This recruitment will remain open until July 11, 2025. The agency reserves the right to make a hiring decision at any time after the initial screening date on July 3, 2025. It is in the applicant's best interest to submit materials as soon as possible. Make a Difference: Protect Consumers & Join Our Dynamic Team! The Office of the Insurance Commissioner (OIC) seeks a qualified individual for the Chief Information Officer / Chief Information Security Officer (Exempt) position. This role is within the Operations Division and is based out of our Tumwater Office. We are an employer of choice! Here's why: Meaningful work: Ensure a healthy insurance market & protect Washington consumers. Impactful career: Make a daily difference in the lives of countless Washingtonians. Small agency, big opportunities: Gain a holistic understanding of our mission and build strong relationships with colleagues. Diversity, equity, and inclusion: OIC is committed to ensuring that all employees enjoy a respectful, safe, and supportive working environment - by fostering the inclusion of people from all backgrounds, cultures, and attributes. About the Position Are you a bold, visionary leader ready to shape the future of government technology? We're looking for an exceptional Chief Information Officer / Chief Information Security Officer (CIO/CISO) to join our executive team and take the helm of all things IT and cybersecurity. As the agency's top technology strategist, the CIO/CISO will be at the forefront of driving innovation, transforming enterprise systems, and ensuring our technology infrastructure is secure, efficient, and mission aligned. This is not just a leadership role - it's a chance to leave a legacy. In this high-impact position, you'll: Set and execute the agency's IT and cybersecurity strategy at the enterprise level. Lead transformative initiatives that improve operations, boost resilience, and deliver value to the public. Collaborate with senior leadership to align IT priorities with organizational goals and strategic vision. Oversee critical projects and multimillion-dollar IT investments. Represent the agency to key government and industry stakeholders. Champion compliance, privacy, innovation, and business continuity across all systems and services. This is a rare opportunity to drive cutting-edge technology and cybersecurity initiatives that directly impact the public good. If you're a seasoned leader with a passion for digital transformation and a proven track record in enterprise IT and security, we want to hear from you. Step into a role where your leadership shapes the future. Apply now and be the difference. This is a Civil-Service Exempt position. The annual salary range for this position is $144,000 - $160,000. Benefits & Perks Comprehensive benefits package: Health, dental, vision, retirement, paid leave (vacation, sick, etc.) and much more! Supportive work environment: We value diversity, professional growth, and collaborative atmosphere. Wellness programs: Invest in your well-being with on-site resources and initiatives. Work-life balance: Flexible schedules with telework opportunities. Public service fulfillment: Contribute to a cause that matters and feel the satisfaction of serving the public good. Training & Development: Continuously learn and grow with tuition reimbursement, Public Service Loan Forgiveness, and other programs. Free parking (Tumwater) & Public transportation pass (Thurston County): Save on commuting costs. And more! Explore our website for additional benefits: The duties of the position include, but are not limited to: Direct and oversee the enhancement, management, and safeguarding of the agency's enterprise level, mission critical information technology systems. Participate in strategic planning, budget decision package development, and/or agency request legislation to identify IT impacts, offer considerations for IT solutions and provide guidance regarding IT resource capacity. Represents agency to stakeholders, government, and private sector and acts as primary liaison between information services, senior management, and non-agency stakeholders. Assess business plan objectives, and work with business areas to identify opportunities for IT solutions including recommendations on the scope and thoroughness of requirements, estimates of timelines, and allocation of resources. Performs task management functions: feasibility studies, project selection, project planning, prioritization of work, implementation of work plans, bill analysis and fiscal note development. Consults with deputies and managers to determine IT impacts of proposed legislation and/or newly enacted federal or state laws. Estimate agency resource allocation in support of project efforts including but not limited to budget, IT software development resources, IT support, technology infrastructure, security, privacy, and networking resources. Develops and implements business continuity protocols to minimize disruption to business operations in the event of emergency situations or data loss. Identifies, plans, and conducts security audits and system investigations. Reports findings and recommends appropriate mitigation measures to executive leadership. Serves as the agency interface to Washington State Office Chief Information Officer (OCIO) and Washington State's Washington Technology Solutions (WaTech). Responsible for creating, submitting, and accuracy of annual reports required by OCIO. Serves as the agency lead privacy officer and information security officer. Provide the necessary IT investment planning required by OCIO, WaTech, and Washington State's Office of Financial Management (OFM) oversight agencies. Plans and supervises IT acquisitions that impact the agency's enterprise systems and/or technology infrastructure. Align the agency's IT planning practices and resource allocation with the agency's strategic plan and National Association of Insurance Commissioners (NAIC) national initiatives. Directs procurement for vendor services and negotiate contracts for projects that exceed the capacity of in house IT resources. Increase the agency's participation with national (and international) initiatives by expanding the agency's interface capability with the NAIC and the National Insurance Producer Registry (NIPR). Leads a team of 21 FTEs with 2 direct reports. To read more about this position and view all duties, click here to request a position description. Required Qualifications: Bachelor's degree or higher in computer science, information technology or related field AND at least six years senior level IT management experience managing large, high risk, IT projects; including leading and managing senior IT resources. OR Associate's degree in computer science or related field AND at least eight years senior level IT management experience managing large, high risk, IT projects; including leading and managing senior IT resources. OR At least 10 years' senior level IT management experience managing large, high risk, IT projects; including leading and managing senior IT resources AND at least five (5) years demonstrated performance managing high performing IT or cross-functional teams. AND Expert knowledge of: Software development practices, processes, and procedures. State contracting and procurement laws, policies, requirements, and contracting/procurement best practices. Project management principles and practices. Enterprise level information management systems and technology related subjects, including networking, server environments, hardware/software upgrades, and disaster recovery planning and software release/configuration management. AND Demonstrated Experience: Budgeting, planning, and allocating resources to support organization's mission and business priorities. Leading IT infrastructure/architecture planning and applying enterprise level IT best practices. Managing diverse project teams composed of IT, business users, and vendors. Applying current IT security and system standards. Communicating complex issues effectively and adjusting communication to audience needs. Addressing conflict and leading teams to resolution. Degree must be from an accredited institution whose accreditation is recognized by the U.S. Department of Education or the Council of Higher Education Accreditation or a foreign equivalent. Ready to join us? Learn more about the OIC by visiting our website. We encourage you to check out our video below and listen to what our employees have to say about working here! Welcome to the OIC Submit your application today and take the first step towards a rewarding career at the OIC! Wage/salary depends on qualifications or state rules of compensation (if currently a state employee). State law (RCW 48.02.090 5 ) prohibits employees of the OIC from having any interest, directly or indirectly, in an insurance company other than as a policyholder. This prohibition includes the receipt of renewal commissions. If employment is accepted with this agency, you agree to abide by this state law. Prior to a new hire . click apply for full job details
07/01/2025
Full time
This recruitment will remain open until July 11, 2025. The agency reserves the right to make a hiring decision at any time after the initial screening date on July 3, 2025. It is in the applicant's best interest to submit materials as soon as possible. Make a Difference: Protect Consumers & Join Our Dynamic Team! The Office of the Insurance Commissioner (OIC) seeks a qualified individual for the Chief Information Officer / Chief Information Security Officer (Exempt) position. This role is within the Operations Division and is based out of our Tumwater Office. We are an employer of choice! Here's why: Meaningful work: Ensure a healthy insurance market & protect Washington consumers. Impactful career: Make a daily difference in the lives of countless Washingtonians. Small agency, big opportunities: Gain a holistic understanding of our mission and build strong relationships with colleagues. Diversity, equity, and inclusion: OIC is committed to ensuring that all employees enjoy a respectful, safe, and supportive working environment - by fostering the inclusion of people from all backgrounds, cultures, and attributes. About the Position Are you a bold, visionary leader ready to shape the future of government technology? We're looking for an exceptional Chief Information Officer / Chief Information Security Officer (CIO/CISO) to join our executive team and take the helm of all things IT and cybersecurity. As the agency's top technology strategist, the CIO/CISO will be at the forefront of driving innovation, transforming enterprise systems, and ensuring our technology infrastructure is secure, efficient, and mission aligned. This is not just a leadership role - it's a chance to leave a legacy. In this high-impact position, you'll: Set and execute the agency's IT and cybersecurity strategy at the enterprise level. Lead transformative initiatives that improve operations, boost resilience, and deliver value to the public. Collaborate with senior leadership to align IT priorities with organizational goals and strategic vision. Oversee critical projects and multimillion-dollar IT investments. Represent the agency to key government and industry stakeholders. Champion compliance, privacy, innovation, and business continuity across all systems and services. This is a rare opportunity to drive cutting-edge technology and cybersecurity initiatives that directly impact the public good. If you're a seasoned leader with a passion for digital transformation and a proven track record in enterprise IT and security, we want to hear from you. Step into a role where your leadership shapes the future. Apply now and be the difference. This is a Civil-Service Exempt position. The annual salary range for this position is $144,000 - $160,000. Benefits & Perks Comprehensive benefits package: Health, dental, vision, retirement, paid leave (vacation, sick, etc.) and much more! Supportive work environment: We value diversity, professional growth, and collaborative atmosphere. Wellness programs: Invest in your well-being with on-site resources and initiatives. Work-life balance: Flexible schedules with telework opportunities. Public service fulfillment: Contribute to a cause that matters and feel the satisfaction of serving the public good. Training & Development: Continuously learn and grow with tuition reimbursement, Public Service Loan Forgiveness, and other programs. Free parking (Tumwater) & Public transportation pass (Thurston County): Save on commuting costs. And more! Explore our website for additional benefits: The duties of the position include, but are not limited to: Direct and oversee the enhancement, management, and safeguarding of the agency's enterprise level, mission critical information technology systems. Participate in strategic planning, budget decision package development, and/or agency request legislation to identify IT impacts, offer considerations for IT solutions and provide guidance regarding IT resource capacity. Represents agency to stakeholders, government, and private sector and acts as primary liaison between information services, senior management, and non-agency stakeholders. Assess business plan objectives, and work with business areas to identify opportunities for IT solutions including recommendations on the scope and thoroughness of requirements, estimates of timelines, and allocation of resources. Performs task management functions: feasibility studies, project selection, project planning, prioritization of work, implementation of work plans, bill analysis and fiscal note development. Consults with deputies and managers to determine IT impacts of proposed legislation and/or newly enacted federal or state laws. Estimate agency resource allocation in support of project efforts including but not limited to budget, IT software development resources, IT support, technology infrastructure, security, privacy, and networking resources. Develops and implements business continuity protocols to minimize disruption to business operations in the event of emergency situations or data loss. Identifies, plans, and conducts security audits and system investigations. Reports findings and recommends appropriate mitigation measures to executive leadership. Serves as the agency interface to Washington State Office Chief Information Officer (OCIO) and Washington State's Washington Technology Solutions (WaTech). Responsible for creating, submitting, and accuracy of annual reports required by OCIO. Serves as the agency lead privacy officer and information security officer. Provide the necessary IT investment planning required by OCIO, WaTech, and Washington State's Office of Financial Management (OFM) oversight agencies. Plans and supervises IT acquisitions that impact the agency's enterprise systems and/or technology infrastructure. Align the agency's IT planning practices and resource allocation with the agency's strategic plan and National Association of Insurance Commissioners (NAIC) national initiatives. Directs procurement for vendor services and negotiate contracts for projects that exceed the capacity of in house IT resources. Increase the agency's participation with national (and international) initiatives by expanding the agency's interface capability with the NAIC and the National Insurance Producer Registry (NIPR). Leads a team of 21 FTEs with 2 direct reports. To read more about this position and view all duties, click here to request a position description. Required Qualifications: Bachelor's degree or higher in computer science, information technology or related field AND at least six years senior level IT management experience managing large, high risk, IT projects; including leading and managing senior IT resources. OR Associate's degree in computer science or related field AND at least eight years senior level IT management experience managing large, high risk, IT projects; including leading and managing senior IT resources. OR At least 10 years' senior level IT management experience managing large, high risk, IT projects; including leading and managing senior IT resources AND at least five (5) years demonstrated performance managing high performing IT or cross-functional teams. AND Expert knowledge of: Software development practices, processes, and procedures. State contracting and procurement laws, policies, requirements, and contracting/procurement best practices. Project management principles and practices. Enterprise level information management systems and technology related subjects, including networking, server environments, hardware/software upgrades, and disaster recovery planning and software release/configuration management. AND Demonstrated Experience: Budgeting, planning, and allocating resources to support organization's mission and business priorities. Leading IT infrastructure/architecture planning and applying enterprise level IT best practices. Managing diverse project teams composed of IT, business users, and vendors. Applying current IT security and system standards. Communicating complex issues effectively and adjusting communication to audience needs. Addressing conflict and leading teams to resolution. Degree must be from an accredited institution whose accreditation is recognized by the U.S. Department of Education or the Council of Higher Education Accreditation or a foreign equivalent. Ready to join us? Learn more about the OIC by visiting our website. We encourage you to check out our video below and listen to what our employees have to say about working here! Welcome to the OIC Submit your application today and take the first step towards a rewarding career at the OIC! Wage/salary depends on qualifications or state rules of compensation (if currently a state employee). State law (RCW 48.02.090 5 ) prohibits employees of the OIC from having any interest, directly or indirectly, in an insurance company other than as a policyholder. This prohibition includes the receipt of renewal commissions. If employment is accepted with this agency, you agree to abide by this state law. Prior to a new hire . click apply for full job details
Center 3 (19075), United States of America, McLean, VirginiaEnterprise Services Risk Senior Manager The mission of the Enterprise Services Risk Office is to make it easy for business teams to deliver innovative and well-managed products and services to our customers and internal teams - and to have fun while doing it! We are looking for critical thinkers who are ready to challenge conventional approaches in search of better ways to manage risk and partner in the challenge to create amazing experiences. As a member of the ES Risk team, you will lead critical risk work related to Enterprise facing data movement, management and storage initiatives including process risk management, control testing, issue management and broader risk strategy. You will partner with compliance, legal, operations and line of business professionals to review and assess risks, controls, and processes related to this area. You will help create routines, deliver reporting, and improve processes that enable us to stay well managed and evolve how we manage risk. You will understand business impacts of data related decisions and activities and develop appropriate controls to address. You will have a significant level of exposure across the Company and your contributions will directly impact our key data initiatives for Capital One and our customers. Responsibilities: Facilitate and support process and control testing and management activities (including audits and assessments) Develop and maintain the core risk profile for enterprise data platforms Translate regulatory jargon and technically complex information into easily understandable language Partner across risk teams, including Product, Tech, and Cyber to evolve how we work as an organization Oversee our governance and reporting routines Build a reputation as a trusted advisor to the business and communicate effectively at all levels Navigate gray space to proactively identify new risks as the business innovates Prepare ongoing reporting for enterprise wide reports Basic Qualifications: At least 5 years of project or process management experience Attention to detail and results focused Ability to lean and and demonstrate critical thinking and problem solving skills Ability to adapt to the changing circumstances of a fast paced technology company Strong written and verbal communication skills Preferred Qualifications: Experience in a compliance, regulatory, audit, legal or risk team Experience in controls development, controls management, and reporting activities Ability to adapt to the changing circumstances of a fast-paced technology company CIPP, Lean, Agile, Six Sigma, Business Process Management, or Project Management certification At this time, Capital One will not sponsor a new applicant for employment authorization for this position. The minimum and maximum Full time annual salaries for this role are listed below, by location. Please note that this salary information is solely for candidates hired to perform work within one of these locations, and refers to the amount Capital One is willing to pay at the time of this posting. Salaries for part-time roles will be prorated based upon the agreed upon number of hours to be regularly worked. New York City (Hybrid On-Site): $195,200 - $222,800 for Sr. Manager, Cyber Risk & Analysis Candidates hired to work in other locations will be subject to the pay range associated with that location, and the actual annualized salary amount offered to any candidate at the time of hire will be reflected solely in the candidate's offer letter. Capital One offers a comprehensive, competitive, and inclusive set of health, financial and other benefits that support your total well-being. Learn more at the Capital One Careers website . Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level. This role is expected to accept applications for a minimum of 5 business days.No agencies please. Capital One is an equal opportunity employer committed to diversity and inclusion in the workplace. All qualified applicants will receive consideration for employment without regard to sex (including pregnancy, childbirth or related medical conditions), race, color, age, national origin, religion, disability, genetic information, marital status, sexual orientation, gender identity, gender reassignment, citizenship, immigration status, protected veteran status, or any other basis prohibited under applicable federal, state or local law. Capital One promotes a drug-free workplace. Capital One will consider for employment qualified applicants with a criminal history in a manner consistent with the requirements of applicable laws regarding criminal background inquiries, including, to the extent applicable, Article 23-A of the New York Correction Law; San Francisco, California Police Code Article 49, Sections ; New York City's Fair Chance Act; Philadelphia's Fair Criminal Records Screening Act; and other applicable federal, state, and local laws and regulations regarding criminal background inquiries. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation, please contact Capital One Recruiting at 1- or via email at (see below) . All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodations. For technical support or questions about Capital One's recruiting process, please send an email to (see below) Capital One does not provide, endorse nor guarantee and is not liable for third-party products, services, educational tools or other information available through this site. Capital One Financial is made up of several different entities. Please note that any position posted in Canada is for Capital One Canada, any position posted in the United Kingdom is for Capital One Europe and any position posted in the Philippines is for Capital One Philippines Service Corp. (COPSSC).
12/05/2023
Full time
Center 3 (19075), United States of America, McLean, VirginiaEnterprise Services Risk Senior Manager The mission of the Enterprise Services Risk Office is to make it easy for business teams to deliver innovative and well-managed products and services to our customers and internal teams - and to have fun while doing it! We are looking for critical thinkers who are ready to challenge conventional approaches in search of better ways to manage risk and partner in the challenge to create amazing experiences. As a member of the ES Risk team, you will lead critical risk work related to Enterprise facing data movement, management and storage initiatives including process risk management, control testing, issue management and broader risk strategy. You will partner with compliance, legal, operations and line of business professionals to review and assess risks, controls, and processes related to this area. You will help create routines, deliver reporting, and improve processes that enable us to stay well managed and evolve how we manage risk. You will understand business impacts of data related decisions and activities and develop appropriate controls to address. You will have a significant level of exposure across the Company and your contributions will directly impact our key data initiatives for Capital One and our customers. Responsibilities: Facilitate and support process and control testing and management activities (including audits and assessments) Develop and maintain the core risk profile for enterprise data platforms Translate regulatory jargon and technically complex information into easily understandable language Partner across risk teams, including Product, Tech, and Cyber to evolve how we work as an organization Oversee our governance and reporting routines Build a reputation as a trusted advisor to the business and communicate effectively at all levels Navigate gray space to proactively identify new risks as the business innovates Prepare ongoing reporting for enterprise wide reports Basic Qualifications: At least 5 years of project or process management experience Attention to detail and results focused Ability to lean and and demonstrate critical thinking and problem solving skills Ability to adapt to the changing circumstances of a fast paced technology company Strong written and verbal communication skills Preferred Qualifications: Experience in a compliance, regulatory, audit, legal or risk team Experience in controls development, controls management, and reporting activities Ability to adapt to the changing circumstances of a fast-paced technology company CIPP, Lean, Agile, Six Sigma, Business Process Management, or Project Management certification At this time, Capital One will not sponsor a new applicant for employment authorization for this position. The minimum and maximum Full time annual salaries for this role are listed below, by location. Please note that this salary information is solely for candidates hired to perform work within one of these locations, and refers to the amount Capital One is willing to pay at the time of this posting. Salaries for part-time roles will be prorated based upon the agreed upon number of hours to be regularly worked. New York City (Hybrid On-Site): $195,200 - $222,800 for Sr. Manager, Cyber Risk & Analysis Candidates hired to work in other locations will be subject to the pay range associated with that location, and the actual annualized salary amount offered to any candidate at the time of hire will be reflected solely in the candidate's offer letter. Capital One offers a comprehensive, competitive, and inclusive set of health, financial and other benefits that support your total well-being. Learn more at the Capital One Careers website . Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level. This role is expected to accept applications for a minimum of 5 business days.No agencies please. Capital One is an equal opportunity employer committed to diversity and inclusion in the workplace. All qualified applicants will receive consideration for employment without regard to sex (including pregnancy, childbirth or related medical conditions), race, color, age, national origin, religion, disability, genetic information, marital status, sexual orientation, gender identity, gender reassignment, citizenship, immigration status, protected veteran status, or any other basis prohibited under applicable federal, state or local law. Capital One promotes a drug-free workplace. Capital One will consider for employment qualified applicants with a criminal history in a manner consistent with the requirements of applicable laws regarding criminal background inquiries, including, to the extent applicable, Article 23-A of the New York Correction Law; San Francisco, California Police Code Article 49, Sections ; New York City's Fair Chance Act; Philadelphia's Fair Criminal Records Screening Act; and other applicable federal, state, and local laws and regulations regarding criminal background inquiries. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation, please contact Capital One Recruiting at 1- or via email at (see below) . All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodations. For technical support or questions about Capital One's recruiting process, please send an email to (see below) Capital One does not provide, endorse nor guarantee and is not liable for third-party products, services, educational tools or other information available through this site. Capital One Financial is made up of several different entities. Please note that any position posted in Canada is for Capital One Canada, any position posted in the United Kingdom is for Capital One Europe and any position posted in the Philippines is for Capital One Philippines Service Corp. (COPSSC).
Purpose of Job This role will be located in the Home Office in San Antonio, or at one of our regional offices/remote with frequent travel to the Home Office. Responsible for leading the Anti-Money Laundering (AML) Bank Secrecy Act (BSA) programs to deliver quality and ongoing sustainability of operational functions to include Financial Investigations, Know Your Customer, and OFAC. Oversight of and maintains a governance program, including policies, procedures, and controls to effectively manage the risk of money laundering arising from USAA's operations, and setting and implementing the strategic direction for USAA Federal Savings Bank ("FSB"), USAA Savings Bank ("USB") (collectively "Banks"), P&C, LifeCo, and the overall Enterprise. Sets the standards and provides guidance and support across USAA around member onboarding, due diligence, transaction monitoring, and screening activities for compliance with anti-money laundering and sanctions expectations and related regulatory requirements to ensure deliverables align to USAA and regulatory requirements. Job Requirements Managerial Responsibilities * Leads the design and implementation of the Anti-Money Laundering (AML) Compliance risk management strategies, taking into account business strategy and nuanced supervisory expectations, including how they apply in a matrixed commercial environment. * Oversees teams responsible for regulatory, complex, and critical issues covering USAA as related to the Bank Secrecy Act (BSA)/AML regulatory requirements as well as key enterprise functions. * Exemplifies USAA's mission, core values, culture and desired behaviors - including a culture of compliance risk management. * Develops talent to deliver objectives aligned to the mission; including the identification, development, advancement and retention of talent with requisite compliance capabilities as well as providing leadership and overseeing performance management and staff development activities. * Leads the operational planning of implementation of the AML program for the Bank and Enterprise-including core business processes and technologies. * Oversees execution of AML Compliance initiatives and projects across the banks and the enterprise. * Holds self and others Accountable for meeting commitments by setting and clearly communicating expectations, roles, and responsibilities to others relative to AML Compliance. * Responsible for funding, budgeting and execution of AML initiatives and projects across the businesses and legal entities. Technical and Risk Responsibilities * Responsible for overseeing and governing AML Compliance related activities and actions for the Banks' and the enterprise. * Provides independent oversight to risk management practices across AML Compliance activities. * Formulates and executes a multi-year strategy for a best-in-class AML Compliance program, including AML strategy and analytics across various financial products in the Banks' and various AML Compliance programs across the enterprise. * Identifies and assesses the Banks' AML inherent and control risk, incorporates the outcomes into strategy and risk management oversight practices, and reports the results to the bank board and senior management. * Reviews, addresses, and escalates significant AML issues and activities to Executive Council and/or the appropriate governance committee and its members. * Develops, communicates and reinforces the Banks' risk tolerance and risk appetite statement and associated limits related to AML activities, including how they apply to banking operations. * Monitors the Banks' adherence to AML-related policies and timely closure of AML-related issues and engages in ongoing communication with front line units regarding adherence to AML requirements. * Oversees the monitoring and analysis of AML-related trends, patterns, and external factors impacting the risk levels of the Banks' and communicates and provides recommendations. * Proactively manages relationship and communications with U.S. regulators and internal audit staff for AML Compliance matters, including management of examinations, audits, document production and issue responses. * Liaises with regulatory agencies and other internal control groups on AML related issues -- takes accountability for responding to Matters Requiring Attention (MRAs) and Matters Requiring Immediate Attention (MRIAs) issued by supervisory bodies. * Leads change management activities in connection with MRAs and/or broader regulatory changes. Governance Committees Interacts with or participates in enterprise governance committees, such as: * Bank Compliance Committee * Enterprise and Bank New Activities Approval Committee * USAA Financial Crimes Compliance Committee * Enterprise Compliance Risk Committee * Enterprise Information Governance Committee * Shared Services New Activities Approval Committee Education * Bachelor's degree is required. * Advanced degree such as MBA or Juris Doctorate (JD) is preferred. Experience * A minimum of 12 years of experience in technical discipline (e.g. AML compliance) with a proven track record leading comparable operations. Vast knowledge of the U.S regulatory environment with emphasis on the BSA, USA PATRIOT Act and OFAC programs is required. * A minimum of 8 years of people leadership experience in building, managing and/or developing high-performing teams is required. * Proven experience establishing, implementing and overseeing large financial institution(s) AML program * Extensive background in understanding, evaluating, and monitoring risks in adherence to policies * Demonstrated ability to communicate at all levels of an organization including Board of Directors and Committee members; must also have experience communicating with regulatory agencies * A minimum of 8 years of relevant experience in a large financial institution ($100 billion +), including 5+ years post-Dodd Frank, in a supervisory role as a regulator, in a senior role directly interacting with regulators, or in a senior staff role within an AML department is preferred. Regulatory Understanding* * Federal regulations and supervisory guidance: 12 CFR Part 30, including Appendices A through E * 12 CFR 9 - Bank Fiduciary Activities * Federal Reserve Supervisory Guidance Documents: * SR 08-08 (Compliance Risk Management Programs) * Bank Holding Company Examination Manual * Federal Reserve proposals concerning Board effectiveness and core principles of effective senior management, management of business lines, and independent risk management and controls * OCC Supervisory Guidance Documents: Large Bank Supervision Handbook; Corporate and Risk Governance Handbook; and key OCC bulletins (New Products and Services Risk Management; Third Party Risk Management) * FFIEC: BSA/AML Manual; IT/Cyber Handbooks * CFPB: Consumer Protection Regulations; UDAAP * Regulatory understanding is for illustrative purposes. Roles would need an understanding of all federal and state laws and regulatory guidance applicable to the organization and responsibilities of the role. Note: The above statements are intended to describe the general nature and level of work being performed by employees in this position. They are not intended to be an exhaustive list of all duties, responsibilities and qualifications of employees assigned this job. Certifications Industry certification such as Certified Anti-Money Laundering Specialist (CAMS) is preferred. Compensation: USAA has an effective process for assessing market data and establishing ranges to ensure we remain competitive. You are paid within the salary range based on your experience and market position. The salary range for this position is $312,600- $562,900. Employees may be eligible for pay incentives based on overall corporate and individual performance or at the discretion of the USAA Board of Directors. Long Term Incentive Plan: Cash payment for Executive level roles only, representing a cash payment which is both time and performance based. Stipend: As an EMG Member, you will receive an annual stipend (amounts determined by level) which will be paid in quarterly installments. Medical Stipend: As a Senior Officer, you will receive an Annual Medical Stipend for you and your spouse Benefits: At USAA our employees enjoy best-in-class benefits to support their physical, financial, and emotional wellness. These benefits include comprehensive medical, dental and vision plans, 401(k), pension, life insurance, parental benefits, adoption assistance, paid time off program with paid holidays plus 16 paid volunteer hours, and various wellness programs. Additionally, our career path planning and continuing education assists employees with their professional goals. Please click on the link below for more details. USAA Total Rewards THIS POSTING WILL BE AVAILABLE TO INTERNAL CANDIDATES UNTIL 11:59PM ON SUNDAY, MARCH 14
03/24/2021
Full time
Purpose of Job This role will be located in the Home Office in San Antonio, or at one of our regional offices/remote with frequent travel to the Home Office. Responsible for leading the Anti-Money Laundering (AML) Bank Secrecy Act (BSA) programs to deliver quality and ongoing sustainability of operational functions to include Financial Investigations, Know Your Customer, and OFAC. Oversight of and maintains a governance program, including policies, procedures, and controls to effectively manage the risk of money laundering arising from USAA's operations, and setting and implementing the strategic direction for USAA Federal Savings Bank ("FSB"), USAA Savings Bank ("USB") (collectively "Banks"), P&C, LifeCo, and the overall Enterprise. Sets the standards and provides guidance and support across USAA around member onboarding, due diligence, transaction monitoring, and screening activities for compliance with anti-money laundering and sanctions expectations and related regulatory requirements to ensure deliverables align to USAA and regulatory requirements. Job Requirements Managerial Responsibilities * Leads the design and implementation of the Anti-Money Laundering (AML) Compliance risk management strategies, taking into account business strategy and nuanced supervisory expectations, including how they apply in a matrixed commercial environment. * Oversees teams responsible for regulatory, complex, and critical issues covering USAA as related to the Bank Secrecy Act (BSA)/AML regulatory requirements as well as key enterprise functions. * Exemplifies USAA's mission, core values, culture and desired behaviors - including a culture of compliance risk management. * Develops talent to deliver objectives aligned to the mission; including the identification, development, advancement and retention of talent with requisite compliance capabilities as well as providing leadership and overseeing performance management and staff development activities. * Leads the operational planning of implementation of the AML program for the Bank and Enterprise-including core business processes and technologies. * Oversees execution of AML Compliance initiatives and projects across the banks and the enterprise. * Holds self and others Accountable for meeting commitments by setting and clearly communicating expectations, roles, and responsibilities to others relative to AML Compliance. * Responsible for funding, budgeting and execution of AML initiatives and projects across the businesses and legal entities. Technical and Risk Responsibilities * Responsible for overseeing and governing AML Compliance related activities and actions for the Banks' and the enterprise. * Provides independent oversight to risk management practices across AML Compliance activities. * Formulates and executes a multi-year strategy for a best-in-class AML Compliance program, including AML strategy and analytics across various financial products in the Banks' and various AML Compliance programs across the enterprise. * Identifies and assesses the Banks' AML inherent and control risk, incorporates the outcomes into strategy and risk management oversight practices, and reports the results to the bank board and senior management. * Reviews, addresses, and escalates significant AML issues and activities to Executive Council and/or the appropriate governance committee and its members. * Develops, communicates and reinforces the Banks' risk tolerance and risk appetite statement and associated limits related to AML activities, including how they apply to banking operations. * Monitors the Banks' adherence to AML-related policies and timely closure of AML-related issues and engages in ongoing communication with front line units regarding adherence to AML requirements. * Oversees the monitoring and analysis of AML-related trends, patterns, and external factors impacting the risk levels of the Banks' and communicates and provides recommendations. * Proactively manages relationship and communications with U.S. regulators and internal audit staff for AML Compliance matters, including management of examinations, audits, document production and issue responses. * Liaises with regulatory agencies and other internal control groups on AML related issues -- takes accountability for responding to Matters Requiring Attention (MRAs) and Matters Requiring Immediate Attention (MRIAs) issued by supervisory bodies. * Leads change management activities in connection with MRAs and/or broader regulatory changes. Governance Committees Interacts with or participates in enterprise governance committees, such as: * Bank Compliance Committee * Enterprise and Bank New Activities Approval Committee * USAA Financial Crimes Compliance Committee * Enterprise Compliance Risk Committee * Enterprise Information Governance Committee * Shared Services New Activities Approval Committee Education * Bachelor's degree is required. * Advanced degree such as MBA or Juris Doctorate (JD) is preferred. Experience * A minimum of 12 years of experience in technical discipline (e.g. AML compliance) with a proven track record leading comparable operations. Vast knowledge of the U.S regulatory environment with emphasis on the BSA, USA PATRIOT Act and OFAC programs is required. * A minimum of 8 years of people leadership experience in building, managing and/or developing high-performing teams is required. * Proven experience establishing, implementing and overseeing large financial institution(s) AML program * Extensive background in understanding, evaluating, and monitoring risks in adherence to policies * Demonstrated ability to communicate at all levels of an organization including Board of Directors and Committee members; must also have experience communicating with regulatory agencies * A minimum of 8 years of relevant experience in a large financial institution ($100 billion +), including 5+ years post-Dodd Frank, in a supervisory role as a regulator, in a senior role directly interacting with regulators, or in a senior staff role within an AML department is preferred. Regulatory Understanding* * Federal regulations and supervisory guidance: 12 CFR Part 30, including Appendices A through E * 12 CFR 9 - Bank Fiduciary Activities * Federal Reserve Supervisory Guidance Documents: * SR 08-08 (Compliance Risk Management Programs) * Bank Holding Company Examination Manual * Federal Reserve proposals concerning Board effectiveness and core principles of effective senior management, management of business lines, and independent risk management and controls * OCC Supervisory Guidance Documents: Large Bank Supervision Handbook; Corporate and Risk Governance Handbook; and key OCC bulletins (New Products and Services Risk Management; Third Party Risk Management) * FFIEC: BSA/AML Manual; IT/Cyber Handbooks * CFPB: Consumer Protection Regulations; UDAAP * Regulatory understanding is for illustrative purposes. Roles would need an understanding of all federal and state laws and regulatory guidance applicable to the organization and responsibilities of the role. Note: The above statements are intended to describe the general nature and level of work being performed by employees in this position. They are not intended to be an exhaustive list of all duties, responsibilities and qualifications of employees assigned this job. Certifications Industry certification such as Certified Anti-Money Laundering Specialist (CAMS) is preferred. Compensation: USAA has an effective process for assessing market data and establishing ranges to ensure we remain competitive. You are paid within the salary range based on your experience and market position. The salary range for this position is $312,600- $562,900. Employees may be eligible for pay incentives based on overall corporate and individual performance or at the discretion of the USAA Board of Directors. Long Term Incentive Plan: Cash payment for Executive level roles only, representing a cash payment which is both time and performance based. Stipend: As an EMG Member, you will receive an annual stipend (amounts determined by level) which will be paid in quarterly installments. Medical Stipend: As a Senior Officer, you will receive an Annual Medical Stipend for you and your spouse Benefits: At USAA our employees enjoy best-in-class benefits to support their physical, financial, and emotional wellness. These benefits include comprehensive medical, dental and vision plans, 401(k), pension, life insurance, parental benefits, adoption assistance, paid time off program with paid holidays plus 16 paid volunteer hours, and various wellness programs. Additionally, our career path planning and continuing education assists employees with their professional goals. Please click on the link below for more details. USAA Total Rewards THIS POSTING WILL BE AVAILABLE TO INTERNAL CANDIDATES UNTIL 11:59PM ON SUNDAY, MARCH 14
Who is Taco Bell? Taco Bell Corp., a subsidiary of Yum! Brands, Inc. (NYSE: YUM), is the nation's leading Mexican-inspired quick service restaurant (QSR) brand. From breakfast to late night, Taco Bell serves made-to-order and customizable tacos and burritos, among other craveable choices, and is the first QSR restaurant to offer American Vegetarian Association (AVA)-certified menu items. Taco Bell and its more than 350 franchise organizations proudly serve over 42 million customers each week through nearly 7,000 restaurants across the nation, as well as through its mobile, desktop and delivery ordering services. Overseas, Taco Bell has over 300 restaurants, with plans to add 2,000 more restaurants internationally within the next decade. The brand encourages its fans to "Live Mas" and connects with them through sports, gaming and new music via its Feed The Beat music program. Taco Bell also provides education opportunities and serves the community through its nonprofit organization, the Taco Bell Foundation , and connects fans with their passions through programs such as the Live Mas Scholarship program. In 2016, Taco Bell was named as one of Fast Company's Top 10. About the Job Taco Bell is looking for a Cloud Security Engineer located in sunny Irvine, CA. This position will be responsible for advancing the enterprise-wide cloud operations and provide hands-on technical engineering and ownership of the growing cloud security program. The ideal candidate will be able to blend hands-on security expertise with strong problem solving skills. The Day-to-Day Completes cloud risk assessments and audits using tools, technologies and methods Provide subject matter expertise - relating to cloud security - to Taco Bell development, engineering, and business teams Researches and proactively identifies emerging cyber threats within the cloud environment and QSR industry Assesses the production-readiness of new technologies using security as a pillar of technology quality Responsible for the thorough documentations of implementations, via technical documentation and run-books Partake in efforts that shape the organization's security policies and standards for use in cloud environments Execute security architectures for cloud cloud/hybrid systems Employ cloud-based APIs when suitable to write network/system level tools for safeguarding cloud environments Assist in the development of a roadmap for Cloud Center of Excellence services to the broader Yum! Brands security organization Serves as the subject matter expert (SME) on Cloud Security for Taco Bell Participate in efforts that tailor the company's security policies and standards for use in cloud environments Work closely with application developers and platform owners to deliver creative solutions to complex technology challenges and business requirements. Create technical and managerial level reports and risk assessments for Cloud based applications and infrastructure Identify processes/procedures for how to handle a cloud security event, including forensic isolation and mitigation with Digital Forensics and Incident Response (DFIR/IR) teams Supports the monitoring and maintaining network security suite of tools and identifies new security threats by conducting continual monitoring and log analysis Other important tasks you'll partake in: Collaborates with partners to create remediation strategies that will help improve their cloud security posture Facilitates and participates in forensic investigations when necessary Provides security guidance to the broader Taco Bell Technology Team Help build internal security tooling, to help us maintain constant readiness Responsible for automating security controls, data and processes to provide improved metrics and operational support Participate in regular security awareness initiatives and security training Stay abreast of emerging security threats, vulnerabilities and controls Spot and execute new security technologies and best practices into the company's Cloud offerings. Develops best practices documentations regarding cloud security Propose and/or design technical solutions, which include creating prototypes and proofs of concept while maintaining a security mindset. Influence multi-disciplinary teams in implementing and operating Cyber Security controls. Translate security and technical requirements into business requirements, and communicate security risks to different audiences ranging from business leaders to engineers. Automate security controls, data and processes to provide better metrics and operational support Evaluates new technologies against established requirements and validate the security of the technology. Required Experience: Bachelor's Degree in related field plus 5+ years related experience in Computer Security, with proven focus on Cloud Security. Clear passion for cloud Security and Cloud technologies Strong problem-solving skills and a drive to succeed Understanding of industry regulations (PCI, GDPR, CCPA) preferred Ability to provide technical support or consultation for security architecture, engineering, and compliance Must have experience with virtualization (cloud or non-cloud) Expert knowledge of Cloud infrastructure, security architectures, and standards Deep technical knowledge of Amazon Web Services Able to demonstrate clear understanding of current threats to Cloud infrastructure and/or IT infrastructures at technical and managerial levels Able to automate/script daily tasks through Python, Bash or equivalent Experience with web-based applications or web-services Proficient in Linux system design, automation and operations Demonstrated ability to take initiative and accountability for achieving results. Strong interpersonal, oral, and written communication skills Knowledge of network and web related protocols (e.g., TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols) Skilled in discussing complex security issues in understandable business terms. Very detailed knowledge of system security vulnerabilities and remediation techniques Security certification desired (e.g., CISSP, GIAC, CEH, AWS-Security, etc) #DICE Yum! Brands, Inc., has over 50,000 restaurants in more than 150 countries and territories, making it a leader in global retail development primarily operating the company's brands - KFC, Pizza Hut and Taco Bell - global leaders of the chicken, pizza and Mexican-style food categories. The Company's family of brands also includes The Habit Burger Grill, a fast-casual restaurant concept specializing in made-to-order chargrilled burgers, sandwiches and more. In 2019, Yum! Brands was named to the Dow Jones Sustainability North America Index and in 2020, the company ranked among the top 100 Best Corporate Citizens by 3BL Media. As the world's largest restaurant company, we have a clear and compelling mission: to build the world's most loved, trusted, and fastest-growing restaurant brands. The key and not-so-secret ingredient in our recipe for growth is our unrivaled culture and talent, which fuels our results. To that end, we're looking for talented, motivated, team-oriented Interns to join us and have the opportunity be your best, have fun, make friends, and make a positive impact. We are excited about the future growth of our brands. In fact, as a company we are opening an average of 8 restaurants a day worldwide! This growth creates endless opportunities for professional, as well as personal growth. Customer sentiment and love for our brands is the fuel for our excitement! Taco Bell has been named one of the 10 Most Innovative Companies in the World by Fast Company. Pizza Hut delivers more pizzas than any other pizza company in the world, KFC's still uses its 75-year-old finger-lickin' good recipe, including secret herbs and spices to hand-bread its chicken every day, and the Habit Burger Grill is looking to expand its regional footprint across the country. Check out some of our great benefits: • 4 weeks of vacation per year plus holidays • 2 paid days off per year to volunteer • Onsite childcare through Bright Horizons • Onsite dining center (yes, you can eat KFC, Taco Bell or Pizza hut every day!) • Onsite dry cleaning, laundry services, concierge • Onsite gym with fitness classes and personal trainer sessions • Tuition reimbursement, education benefits and scholarship opportunities • Discounts for life's adventures (ex: theme parks, wireless plans, etc.) • Generous parental leave for all new parents and adoption assistance program • 401(k) with a 6% matching contribution from Yum! Brands with immediate vesting • Comprehensive medical, vision and dental including prescription drug benefits and 100% preventive care • Recognition based culture and unique, fun events year round • Healthcare and dependent care flexible spending accounts • Company paid life insurance • Grow Yourself Week which is devoted to your personal development - provided by Dice
01/30/2021
Full time
Who is Taco Bell? Taco Bell Corp., a subsidiary of Yum! Brands, Inc. (NYSE: YUM), is the nation's leading Mexican-inspired quick service restaurant (QSR) brand. From breakfast to late night, Taco Bell serves made-to-order and customizable tacos and burritos, among other craveable choices, and is the first QSR restaurant to offer American Vegetarian Association (AVA)-certified menu items. Taco Bell and its more than 350 franchise organizations proudly serve over 42 million customers each week through nearly 7,000 restaurants across the nation, as well as through its mobile, desktop and delivery ordering services. Overseas, Taco Bell has over 300 restaurants, with plans to add 2,000 more restaurants internationally within the next decade. The brand encourages its fans to "Live Mas" and connects with them through sports, gaming and new music via its Feed The Beat music program. Taco Bell also provides education opportunities and serves the community through its nonprofit organization, the Taco Bell Foundation , and connects fans with their passions through programs such as the Live Mas Scholarship program. In 2016, Taco Bell was named as one of Fast Company's Top 10. About the Job Taco Bell is looking for a Cloud Security Engineer located in sunny Irvine, CA. This position will be responsible for advancing the enterprise-wide cloud operations and provide hands-on technical engineering and ownership of the growing cloud security program. The ideal candidate will be able to blend hands-on security expertise with strong problem solving skills. The Day-to-Day Completes cloud risk assessments and audits using tools, technologies and methods Provide subject matter expertise - relating to cloud security - to Taco Bell development, engineering, and business teams Researches and proactively identifies emerging cyber threats within the cloud environment and QSR industry Assesses the production-readiness of new technologies using security as a pillar of technology quality Responsible for the thorough documentations of implementations, via technical documentation and run-books Partake in efforts that shape the organization's security policies and standards for use in cloud environments Execute security architectures for cloud cloud/hybrid systems Employ cloud-based APIs when suitable to write network/system level tools for safeguarding cloud environments Assist in the development of a roadmap for Cloud Center of Excellence services to the broader Yum! Brands security organization Serves as the subject matter expert (SME) on Cloud Security for Taco Bell Participate in efforts that tailor the company's security policies and standards for use in cloud environments Work closely with application developers and platform owners to deliver creative solutions to complex technology challenges and business requirements. Create technical and managerial level reports and risk assessments for Cloud based applications and infrastructure Identify processes/procedures for how to handle a cloud security event, including forensic isolation and mitigation with Digital Forensics and Incident Response (DFIR/IR) teams Supports the monitoring and maintaining network security suite of tools and identifies new security threats by conducting continual monitoring and log analysis Other important tasks you'll partake in: Collaborates with partners to create remediation strategies that will help improve their cloud security posture Facilitates and participates in forensic investigations when necessary Provides security guidance to the broader Taco Bell Technology Team Help build internal security tooling, to help us maintain constant readiness Responsible for automating security controls, data and processes to provide improved metrics and operational support Participate in regular security awareness initiatives and security training Stay abreast of emerging security threats, vulnerabilities and controls Spot and execute new security technologies and best practices into the company's Cloud offerings. Develops best practices documentations regarding cloud security Propose and/or design technical solutions, which include creating prototypes and proofs of concept while maintaining a security mindset. Influence multi-disciplinary teams in implementing and operating Cyber Security controls. Translate security and technical requirements into business requirements, and communicate security risks to different audiences ranging from business leaders to engineers. Automate security controls, data and processes to provide better metrics and operational support Evaluates new technologies against established requirements and validate the security of the technology. Required Experience: Bachelor's Degree in related field plus 5+ years related experience in Computer Security, with proven focus on Cloud Security. Clear passion for cloud Security and Cloud technologies Strong problem-solving skills and a drive to succeed Understanding of industry regulations (PCI, GDPR, CCPA) preferred Ability to provide technical support or consultation for security architecture, engineering, and compliance Must have experience with virtualization (cloud or non-cloud) Expert knowledge of Cloud infrastructure, security architectures, and standards Deep technical knowledge of Amazon Web Services Able to demonstrate clear understanding of current threats to Cloud infrastructure and/or IT infrastructures at technical and managerial levels Able to automate/script daily tasks through Python, Bash or equivalent Experience with web-based applications or web-services Proficient in Linux system design, automation and operations Demonstrated ability to take initiative and accountability for achieving results. Strong interpersonal, oral, and written communication skills Knowledge of network and web related protocols (e.g., TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols) Skilled in discussing complex security issues in understandable business terms. Very detailed knowledge of system security vulnerabilities and remediation techniques Security certification desired (e.g., CISSP, GIAC, CEH, AWS-Security, etc) #DICE Yum! Brands, Inc., has over 50,000 restaurants in more than 150 countries and territories, making it a leader in global retail development primarily operating the company's brands - KFC, Pizza Hut and Taco Bell - global leaders of the chicken, pizza and Mexican-style food categories. The Company's family of brands also includes The Habit Burger Grill, a fast-casual restaurant concept specializing in made-to-order chargrilled burgers, sandwiches and more. In 2019, Yum! Brands was named to the Dow Jones Sustainability North America Index and in 2020, the company ranked among the top 100 Best Corporate Citizens by 3BL Media. As the world's largest restaurant company, we have a clear and compelling mission: to build the world's most loved, trusted, and fastest-growing restaurant brands. The key and not-so-secret ingredient in our recipe for growth is our unrivaled culture and talent, which fuels our results. To that end, we're looking for talented, motivated, team-oriented Interns to join us and have the opportunity be your best, have fun, make friends, and make a positive impact. We are excited about the future growth of our brands. In fact, as a company we are opening an average of 8 restaurants a day worldwide! This growth creates endless opportunities for professional, as well as personal growth. Customer sentiment and love for our brands is the fuel for our excitement! Taco Bell has been named one of the 10 Most Innovative Companies in the World by Fast Company. Pizza Hut delivers more pizzas than any other pizza company in the world, KFC's still uses its 75-year-old finger-lickin' good recipe, including secret herbs and spices to hand-bread its chicken every day, and the Habit Burger Grill is looking to expand its regional footprint across the country. Check out some of our great benefits: • 4 weeks of vacation per year plus holidays • 2 paid days off per year to volunteer • Onsite childcare through Bright Horizons • Onsite dining center (yes, you can eat KFC, Taco Bell or Pizza hut every day!) • Onsite dry cleaning, laundry services, concierge • Onsite gym with fitness classes and personal trainer sessions • Tuition reimbursement, education benefits and scholarship opportunities • Discounts for life's adventures (ex: theme parks, wireless plans, etc.) • Generous parental leave for all new parents and adoption assistance program • 401(k) with a 6% matching contribution from Yum! Brands with immediate vesting • Comprehensive medical, vision and dental including prescription drug benefits and 100% preventive care • Recognition based culture and unique, fun events year round • Healthcare and dependent care flexible spending accounts • Company paid life insurance • Grow Yourself Week which is devoted to your personal development - provided by Dice
Job Description The Sr. Director Information Security establishes and maintains the enterprise vision, strategy and program to ensure information assets and technologies are adequately protected. The Sr. Director serves the role of Chief Information Security Officer (CISO) and is responsible for all IT security aspects of the organizations information technology and systems, including policies, standards, and oversight of security operations management. The Sr. Director Information Security demonstrates expertise in healthcare business, understands hospital related technical and business environment, familiarity with federal regulations (HIPPA, HITECH) and national standards (HITRUST), experience with auditing, risk management, vulnerability assessments, contract/vendor negotiations, and cyber-security and incident management. In the role of the CISO: Develops Information Technology Security Strategic Plan and Program Determines the most critical areas to address: Designs, updates and supports implementation of information security policies and standards Provides interpretations of current policies related to specific situations as they arise Develops business cases for security initiative Plan, execute and evaluate security programs Monitors security trends and legislation locally and nationally Prepares cost and budget estimates Coordinates internal and external security audits Oversees incident response planning and security breach investigations Serves as Chief Incident Manager to whom incidents are reported Serves as Incident Management Lead on critical incidents Supervises development of security awareness and training programs Qualifications Bachelor's degree required, master's degree preferred (major in computer science related discipline or information systems discipline preferred) Fifteen years information technology experience including 5 years of management experience with solid background in enterprise wide information security protection. Five years people management experience including hiring, coaching, and developing internal staff members and managing external resources to achieve goals and deliverables. Demonstrates understanding of overall hospital operations and how work is accomplished between departments and divisions, and its implications for IT infrastructure development. Proven ability to lead and influence organizations leaders to support efforts and implementation of strategic initiatives that impact organization's performance, systems, processes and structure. Please forward your resume to for immediate consideration. - provided by Dice
09/30/2020
Full time
Job Description The Sr. Director Information Security establishes and maintains the enterprise vision, strategy and program to ensure information assets and technologies are adequately protected. The Sr. Director serves the role of Chief Information Security Officer (CISO) and is responsible for all IT security aspects of the organizations information technology and systems, including policies, standards, and oversight of security operations management. The Sr. Director Information Security demonstrates expertise in healthcare business, understands hospital related technical and business environment, familiarity with federal regulations (HIPPA, HITECH) and national standards (HITRUST), experience with auditing, risk management, vulnerability assessments, contract/vendor negotiations, and cyber-security and incident management. In the role of the CISO: Develops Information Technology Security Strategic Plan and Program Determines the most critical areas to address: Designs, updates and supports implementation of information security policies and standards Provides interpretations of current policies related to specific situations as they arise Develops business cases for security initiative Plan, execute and evaluate security programs Monitors security trends and legislation locally and nationally Prepares cost and budget estimates Coordinates internal and external security audits Oversees incident response planning and security breach investigations Serves as Chief Incident Manager to whom incidents are reported Serves as Incident Management Lead on critical incidents Supervises development of security awareness and training programs Qualifications Bachelor's degree required, master's degree preferred (major in computer science related discipline or information systems discipline preferred) Fifteen years information technology experience including 5 years of management experience with solid background in enterprise wide information security protection. Five years people management experience including hiring, coaching, and developing internal staff members and managing external resources to achieve goals and deliverables. Demonstrates understanding of overall hospital operations and how work is accomplished between departments and divisions, and its implications for IT infrastructure development. Proven ability to lead and influence organizations leaders to support efforts and implementation of strategic initiatives that impact organization's performance, systems, processes and structure. Please forward your resume to for immediate consideration. - provided by Dice
