Manager, IT Security Risk & Controls

Under the direction of the Manager, responsible for the maintenance of the Information Security governance, risk, and compliance program and related policies. This position will lead and manage the design, build and identification of information security risks, improvement of information security awareness through education and training, and management of the Information Security and ID Theft program. Provides subject matter expertise in area of risk management methodology, security awareness, information technology (IT) controls management, and compliance management; seeking ways to continuously improve function to ensure strong security posture. Assists in business units' compliance with applicable laws, regulations, regulatory requirements and Bank policies and procedures, including but not limited to those related to Gramm-Leach-Bliley, Fair Banking, Anti-Money Laundering laws and regulations, Bank Secrecy Act, and USA PATRIOT Act.

IT Risk Management

• Leads and manages the information security risk management program, ensuring the identification, tracking, and timely remediation of information security related risk issues.

• Serves as the lead central point of contact and subject matter expert in area of information security risk management methodology and practice. Works closely with bank business units to ensure management of information security risk issues, including operation and vendor risk associated with acquisition of new technologies.

• Drives operational excellence by establishing and maintaining procedures, standards, and operational workflows, seeking continuous improvement opportunities, and ensuring effective management reporting. Oversees planning and recommendations of changes based on new or changing business requirements or evolving technology.

• Leads and manages information security and corporate technology governance program, ensuring policies and applicable procedures are complete and comprehensive, that new governance requirements are addressed, and that governance is kept up-to-date.

• Leads IT controls and compliance functions. Ensures coordination of annual internal audits, cybersecurity tabletop exercises, regulatory examinations, and alignment with Corporate Compliance function. Supervises team members to ensure adherence to corporate policy, regulatory requirements, and accepted best practices.

• Manages the security awareness program, ensuring that all employees and contractors understand the bank's information security program and policies. Meets with business units and information security coordinators to ensure specific business needs are understood and addressed. Administers testing and remediation tracking as needed.

Leadership

• Responsible for the management of all employees in the section including staffing and scheduling, compensation, performance management, training and development. Responsible for the timely and effective management of Human Resources forms and documents relevant to immediate staff. Leads the team by inspiring engagement and increasing the capabilities of others to optimize business results.

• Actively mentor and train teammates on Information Security processes, governance, and frameworks.

• Works cross-functionally with team members to support and drive a collaborative team environment.

• Generates innovative ideas and challenge the status quo.

• Establishes team goals and works with direct reports on strategies for executing and measuring process.

Subject Matter Expertise

• Maintains a strong understanding of the products, services, and activities of business units as well as Information Security principles and practices. Leverages that understanding to provide consulting, guidance, and education to stakeholders.

• Understands regulatory requirements related to BOH's portfolio, and represents IT risk management during internal, customer, or regulatory audits/assessments.

• Assists in the selection and tailoring of approaches, methods and tools to support service offering or industry projects.

• Demonstrates a general knowledge of market trends, competitor activities, as they align with BOH's strategic direction.

• Builds and nurtures positive working relationships across the bank with the intention of enabling agility, cost effectiveness and delivery as they support our customer experience goals and initiatives.

Miscellaneous

• Performs other miscellaneous responsibilities and duties as assigned.

This position requires use of a personal computer and other standard office equipment.

Skills

Third party risk, Risk management, Security, Compliance, Risk assessment

Additional Skills & Qualifications:

1. Education:

2. Bachelor's degree from an accredited institution or equivalent work related experience.

3. Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), and/or Certified Information Security Auditor (CISA), Certified Ethical Hacker (CEH), Project Management Professional (PMP), and/or SANS Global Information Assurance Certification (GIAC) certifications (or equivalent) preferred.

4. Experience:

5. Minimum 7 to 8 years of increasingly responsible positions in information security/ information technology, risk management, IT control design and management, and/or financial services compliance-related work experience with all levels of technical professionals and management.

6. Minimum 4 years of team leadership/supervisory/management experience supervising and mentoring technical professionals.

7. Ability to problem solve and identify solutions to information security risks appropriately based on business context and risk significance.

8. Experience in developing new risk and/or compliance and auditing management functions and capabilities within large, complex environments.

9. Proven track record of cross-functional collaboration, especially in building a security-first culture focused on enabling business needs.

10. Technical Skills:

11. Demonstrated proficiency and expertise with personal computers in a networked environment and Microsoft applications (Outlook, Word, Excel, Access, and PowerPoint) or similar software. Knowledge of or ability to use Bank software and systems.

12. Other Job Qualifications:

13. Utilize strong verbal and written communication skills across all levels of the organization.

14. Ability to express complex ideas in concise and simple terms.

15. Strong project management and organizational skills required to execute and complete projects on time. Ability to simultaneously manage multiple projects and assignments with varying deadlines

Experience Level

Expert

About TEKsystems:

We're partners in transformation. We help clients activate ideas and solutions to take advantage of a new world of opportunity. We are a team of 80,000 strong, working with over 6,000 clients, including 80% of the Fortune 500, across North America, Europe and Asia. As an industry leader in Full-Stack Technology Services, Talent Services, and real-world application, we work with progressive leaders to drive change. That's the power of true partnership. TEKsystems is an Allegis Group company.

The company is an equal opportunity employer and will consider all applications without regards to race, sex, age, color, religion, national origin, veteran status, disability, sexual orientation, gender identity, genetic information or any characteristic protected by law.