Chesapeake Financial Shares, Inc.

  • Information Security Officer

    City, State US-VA-Kilmarnock or Williamsburg
    Address
    35 School Street or 1229 Lafayette Street Suite 201
    Category
    Information Technology
  • Overview

    Chesapeake Bank is seeking a highly qualified individual for the key role of Information Security Officer.

     

    The ideal candidate has multiple years’ experience managing Information Security in banking or other regulated field. The Information Security Officer (ISO) will work directly for the Chief Information Officer and closely alongside the IT Manager and other department heads.  A strong ability to understand technical security controls and risk is a must.  A desire for continued development is encouraged through ongoing external and internal training programs. The ISO develops the strategy and implementation of a robust Information Security program.

     

    Chesapeake Bank, in business since 1900, is a technology forward highly successful financial institution, rated in the top 200 community banks for 11 years in a row and recognized nationally for 6 consecutive years as a Best Bank to Work For. Chesapeake Bank is dedicated to supporting the community and is recognized among its peers as an innovator with multiple diverse lines of business with a national reach. An employee, customer, and community focused culture based on eight corporate values is key to the bank’s success. 

     

    Chesapeake Bank offers competitive compensation packages with additional benefits such as a company paid employee stock ownership program (ESOP) and student loan repayment benefits. The position may be located in either the corporate Headquarters in scenic Kilmarnock, VA or in the destination city of Williamsburg, VA within commuting distance of both the state capital of Richmond, VA and metropolitan Hampton Roads, VA.

    Responsibilities

    • Develop and manage Information Security programs to ensure compliance with established standards such as FFIEC, NIST, CAT, etc. and established regulations relating to information security such as GLBA, HIPPA, SOX, etc.
    • Provide guidance and counsel to the CIO and members of the company’s leadership team, working closely with service providers and internal staff in defining objectives for information security that conform to the corporate risk appetite.
    • Oversee and monitor critical system and network user access.
    • Assess need for any security reconfigurations and recommend modifications if required. Work with the IT Manager to ensure reviews of configurations on items related to network topologies, routers, firewalls, antivirus software, etc. are adequate.
    • Prepare and maintain the Information Security Risk Assessment and present the overall status of the Information Security Program to management and the Board of Directors.
    • Responsible for the development, maintenance, and execution of an effective Vendor/Third Party Management program, Incident Response Plan, and Business Continuity Program.
    • Identify and implement a robust employee information security awareness training curriculum utilizing social engineering training tools.
    • Manage and develop Information Security Staff

    Requirements

    • Minimum of 5 years of relevant work experience required in an information security related role in a regulated industry such as banking or healthcare. Management level experience preferred.
    • Certified Information Systems Security Professional (CISSP) or other technology security certification preferred.
    • Possess an in-depth knowledge of information security controls, process and procedure as relates to end-user and third-party access to non-public personal and corporate information.
    • Experience with network configuration, Microsoft and VMWare server technology, and technical security controls.
    • Strong knowledge of regulation and guidance issued as it pertains to privacy, information security, and risk management.
    • Experience with Business Continuity Planning, Incident Response Planning, and vendor due diligence
    • Ability to view a computer monitor for long periods of time and communicate effectively both verbally and written.

    Options

    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed