Information Security Officer

• Bachelor's degree in a related business field or 4 years of related experience
• 7 years' experience in Information Security or Data Security
• 5 years' management experience
• 3 years' business continuity planning experience
• Extensive knowledge of security technologies, processes, and controls
• Experience developing, implementing and enforcing information security standards and procedures
• Experience in vendor contract management
• Proficient in Microsoft Office Suite to include Word, Excel, Outlook, PowerPoint, Teams
• Developed cognitive skills to include Organization & Planning, Decision-Making, Judgement, Problem Solving, Analytical
• Developed intrapersonal skills to include Follow-Through, Resourcefulness, Tenacity, Initiative, Development
• Developed interpersonal skills to include Collaboration, Client Focus, Influence, Versatility, Communication: Listening, Speaking, and Writing
• Developed technology skills to include Technical Acumen, Project Management, Knowledge Management, Social Branding
• Developed leadership skills to include Coaching & Development, Achieving Results, Relationship Management, Leading Teams, Addressing Conflict, Business Acumen, Strategic Thinking

• Certified Information Security Manager (CISM), Certified Risk and Information Systems Control (CRISC) or equivalent experience
• 5 years of experience in a banking environment

Data Security

• Manage risks related to data security and report results to the Board of Directors and executive management
• Collaborate with IT to identify threats and vulnerabilities. Determine risk and recommend control strategies
• Conduct monitoring of compliance with the information security program and effectiveness of controls. Document and report all test results
• Oversee and conduct data security risk management activities (risk assessment, gap analysis, business impact analysis, etc.) to ensure the enterprise reaches an acceptable level of risk
• Advise and make recommendations regarding appropriate personnel, physical and technical data security controls
• Manage the information security incident management program to ensure the prevention, detection, containment, and correction of security breaches
• Participate in resolving problems with security violations
• Conduct security monitoring and testing
• Gather documentation for audits and examinations. Manage remediation efforts for data security department audit recommendations
• Maintain data security policies and train staff on appropriate policies
• Conduct audits and risk assessments and summarizes findings
• Review and evaluate internal operations and controls
• Oversee the migration of non-compliant environments to compliant environments
• Ensure compliance with data protection guidelines and applicable laws
• Stay current on the latest information security standards and best practices.
• Participate in Privacy compliance. Revise Privacy Notices in response to new regulations or business needs

Vendor Management

• Oversee the third-party/vendor management program
• Follow established vendor management processes and frameworks to onboard, nurture, and support vendor relationships, control costs, manage risks and maximize service efficiency
• Review contracts, due diligence, and track expiration and renewal dates
• Coordinate with vendors and internal stakeholders to identify, address, and resolve problems or operational inefficiencies
• Work closely with internal teams to monitor, maintain, and improve existing vendor relationships
• Conduct regular business reviews to ensure compliance with company expectations, review issues, and develop solutions

Business Continuity

• Oversee Business Continuity Planning.
• Gather information from managers on business processes and annual Business Continuity testing and monitor testing
• Establish a framework and methodology to manage all business continuity life cycle activities, including risk assessment, business impact analysis, strategy development, implementation, testing and review, plan maintenance and updates
• Lead periodic review, validation, and workflow testing of documented business continuity plans
• Develop and implement organization-wide communications

General

• Management duties to include: timecard reviews/approvals, setting work schedules/managing overtime, participating in the hiring process for direct report openings, fostering professional development of direct reports, conducting mid-year and annual performance evaluations, coaching associates through the disciplinary process and ensuring team adherence to company policies and procedures
• Consistently exemplifies our Core Values of Integrity, Community, Dependability, Excellence, Longevity, and Accountability
• Complies with regulatory rules and regulations evidenced through successful completion of training and demonstrated ability
• Performs other duties and/or special projects as appointed by management
• Physical Requirements: primarily sitting with some standing, walking, lifting and bending

Fidelity Bank is an Equal Opportunity Employer/Veterans/Disabled. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, pregnancy, genetic information, disability, status as a protected veteran, or any other protected category under applicable federal, state, and local laws. Fidelity promotes a drug free workplace.

If you require an accommodation to submit your application for an open position, please send an email request to talentmanagement@bankwithfidelity.com. All information provided will be kept confidential and will only be used to the extent required to provide the needed reasonable accommodation.

For assistance or questions regarding the recruitment process, please email talentmanagement@bankwithfidelity.com.

This position is located in Metairie, LA, 70002.