Information Security Officer

Position

Information Security Officer

Open / Some travel (MS)

Oversee the establishment and maintenance of the enterprise information security program and cybersecurity strategy to ensure information assets and technologies are adequately protected.

The Citizens Bank opened in 1908 in Philadelphia, MS, and it quickly earned a reputation for safety, confidence, honesty, integrity, and hard work. Throughout its history, the bank held steadfast to its commitment to be a bedrock partner to the communities it serves. Today, still grounded in the principles on which we were founded, our bank serves the state of Mississippi through 26 branch offices and beyond with its digital and mobile banking solutions.

Our high-tech, high-touch approach to full-service banking helps us provide the products and services of larger banks, but with a level of service that only a community bank committed to extraordinary service can provide. We’re different. We appreciate and respect our past, but our sights are clearly set on building an even better bank for the future, and it starts with our people.

Our commitment to making the bank a great place to work is woven into the fabric of our core values - SERVE.

• Implement appropriate mitigating countermeasures to control risks to information technology at an acceptable level.
• Manage vendor management process.
• Develop cybersecurity/information security policies.
• Develop and maintain the Information Security Program.
• Develop and manage Cybersecurity Awareness Program.
• Develop and maintain the Incident Response Plan.
• Oversee managed security service provider relationships.
• Research new technologies that the bank may utilize regarding cybersecurity.
• Oversee Business Continuity Planning and Testing.
• Perform technology/cybersecurity related risk assessments.
• Review security reporting from managed security service providers.
• Provide information and cybersecurity status reports to the Board regularly.
• Assist users with IT related security issues and security awareness, as necessary.
• Review and document daily security related logs.
• Ensure vulnerability and threat management functions are performed.
• Validate patch management results across all platforms in a timely manner.
• Validate configuration of firewalls, VPN, content filtering, and other access control devices.
• Monitor internal controls to ensure that appropriate information access levels are maintained across all systems and applications according to least privilege access.
• Oversee cybersecurity related information sharing with peer groups and governmental agencies, as required.
• Serve as a member of IT Steering Committee, Model Risk Management Committee, and other groups/committees within the bank, as needed.
• Other duties as required by supervisory personnel.

• 5-7 years or more successful experience within Information Security and/or Cybersecurity function of an FDIC or similarly regulated banking environment.
• Broad knowledge of enterprise cybersecurity, information security, and risk/audit.
• Exceptional Verbal and Written Communication Skills.
• Exceptional analytical skills, with the ability to analyze new and existing technology.
• Demonstrated experience in the use of judgment and initiative in making decisions for which there is little precedent.
• Demonstrated experience in the formulation of information security and cybersecurity programs and policy development.
• Demonstrated experience in the development and maintenance of incident response plans, BCPs and vendor management policies.
• Bachelor's degree in computer science, information technology or related field.
• CISM, CISA or CISSP certification preferred.

VEVRAA Federal Contractor