Live chat
Sovereign Bank

Business Information Security Officer-BISO

Sovereign Bank - Boston, MA

Business Information Security Officer-BISO','1802981','!*!The BISO functions as the central information security

advocate for the assigned business division. They will provide cyber security

risk advice and consultation to business partners; enable businesses to

effectively manage risk within the company’s risk appetite and meet business

objectives. The BISO will facilitate communication and execution of enterprise

wide information security programs, deliver enterprise awareness training and

promote corporate cyber security awareness activities.

They will support the businesses risk assessment of system

applications, third parties and infrastructure and validate that security and

technology controls are implemented to support business requirements. In

addition, they will coordinate business continuity and disaster recovery plans

and lead testing of plans and other scenario based exercises. They will achieve

results by consistently identifying, assessing, managing, monitoring, and

reporting risks of all types. The BISO will manage the development and/or

implementation of significant or Bank-wide Technology Controls / Information

Security strategies, policies, programs, tools and provide expert advice and

guidance on technical solutions.

They will oversee control and governance activities and

identify and assess potential security risks, breaches/ exposures impacting

highly complex / high risk businesses or transformational (change the bank)

strategic initiatives primarily interfacing with executive and/or functional

stakeholders across the Bank. The BISO is accountable for always doing the

right thing for customers and colleagues, and ensures that actions and

behaviors drive a positive customer experience.

Responsibilities:Approve elevated access (USB/CD, PC Admin, Level 1, etc.).Coordinate and execute regular review of access for DSAs for

LOB, Develop the appropriate LOB security roles for access to Bancorp assets.Approve unique LOB access requests, Manage annual access

review for LOB.Coordinate and develop business continuity and disaster

recovery plans and lead testing of plans and other scenario based exercises. Lead regular testing

of high-risk applications and processes. Lead scenario analysis

and testing specific to LOB, Create and manage inventory and control of all

repositories that house high risk data (PCI, PII, HIPAA).Develop and manage DLP parameters specific to LOB areas.Drive data protection strategy and initiatives through

assigned LOB areas Ensure 100% completion of all required security training for

assigned LOB.Lead security-based training that is specific to LOB.Promote corporate cyber security awareness activities and

implement security awareness concepts locally, customizing communications to be

suitable for the business.Act as point of contact for providing responses to RFP received

by LOB from potential customer.Ensure compliance with policy and standards for LOB Marketing

areas (communications, websites).Manage security exceptions to contract language during

negotiation.Serve as key contributor to LOB NPBA and Change Management

process and TPRM.Approve and manage exceptions to policies and standards for

assigned LOB area.Assist with the adherence of information security policies,

standards and procedures.Advise on deviation control alternatives, such as

compensating controls, and assist with standard exception process.Develop security policies/standards/procedures specific to

assigned LOB area Drive cyber security specific strategic initiatives through

assigned LOB areas.Ensure LOB compliance to IT/Security related policies and

standards.Lead issues management activities (audit, Federal Reserve,

self-identified, etc.).Work with LOBs to ensure cyber security-related requirements

and funds are included in strategic initiatives.','!*!Advanced skills with MS-Windows and other related PC

applications.Ability to interpret and apply policies and regulations across

a large, complex business.Ability to manage multiple complex priorities and competing

agendas without express authority over delivery teams.Analytical aptitude with an emphasis on investigative,

methodical critical questioning and logical thinking; a data-driven decision

maker.High level of interpersonal skills to interact with leaders

at multiple levels and facilitate team interactions.Possess a working knowledge of the activities within the

lines of business; in-depth banking knowledge preferred.Project management experience highly desired.Strong understanding of audit/risk management methodologies

and regulatory requirements pertaining to information security, privacy and/or

data security.','Operational & Process Control','Massachusetts-Boston','','Full-time','May 7, 2018','','false','Business Information Security Officer-BISO

13 days 18 hours ago

Sovereign Bank


Business Information Security Officer-BISO Sovereign Bank - Boston, MA, United States


Location: Boston, MA

Company Profile:
Access our current and historical news, and learn about our investment in our communities and our history. At Sovereign Bank, we are committed to: