AVP, Information Security Operations - (887)

We are a bank that strives to be the premier financial partner to our customers in our market segment, and to assist our customers in reaching their financial goals and dreams. We have Integrity in everything we do. We have strategic, effective leadership that inspires everyone around us. We hire exceptional employees who are the most important asset to drive our success. We provide extraordinary service to our customers, both internally and externally.
We are celebrating our 55th anniversary in April of this year, as the first Chinese-American bank in Southern California to now a full-service bank covering nine states and having overseas presence in Asia.
We are CATHAY BANK - www.cathaybank.com
This position is responsible for oversight of the daily information security operations of the bank to include monitoring, user entitlements, user access review, software patching, audit, vulnerability and risk assessments, review of controls and update policies, standards and procedures. Position is responsible for auditing the Bank's network and network based / accessible systems and data and to secure it in accordance with bank, IT and IS policies.
Monitors compliance with security programs and protocols across all applicable endpoints, servers and network equipment.
Assists in establishing procedures and policies for the IS analysts to assure complete and uninterrupted monitoring and reporting of all information security related activities appropriate to an institution of the Bank's size and complexity.
Assures appropriate documentation of monitoring, scanning, and audit efforts and results; reports activities to appropriate management and Board committees as required by policy.
Assists in the Banks' periodic risk assessments of informational assets and related threats and controls in a manner consistent with regulatory expectations and guidelines.
Participates in the development of information security policies and procedures as they apply to Bank informational assets, networks and equipment.
Reports security violations to appropriate management and assists with incident response under the direction of the ISO and assures adequate documentation of all information security incidents and related incident responses. Acts as a liaison between Information Security and employees impacted by such security incidents.
Assists in establishing, planning and administering overall policies and goals for the system security requirements and baseline configurations.
Participates in efforts to remediate audit and regulatory findings and recommendations.
Gathers and analyzes performance and compliance data/metrics related to the Bank's information security and information risk management standards.
Minimum qualifications/requirements:
Education: College degree in Information Technology or Information Security or equivalent. CISSP or similar security certifications. CISA, CEH or similar forensic, incident handling certifications. Cisco, Microsoft and similar network and system certifications beneficial.
Experience: 5-7 years minimum of experience working as an information security analyst or in IT audit, preferably within the financial services industry.
Skills/Ability: Proven ability to initiate and manage projects that will affect other departments and functions, as well as the corporate environment; excellent verbal and written communication skills; knowledge of information security reference points within contracts; high analytical, research and interpersonal skills, must be on call 24/7 and available to respond to banking emergencies.
It is the individual responsibility of every employee to maintain a current awareness and understanding of appropriate banking laws, regulations, internal policies and procedures, and to comply fully with those laws, regulations, policies and procedures. From time to time, employees may be assigned tasks or duties as deemed appropriate by their supervisors. The above statements are intended to describe the general nature and level of work being performed. They are not intended to be construed, as an exhaustive list of all responsibility, duties and skills required of personnel so classified.

Don't Be Fooled

The fraudster will send a check to the victim who has accepted a job. The check can be for multiple reasons such as signing bonus, supplies, etc. The victim will be instructed to deposit the check and use the money for any of these reasons and then instructed to send the remaining funds to the fraudster. The check will bounce and the victim is left responsible.

More Jobs

Security Operator, Physical Threat Assessment ...
Irvine, CA Blizzard Entertainment, Inc.