You haven't searched anything yet.
POSITION PURPOSE
As the Information Security Incident Manager, you will be at the forefront of our cyber defense strategies. This role
involves overseeing incident response and ensuring the bank remains proactive against emerging threats. This
candidate will be responsible for developing and implementing a comprehensive strategy for information security
incident response operations. The successful candidate demonstrates strong knowledge of technology risk
management, experience with the information security controls, communicates well, is trustworthy in confidential
matters, maintains credibility with stakeholders, and his/her capabilities and energies to meet business objectives.
This role is expected to have a thorough understanding of complex IT systems and stay up to date with the latest
security standards, systems, and authentication protocols, as well as best practice security products. This person
will work closely with key stakeholders to ensure the proper information security controls are in place to minimize
risk and ensure compliance with Information Security Policy, Standards and Controls, FFIEC, NIST, CIS Security
Standards, Data Privacy regulations and the Payment Card Industry – Data Security Standards (PCI-DSS).
This position will report directly to the Vice President of Architecture and Security Operations.
ESSENTIAL DUTIES AND FUNCTIONS
1. Incident Response:
• Mature the Tier 2 function within the Security Operations Center (SOC)
• Lead and mentor the incident response team in detecting, investigating, and mitigating security
incidents.
• Develop and refine incident response plans and procedures.
• Collaborate with other departments during incidents to ensure timely communication and
appropriate response.
• Conduct post-incident analysis to identify root causes and lessons learned, and drive process
improvements.
2. Strategic Leadership:
• Develop and implement a comprehensive strategy for information security incident response.
• In tandem with the Security Awareness team, foster a culture of security awareness across the Bank.
• Partner with senior leadership to align security priorities with business objectives.
3. Reporting & Communication:
• Provide regular updates on the security posture of the Bank to senior management.
• Engage with industry partners, law enforcement agencies, and other external entities as necessary.
• Ensure all regulatory reporting obligations related to security incidents are met.
4. Continuous Learning
• Encourage the team to stay updated with the latest cybersecurity trends, tools, and practices.
• Invest in training and certifications to enhance team capabilities.
• All other duties as assigned.
____________________________________________________________________________________
QUALIFICATIONS
• Minimum of 5 years in information security, with at least 3 years in a management role.
• Proven track record in managing incident response activities.
• Strong understanding of cloud and network security architecture and design.
• Knowledge of application, database, and web server secure design and implementation.
• Proven ability to effectively analyze and develop options that balance business needs with information
security threats.
• Advanced trouble-shooting and subject matter expertise with information security and technology tools.
• Ability to lead and motivate cross-functional, interdisciplinary teams to achieve tactical and strategic goals.
• Experience developing and implementing security policies and/or standards.
• Excellent working knowledge of operating systems and related applications.
• Solid understanding of security protocols, cryptography, authentication, authorization, and security.
• Ability to research, analyze and resolve complex problems with minimal supervision and escalate issues as
appropriate.
• Strong analytical skills.
• Excellent communication and presentation skills.
• Able to work independently and be a self-starter, managing multiple tasks according to priorities, and results
oriented and proven ability to meet deadlines.
• Understanding of qualitative vs. quantitative risk management and inherent vs. residual risk to properly
determine, evaluate, and report on technology risk levels.
• Experience with data and analytics.
• Experience with dashboards and data visualization tools.
• Demonstrate working knowledge of industry standards (NIST CSF, NIST-800-53, CIS, PCI-DSS, ITIL).
• Building and managing relationships at all levels within the organization.
• Strong understanding of banking regulations and compliance requirements related to information security.
• Banking or Financial services industry highly preferred.
• Bachelor’s degree in computer science, Information Systems, or a related field. Advanced degrees preferred.
• Relevant certifications such as CISSP, CISM, CISA, or equivalent are highly desirable.
Full Time
$113k-141k (estimate)
04/28/2024
05/11/2024
prosperitybankusa.com
LUBBOCK, TX
3,000 - 7,500
1983
DAVID ZALMAN
$1B - $3B
Banking
At Prosperity Bank, we believe in a community banking philosophy where personal relationships and great experiences go hand-in-hand. We provide convenient technology options that our customers expect all backed by the highest level of security. At every touch point, youll find knowledgeable associates ready to serve our customers with accuracy and a smile time and time again. Prosperity provides personal banking services and investments to consumers and small to medium sized businesses throughout Texas and Oklahoma. Founded in 1983, Prosperity ranks among the top 100 U.S. banks in assets.