical systems, remote access and patch management programs.
Provides oversight of the technical documentation for all areas within the Information Technology structure to meet regulatory requirements.
In addition, monitors and tests change-management for system platforms.
Follows all applicable laws and regulations.
Performs other duties and projects as assigned.
What you'll bring Bachelor's degree in business, Information Systems, Cyber Security.
or related field 5 years in an information security or cybersecurity leadership role with a focus on financial institutions preferred.
Certified Information Systems Security Professional (CISSP) or other relevant security industry certifications including but not limited to CISA, CISM, CRISC, CCSP, PCI-QSA, etc.
required Strong background in communication, negotiation, and leadership working with Senior Executives, Regulators, and Board of Directors Knowledge of information security management frameworks and regulatory bodies, such as FDIC, FFIEC, ISO/IEC 27001, ITIL, COBIT as well as those from NIST, including 800-53 and Cybersecurity Framework.
Extensive experience in strategic planning within the cyber security landscape Bonus points Master's Degree in Computer Science, Information Systems, or Cyber Security Experience with cloud security strategy, architecture and engineering Experience with Agile methodologies Extensive experience with Application Security, Threat Modeling, Penetration Testing or Vulnerability Management Experience leading and participating in enterprise wide technology and security projects Ability to gather user requirements and translate business processes into automation projects Self learner and resourceful to find solutions Sound judgment and decision-making abilities Strong business communication skills at an end-user and management level, both written and verbal Our Hiring Process After we review your application and feel you're a potential fit we will reach out with next steps.
We work hard to meet our candidates on their time- sometimes that's a phone screen, video interview, or even a cup of coffee before meeting our team.
We are committed to keeping you updated along the way.
What you'll love about us: Benefits & Perks: Choose from one of our multiple comprehensive health care plans that best suits you and your family where you are in life right now.
(HSA, FSA, PPO - we got you covered) Enjoy 4 weeks of paid time off, 11 paid holidays, Birthday PTO, and 8 paid volunteer hours per year Save more for your future with our 401k retirement savings plan with a generous match and immediate vesting from nbkc.
Now that's a sweet deal Spend time bonding with your family with paid parental leave options Care for your whole person with access to our EAP and behavioral health advocates Take advantage of our wellness programs which include a wellness reimbursement account and an on-site gym facility.
Flexible work options to allow you to do your job and live your life (Work-Life Integration for the win) Enjoy anniversary awards for your 3- and 5-year anniversaries (That's serious cash money towards your retirement account, student loan refinancing or your HSA).
Take a 4-week paid sabbatical for your 10-, 18-, and 25-year anniversaries About nbkc: nbkc isn't your average bank.
We take your traditional financial institution and make it better.
We know what we offer our customers is only as good as the people behind the scenes who keep it going.
That's why we make sure you're supported and encouraged along the way.
You'll work with some awesome, intelligent, and diverse people in a fun and forward-thinking environment and accomplish plenty of things you'll wanna brag about.
nbkc is deeply committed to diversity, equality, and inclusion in all its practices, especially when it comes to growing our teams.
We aim to build a company whose culture promotes inclusion and embraces how rewarding it is to work with employees from all walks of life.
nbkc has been proud to be recognized as one of Kansas City's Best Places to Work for 5 years by the Kansas City Business Journal.
We're pretty proud to work here and we know you will be too Join us to find out nbkc bank is an Equal Opportunity-Affirmative Action Employer - Minority/Female / Disability / Veteran / Gender Identity / Sexual Orientation LI-hybrid