Information Security Officer
Company: WaFd Bank
Posted on: May 27, 2023
The Information Security Officer (ISO) is responsible for
developing and implementing a comprehensive information security
program for the organization. The ISO is responsible for
identifying, evaluating, and mitigating information security risks
to the organization, while ensuring that security policies and
procedures comply with applicable laws and regulations.
Along with the key functions listed below, this position will be
expected to uphold the value that WaFd Bank places on simply being
nice when servicing our co-workers and clients.
ESSENTIAL DUTIES AND RESPONSIBILITIES include the following. -
Other duties may be assigned: -
- Develop and implement an information security strategy and
program that is aligned with the organization's business objectives
- Identify, evaluate, and help mitigate information security
risks to the organization, including risks associated with the use,
processing, storage, and transmission of confidential
- Develop and maintain information security policies, standards,
procedures, and guidelines, and ensure that they are regularly
reviewed and updated to reflect changes in the threat landscape and
regulatory requirements. Develop and manage an information security
roadmap, to ensure that investments in security technology and
services are aligned with the organization's risk management
- Conduct regular information security risk assessments in
accordance with FFIEC and GLBA expectations.
- Oversee, monitor, and provide guidance with the implementation
and operations of business and technical systems to ensure
reasonable information security practices, standards, and policies
- Develop and implement security awareness and training programs
for all colleagues and contractors.
- Establish and maintain effective relationships with internal
stakeholders, external partners, and regulatory agencies, and
communicate information security risks and issues to the executive
team and board of directors.
- Provide regular reporting on the status of the information
security program to enterprise risk teams, senior business leaders,
and the board of directors as part of a strategic enterprise risk
- Develop and maintain an incident response plan and lead the
organization's response to information security incidents,
including conducting post-incident reviews and developing and
implementing remediation plans.
- Actively participate in third party risk management reviews to
ensure information security requirements are appropriately being
- Develop, implement, and maintain the company's business
resiliency program and associated activities.
- Partner with various business units to ensure that all
information owned, collected, or controlled by, or on behalf of,
the company is processed and stored in accordance with applicable
laws and other global regulatory requirements.
- Stay up to date with the latest information security threats,
vulnerabilities, and trends, and provide guidance to the
organization on how to respond to emerging threats and risks.
- Minimum of five years' experience within risk management,
information security, or information technology leadership
- Excellent written and verbal communication skills,
interpersonal and collaborative skills, and the ability to
communicate information security and risk-related concepts to
technical and nontechnical audiences at various hierarchical
levels, ranging from board members to technical
- Proven track record and experience in developing information
security policies and procedures, as well as successfully executing
programs that meet or exceed objectives in a dynamic business
- High level of personal integrity, as well as the ability to
professionally handle confidential matters and show an appropriate
level of judgment and maturity.
- Sound knowledge of business management, information security
risk management, and cybersecurity technologies.
- Knowledge and understanding of relevant legal and regulatory
expectations, such as FFIEC Guidelines, Section 404 of the
Sarbanes-Oxley Act, and the Gramm-Leach-Bliley Act (GLBA)
- Strong knowledge of information security frameworks, such as
ISO 27001, NIST CSF, and COBIT.
- Certified Information Systems Security Professional (CISSP),
Certified Information Security Manager (CISM), or other relevant
At WaFd Bank you get all of these great benefits!
- Paid time off for vacation, sick days and holidays
- Health insurance
- Stock options
- Bonus programs
- Generous 7% 401(k) employer matching*
- Paid Parental Leave
- Life and AD&D insurance
- Long-term disability
- Tuition Reimbursement
- Employee assistance programs
- Pre-tax health and dependent-care spending plans
WaFd Bank Benefits Summary - Click here for more information
EEO is The Law - click here for more information
Equal Opportunity Employer Minorities/Women/Protected
We are committed to Equal Employment Opportunity and Affirmative
Action. - We recruit, hire, train and promote persons in all job
titles and ensure that all other personnel actions are administered
without regard to race, religion, color, national origin,
citizenship, sex, sexual orientation, gender identity, age, veteran
status, disability, genetic information, or any other protected
characteristic. - WaFd Bank is committed to providing reasonable
accommodations to employees and applicants with disabilities to the
full extent required by the Americans with Disabilities Act (ADA).
- If you feel you need a reasonable accommodation pursuant to the
ADA, you are encouraged to contact us at 800.324.9375.
Know Your Rights: Workplace Discrimination is Illegal - click here
for more information
Pay Transparency Nondiscrimination Provision - click here for more
WaFd Bank Benefits Summary - click here for more information
Requisition Post Information* : Posted Date4/21/2023
Keywords: WaFd Bank, Seattle , Information Security Officer, Other , Seattle, Washington
Didn't find what you're looking for? Search again!
Loading more jobs...