SSUSA Job #687: Director of Info Security & Corporate Contingency Planning

Job Description






Director Information Security & Corp Contingency Planning





Establish security policies and standards for use of corporate technology/computers.  Liaison to business areas in establishing security of business applications and third party connectivity.  Evaluate where encryption or other security measures are necessary.  Oversee management of data security group in the enforcement of security policies, standards and access control management.  Evaluate all technology platforms such as Windows servers and workstations, UNIX, databases, programming code, storage networks, routers, switches, voice systems and recommend configurations/standards that provide security, privacy of customer data,  and compliance with regulations and laws.  Collaborate with other IS Directors to ensure the enforcement of these configurations and standards on these platforms.  Oversee IT compliance by interpreting new regulations and laws that affect information technology, information security, information privacy or business continuity and assessing current level of compliance to determine what must be implemented to meet new IT regulatory requirements. Manage IT compliance with FFIEC/OCC, Federal Reserve and CFPB guidelines, GLBA, NYS Information Security Breach Act and other breach laws, FACT Act and FTC.  Liaison to federal regulators, external auditors and internal auditors.  Coordinate all data gathering and system testing needed for examinations and audits.  Set technology direction for enforcing security via firewalls, content filtering, load balancers, intrusion detection/prevention systems, anti-virus, certificate servers, desktop firewalls, and vulnerability scanners.  Investigate reported information security violations by determining causes, possible solutions and remedial actions required, and determine and communicate the effect on bank programs.  Communicate Information Security and Business Continuity status to senior management, executive management and the Board of Directors.  Manage the Business Continuity/Disaster Recovery process to provide for the survivability of the organization in case of an unavailability of corporate information, systems, buildings or personnel. Meet with Executive and Senior Management, IS Management, and business department to establish a business impact analysis and recovery requirements.  Develop testing strategies to practice simulated recoveries within required timeframes.  Establish policies and parameters for backing up data and applications.  Develop record retention policies for backup data and determine necessary procedures and technology to comply with privacy guidelines.  Ensure compliance with all regulations, policies, and procedures.  Perform additional accountabilities as required.






  • 8 - 10 years’ experience in Information/Cyber Security preferred

  • Departmental management experience in a programming environment such as Information Security or  management experience in an Information Technology environment preferred

  • Experience in dealing with outside vendors and/or consultants preferred

  • Security certifications (CISSP, CISM) preferred

  • Related Bachelor's degree preferred

  • Knowledge of programming with an emphasis on object oriented languages in a client/server environment preferred

  • Knowledge of Database (Oracle,  SQL, SyBase) and UNIX Systems preferred

  • Proficient with the development and recovery of UNIX and database systems and client server and desktop

SEND YOUR RESUME IN CONFIDENCE                                                    TO CLIFF@SSUSA.COM                                                         

Job Location
Great Neck, NY

Position Type