FinWise Bank
2 days ago Be among the first 25 applicants
Get AI-powered advice on this job and more exclusive features.
This range is provided by FinWise Bank. Your actual pay will be based on your skills and experience — talk with your recruiter to learn more.
Base pay range $80,000.00/yr - $100,000.00/yr
This position will be in office at our Murray, Utah location.
FinWise Bank is a commercial institution located in Murray, Utah that offers exceptional products in a manner that continually surpasses expectations. Information Security is a vital part of the Bank’s structure, and the Risk and Compliance Division supports the Bank in these efforts. The Information Security Manager will work closely with the VP, Information Security Officer (ISO) to promote Information Security standards, controls, and best practices across the Bank. This role will be responsible for monitoring the security posture of Strategic Partners, conducting due diligence reviews of third parties with access to the Bank’s sensitive data. This role will also have oversight activities of the Information Technology Division. This will be accomplished by monitoring security measures for the protection of computing networks and data delivery systems used throughout the Bank.
Tasks
Serve as the primary point of contact between the Bank and assigned Strategic Partners for all matters related to Information Security.
Provide visibility to the ISO about the security posture of assigned Strategic Partners.
Monitor that assigned Strategic Partners are providing expected oversight documentation.
Escalate all assigned Strategic Partner issues to the ISO.
Participate in annual virtual or onsite visits of assigned Strategic Partners.
Review policies, plans, procedures, security assessments, monitoring alerts, architectural diagrams, testing results, and audits from assigned Strategic Partners to ensure compliance with applicable banking regulations using a risk-based approach.
Develop strong and collaborative professional relationships with Program Management, Vendor Management, IT teams at FinWise Bank as well as counterparts at Strategic Partners.
Review and assess the security posture of third parties by evaluating submitted evidence and requesting additional documentation when appropriate.
Create, modify, and enhance Information Security procedures and provide them to the ISO for review and approval.
Execute assigned Information Security tasks in a timely manner.
Escalate observed security issues, control gaps, or deficient third parties to the ISO.
Complete user access reviews of assigned Bank systems.
Conduct clean desk reviews at Bank premises.
Conduct investigations of security incidents leveraging the Bank’s security tools.
Ensure that security incidents associated with the Bank, third parties, or Strategic Partners are documented.
Other duties as assigned.
Knowledge, Skills, and Abilities
Manage concurrent activities with tight deliverables and a strong attention to detail.
Ability to handle highly confidential information and material in a professional manner.
Ability to communicate technical information in a manner comprehensible by individuals at varying degrees of experience and skill levels.
Outstanding technical security background as well as thorough understanding of relevant risk mitigation and technical controls following industry best practices from NIST, CIS, etc.
Direct experience with controls related to Information Security as defined by the FFIEC, FDIC, GLBA, SEC, SOX, PCI-DSS.
Demonstrate and apply a thorough understanding of Third-Party Risk Management, with specific focus on cyber security, data protection, business resiliency, and other security risks associated with the use or technology (e.g.: cloud, API, IT infrastructure, external audits, BCP/DR, and operational security functions).
Ability to assess and review third-party audit evidence from Strategic Partners such as: SOC reports, Penetration Testing reports, ITGC audit reports, PCI DSS SAQ/AOC/ROC, cyber insurance policies, etc.
Ability to evaluate and present clear business and technology recommendations to assigned Strategic Partners considering threats, vulnerabilities, risks, and Bank needs.
Ability to remain aware of current security threats, trends, and topics to support the security posture of the Bank and Strategic Partners.
Self-motivation and eagerness to learn.
Excellent written and verbal communication skills.
Required Education / Experience / License
BA/BS in a related subject (or equivalent professional experience)
3+ years of experience in Information Security
1+ years of experience in the financial services industry
At least one entry-level security certification (e.g.: Security+, CCOA, SSCP, etc.)
Preferred Education / Experience / License
Master’s degree in a related subject
At least one intermediate-level security certification (e.g.: CySA+, CISA, CCSP, etc.)
At least one advanced-level security certification (e.g.: CASP+, CISM, CISSP, etc.)
Sit or stand at a computer for extended periods of time and look at a computer screen for several hours a day.
Work at an assigned FinWise office location.
Communicate with others in person, on the phone, virtual meeting, and email.
Maintain confidentiality.
Lift 20 lbs.
Maintain regular and punctual attendance.
Work overtime as assigned.
Travel overnight as required.
Work cooperatively with others.
Driving during the workday.
Comply with all company policies and procedures.
Background checks are required on all Bank employees due to the accessibility of Personally Identifiable Information.
AAP/EEO Statement FinWise is an equal opportunity employer and dedicated to diversity and inclusion in the workplace. We do not discriminate on the basis of race, religion, color, national origin, sex, gender, gender identity, sexual orientation, age, marital status, pregnancy status, veteran status, or disability status.
FinWise provides reasonable accommodations to the known disabilities of individuals in compliance with the Americans with Disabilities Act. For accommodation information or if you need special accommodations to complete the application process, please contact the Human Resources Department at (801) 545 - 6041.
Qualified applicants with criminal history and conviction records will be considered in accordance with legal requirements.
Seniority level Associate
Employment type Full-time
Job function Finance and General Business
Industries Banking and Financial Services
Referrals increase your chances of interviewing at FinWise Bank by 2x
Inferred from the description for this job
Medical insurance
Vision insurance
401(k)
Paid maternity leave
Paid paternity leave
Tuition assistance
Disability insurance
Get notified when a new job is posted.
Sign in to set job alerts for “Information Security Manager” roles. Get notified when a new job is posted.
#J-18808-Ljbffr
Get AI-powered advice on this job and more exclusive features.
This range is provided by FinWise Bank. Your actual pay will be based on your skills and experience — talk with your recruiter to learn more.
Base pay range $80,000.00/yr - $100,000.00/yr
This position will be in office at our Murray, Utah location.
FinWise Bank is a commercial institution located in Murray, Utah that offers exceptional products in a manner that continually surpasses expectations. Information Security is a vital part of the Bank’s structure, and the Risk and Compliance Division supports the Bank in these efforts. The Information Security Manager will work closely with the VP, Information Security Officer (ISO) to promote Information Security standards, controls, and best practices across the Bank. This role will be responsible for monitoring the security posture of Strategic Partners, conducting due diligence reviews of third parties with access to the Bank’s sensitive data. This role will also have oversight activities of the Information Technology Division. This will be accomplished by monitoring security measures for the protection of computing networks and data delivery systems used throughout the Bank.
Tasks
Serve as the primary point of contact between the Bank and assigned Strategic Partners for all matters related to Information Security.
Provide visibility to the ISO about the security posture of assigned Strategic Partners.
Monitor that assigned Strategic Partners are providing expected oversight documentation.
Escalate all assigned Strategic Partner issues to the ISO.
Participate in annual virtual or onsite visits of assigned Strategic Partners.
Review policies, plans, procedures, security assessments, monitoring alerts, architectural diagrams, testing results, and audits from assigned Strategic Partners to ensure compliance with applicable banking regulations using a risk-based approach.
Develop strong and collaborative professional relationships with Program Management, Vendor Management, IT teams at FinWise Bank as well as counterparts at Strategic Partners.
Review and assess the security posture of third parties by evaluating submitted evidence and requesting additional documentation when appropriate.
Create, modify, and enhance Information Security procedures and provide them to the ISO for review and approval.
Execute assigned Information Security tasks in a timely manner.
Escalate observed security issues, control gaps, or deficient third parties to the ISO.
Complete user access reviews of assigned Bank systems.
Conduct clean desk reviews at Bank premises.
Conduct investigations of security incidents leveraging the Bank’s security tools.
Ensure that security incidents associated with the Bank, third parties, or Strategic Partners are documented.
Other duties as assigned.
Knowledge, Skills, and Abilities
Manage concurrent activities with tight deliverables and a strong attention to detail.
Ability to handle highly confidential information and material in a professional manner.
Ability to communicate technical information in a manner comprehensible by individuals at varying degrees of experience and skill levels.
Outstanding technical security background as well as thorough understanding of relevant risk mitigation and technical controls following industry best practices from NIST, CIS, etc.
Direct experience with controls related to Information Security as defined by the FFIEC, FDIC, GLBA, SEC, SOX, PCI-DSS.
Demonstrate and apply a thorough understanding of Third-Party Risk Management, with specific focus on cyber security, data protection, business resiliency, and other security risks associated with the use or technology (e.g.: cloud, API, IT infrastructure, external audits, BCP/DR, and operational security functions).
Ability to assess and review third-party audit evidence from Strategic Partners such as: SOC reports, Penetration Testing reports, ITGC audit reports, PCI DSS SAQ/AOC/ROC, cyber insurance policies, etc.
Ability to evaluate and present clear business and technology recommendations to assigned Strategic Partners considering threats, vulnerabilities, risks, and Bank needs.
Ability to remain aware of current security threats, trends, and topics to support the security posture of the Bank and Strategic Partners.
Self-motivation and eagerness to learn.
Excellent written and verbal communication skills.
Required Education / Experience / License
BA/BS in a related subject (or equivalent professional experience)
3+ years of experience in Information Security
1+ years of experience in the financial services industry
At least one entry-level security certification (e.g.: Security+, CCOA, SSCP, etc.)
Preferred Education / Experience / License
Master’s degree in a related subject
At least one intermediate-level security certification (e.g.: CySA+, CISA, CCSP, etc.)
At least one advanced-level security certification (e.g.: CASP+, CISM, CISSP, etc.)
Sit or stand at a computer for extended periods of time and look at a computer screen for several hours a day.
Work at an assigned FinWise office location.
Communicate with others in person, on the phone, virtual meeting, and email.
Maintain confidentiality.
Lift 20 lbs.
Maintain regular and punctual attendance.
Work overtime as assigned.
Travel overnight as required.
Work cooperatively with others.
Driving during the workday.
Comply with all company policies and procedures.
Background checks are required on all Bank employees due to the accessibility of Personally Identifiable Information.
AAP/EEO Statement FinWise is an equal opportunity employer and dedicated to diversity and inclusion in the workplace. We do not discriminate on the basis of race, religion, color, national origin, sex, gender, gender identity, sexual orientation, age, marital status, pregnancy status, veteran status, or disability status.
FinWise provides reasonable accommodations to the known disabilities of individuals in compliance with the Americans with Disabilities Act. For accommodation information or if you need special accommodations to complete the application process, please contact the Human Resources Department at (801) 545 - 6041.
Qualified applicants with criminal history and conviction records will be considered in accordance with legal requirements.
Seniority level Associate
Employment type Full-time
Job function Finance and General Business
Industries Banking and Financial Services
Referrals increase your chances of interviewing at FinWise Bank by 2x
Inferred from the description for this job
Medical insurance
Vision insurance
401(k)
Paid maternity leave
Paid paternity leave
Tuition assistance
Disability insurance
Get notified when a new job is posted.
Sign in to set job alerts for “Information Security Manager” roles. Get notified when a new job is posted.
#J-18808-Ljbffr