You haven't searched anything yet.
SUMMARY
The Head of Information Security is responsible for planning, implementing and maintaining the information security program, including cybersecurity. The information security program is designed to ensure the confidentiality, integrity, and availability of the information in compliance with industry/banking regulations. This position will work closely with the Information Technology staff as well as stakeholders in other business units to manage information and cyber security risk, including risk identification and mitigation. The Information Security program involves several team members, who are responsible for ongoing risk assessment, evaluation of appropriate security controls, development and monitoring of policies and standards, security awareness and training programs, project and product development consultation, incident response program management, and proactive compliance with industry regulations related to information security.
Ensures compliance with established Company policies and procedures. Demonstrates knowledge of, adherence to, monitoring and responsibility for compliance with state and federal regulations and laws as they pertain to this position including but not limited to the following: Regulation Z (Truth in Lending Act), Regulation B (Equal Credit Opportunity Act), Home Mortgage Disclosure Act, Real Estate Settlement Procedures Act, Fair Credit Reporting Act, Bank Secrecy Act in conjunction with the USA PATRIOT Act, Anti-Money Laundering and Customer Information Program, Right to Financial Privacy Act (state and federal) and Community Reinvestment Act.
REQUIRED DUTIES
1. Partner and influence stakeholders across the organization to achieve the goals outlined in the Information Security Program. Demonstrated strong leadership and management skills and the ability to secure results through others.
2. Develops and implements policies and procedures to ensure compliance with established regulatory guidelines to safe guard the bank’s information environment.
3. Develops and delivers information security, privacy and data loss prevention programs to include information in electronic, print and other formats.
4. Facilitates enterprise-wide training on pertinent security issues are appropriate and adequate.
5. Ensures the Information Security Program is appropriately designed to ensure a holistic enterprise-wide perspective with reducing the overall information security risk.
6. Ensures that information created, acquired or maintained is used in accordance with its intended purpose to protect its infrastructure from external or internal threats and to ensure the organization complies with statutory and regulatory requirements regarding information access, security and privacy.
7. Implements an ongoing risk assessment program targeting information security, cybersecurity, and privacy matters; recommends methods for vulnerability detection and remediation and performs and/or oversees vulnerability testing.
8. Keeps abreast of the latest security and privacy legislation, regulations, advisories, alerts and vulnerabilities pertaining to the organization. Conducts continual research to maintain knowledge of technology, customer needs and overall requirements; stays current with advancements in technology relative to data administration, security, related services, and FFIEC Guidelines; makes recommendations to evolve information security practices and procedures to accommodate such changes.
9. Maintains advanced knowledge and awareness of financial industry technical status and trends.
10. Informs the board, management, and staff of information security and cybersecurity risks. Participates in information sharing sites (e.g., Financial Services Information Sharing and Analysis Center) on cyber threats and vulnerabilities that may affect Hanmi Bank.
11. Develops and manages information security resources or budget to maintain an effective information security program.
12. Provides a quarterly state of the Information Security Program report to the Risk Committee.
13. Monitors, maintains and adjusts the Information Security Program in light of audit findings and recommendations, changes in the internal and external landscape, relevant changes in technology, and changes in business strategy.
14. Monitors staff in daily tasks, operations and quality control.
15. Consistently applies logical decision making techniques pertaining to inquiries, approvals and requests as they apply to existing policies and procedures, keeping within assigned approval limits and using these instances as learning tools for employee development.
16. Treats people with respect; keeps commitments; inspires the trust of others; works ethically and with integrity; upholds organizational values; accepts responsibility for own actions.
17. Demonstrates knowledge of and adherence to EEO policy; shows respect and sensitivity for cultural differences; educates others on the value of diversity; promotes working environment free of harassment of any type; builds a diverse workforce and supports affirmative action.
18. Follows policies and procedures; completes tasks correctly and on time; supports the company’s goals and values.
19. Performs the position safely, without endangering the health or safety to themselves or others and will be expected to report potentially unsafe conditions. The employee shall comply with occupational safety and health standards and all rules, regulations and orders issued pursuant to the OSHA Act of 1970, which are applicable to one’s own actions and conduct.
20. Performs duties specific to the position and other functions as assigned.
MINIMUM REQUIREMENTS
These specifications are general guidelines based on the minimum experience normally considered essential to the satisfactory performance of this position. The requirements listed below are representative of the knowledge, skill and/or ability required to perform the position in a satisfactory manner. Individual abilities may result in some deviation from these guidelines.
Pay $150,000 - $205,000 per year. The salary reflects the full salary range for this position. Individual placement within the range is based on the candidate’s current experience, education, skills, and abilities related to the position. Successful candidates typically begin up from the beginning to mid-point of the salary range. Successful candidates may be eligible for [bonus/stock/commissions/incentives] at the Company’s sole discretion. We offer a comprehensive benefits package which includes paid sick and vacation leave; paid holidays; medical, dental, vision, life and disability insurance package for employees and dependents; various other voluntary benefit offerings, and optional retirement accounts.
We are an Equal Opportunity Employer. All applicants will receive consideration for employment without regard to race, color, ancestry, religion, sex, national origin, sexual orientation, age, marital status, disability, gender identity, gender expression, genetic information, or military or Veteran status, or any other characteristic protected by law.
Full Time
Banking
$151k-186k (estimate)
05/23/2024
07/21/2024
hanmi.com
LOS ANGELES, CA
500 - 1,000
1982
Public
JUDY LEE
$5M - $10M
Banking
Hanmi is a California-based financial institution that provides banking products and services for individuals and businesses.
The job skills required for Head of Information Security include Information Security, Leadership, Analysis, Cybersecurity, CISSP, Incident Response, etc. Having related job skills and expertise will give you an advantage when applying to be a Head of Information Security. That makes you unique and can impact how much salary you can get paid. Below are job openings related to skills required by Head of Information Security. Select any job title you are interested in and start to search job requirements.
The following is the career advancement route for Head of Information Security positions, which can be used as a reference in future career path planning. As a Head of Information Security, it can be promoted into senior positions as a Cross-Platform Security Manager that are expected to handle more key tasks, people in this role will get a higher salary paid than an ordinary Head of Information Security. You can explore the career advancement for a Head of Information Security below and select your interested title to get hiring information.