Deputy CISO Job Listing at Valley Bank in New York, NY (Job ID 24-936)

Description

Responsibilities include but not limited to:

• Strategy - Planning: Work with the CISO to develop and implement an information security strategy that aligns with organizational priorities.
• Oversee the implementation and execution of security standards and policies.
• Develop operational-level roadmaps and execute improvement plans for underperforming security areas.
• Maintain security policy review processes and ensure compliance with laws, regulations, and regulatory guidance.
• Support compliance improvements by furnishing information relevant for audit activities and directing compliance issues to appropriate resources.
• Define local-level KPIs and collect and report necessary metrics to CISO and executive management.
• Communicate identified threat information to Division BISO and Enterprise levels.
• Support implementation and execution of the security control framework.
• Direct Areas of Responsibility: Direct oversight for a team of Business Information Security Officers aligned to key business areas to ensure consistent and high-quality information security management in support of business goals.
• Business Engagement Alignment: Determine information security approach and operating model in consultation with key stakeholders.
• Work effectively with business units to facilitate information security risk assessment and risk management processes.
• Create necessary internal networks to ensure alignment as required.
• Build out appropriate business engagement model and support functions.
• Ensure security is embedded in the project delivery process.
• Liaise with the enterprise architecture team to build alignment between the security and enterprise architectures.
• Define and Implement Information Security Frameworks: Create and manage a unified and flexible, risk-based control framework to integrate and normalize the wide variety and ever-changing requirements.
• Develop and maintain a document framework of continuously up-to-date information security policies, standards, and guidelines.
• Create a framework for roles and responsibilities with regard to information ownership, classification, accountability, and protection of information assets.
• Facilitate a metrics and reporting framework to measure the efficiency and effectiveness of the program.
• Thought Leadership: Build and nurture external networks to address common trends, findings, incidents, and cybersecurity risks.
• Liaise with external agencies to ensure the organization maintains a strong security posture.
• Participate in leading industry forums and consortiums to represent business interests and set standards/practices.