CTC

Charlotte North Carolina United States

No

Job Description:
Position: Standards Coordinator -Information Security Specialist
Location: Hybrid - 2 days/week in office- Cherry Hill, NJ or Charlotte, NC
Duration: Contract to Hire

Position Overview: Responsible for defining, developing, and implementing Technology Controls and Information Security policies and programs. This role involves providing expert guidance on risk assessments, identifying security gaps, and implementing solutions to protect the Bank. The position may also involve participating in moderately to highly complex projects and delivering in-depth reporting, analysis, and assessments at both functional and enterprise levels.

Key Responsibilities:

Customer Focus:

• Provide expert consultation and advice on a wide range of Technology Controls and Information Security policies, standards, and incidents within your area of specialization.
• Offer project consulting services, including risk assessments, defining necessary controls, evaluating the effectiveness of control procedures, and conducting vulnerability assessments.
• Lead or contribute to risk and control design assessments for application portfolios, documenting the impact of control gaps on the business, and developing remediation strategies.
• Support the development and oversight of a global security management strategy and framework.
• Ensure that technology, processes, and governance are in place to monitor, detect, prevent, and respond to both current and emerging security threats.
• Develop ongoing Technology Risk reporting, monitor key trends, and define metrics to measure control effectiveness within your area.
• Collaborate with technology partners, stakeholders, and service/platform owners to integrate all security components into the Bank's overall Enterprise Architecture, addressing any control gaps.
• Consult on regulatory compliance requirements, reporting, and related inquiries.
• Provide support and consulting during audits, including preparing management responses and designing appropriate remediation activities.
• Participate in computer security incident responses relevant to business or enterprise-wide incidents, representing the business's needs to the incident response team.

Shareholder Focus:

• Adhere to internal policies, technology control standards, and applicable regulatory guidelines.
• Contribute to reviewing internal processes, identifying opportunities for improvement.
• Oversee and enforce enterprise frameworks and methodologies related to technology controls and information security activities.
• Influence behaviors to reduce risk and promote a strong risk management culture across the enterprise.
• Stay informed of emerging issues, industry trends, and regulatory changes, assessing their potential impact on the Bank.
• Develop, implement, and manage standards, policies, and solutions that mitigate risk while maximizing security, service availability, and operational efficiency.
• Maintain strong relationships with other areas of Technology, business units, and control functions to ensure alignment with enterprise and regulatory requirements.
• Assess and escalate key issues to appropriate levels and stakeholders as necessary.
• Foster a culture of risk management and control, supported by effective processes and infrastructure in alignment with the Bank's risk appetite.
• Participate as a subject matter expert in business-specific, cross-functional, or enterprise initiatives, providing guidance and identifying risks.
• Contribute to complex reporting, analysis, and assessments at the functional or enterprise level.

Employee Focus:

• Continuously enhance knowledge and expertise in your area.
• Stay updated on emerging trends and developments while expanding your understanding of the business, analytical tools, and techniques.
• Prioritize and manage your workload to deliver quality results within assigned timelines.
• Support a positive work environment that promotes business service, quality, innovation, and teamwork, ensuring timely communication of issues.
• Identify and recommend opportunities to enhance productivity, effectiveness, and operational efficiency.
• Build effective relationships across multiple business and technology partners, program managers, and project managers.
• Participate in knowledge transfer within the team and business units.

Breadth & Depth:

• Possess expert knowledge of IT security, risk disciplines, and practices.
• Demonstrate advanced knowledge of organizational, technology control, security, and risk issues.
• Participate in complex or large projects and initiatives.
• Serve as a lead expert resource in technology controls and information security for project teams, business units, and external vendors.