Virtual Information Security Officer: VISO
Remote, Not Specified
Employer: Jack Henry & Associates
Industry: Information Technology
Salary: $102000 - $152000 per year
Job type: Full-Time
At Jack Henry, we deliver technology solutions that are digitally transforming and empowering community banks and credit unions to provide enhanced and streamlined user experiences to their customers and members. Our best-in-class products are just the start as we lay the groundwork for the future of digital banking and payments. We hope you'll join us. We can't do it without you.
The Virtual Information Security Officer will be joining our Gladiator Governance, Risk, and Compliance Services (GRC) team that is responsible for risk assessment, policy management, vendor management, and business continuity management within a GRC platform - OnSpring. In this role, you will be performing technology- based asset risk assessments, control validations, and third-party/ vendor risk assessments. You will also lead ongoing compliance meetings with clients. The ideal candidate will have expert knowledge on regulatory requirements and industry standards (including the FFIEC Handbook and NIST frameworks) and industry trends for financial institutions along with outstanding communication and project management skills.
This position can be based to work out of any Jack Henry office or remotely from any US location. The target salary range for this position is $102-152k, based on location and experience.
What you'll be responsible for:
• Provide risk and compliance consulting services to financial institutions, including but not limited to:
• IT audit support.
• IT risk assessment.
• Vendor management/third party risk assessment management.
• Regulatory compliance consulting service engagements focused on initial and ongoing management of Information technology (IT) and information security.
• Onsite security review/evaluation services for IT Risk Assessment.
• Ongoing compliance management.
• Information security/cyber control assessment and validation.
• Virtual CISO services.
• Information Security Officer Advisory.
• Data Classification.
• Internal and external communications regarding IT, security, and compliance.
• Presentation to client and internal IT Steering Committees.
• Compliance guidance and support for Internal Operations.
• Third party risk management due diligence activities on behalf of clients.
• Ongoing education on FFIEC, FDIC, OCC, FRB, NCUA, SEC, SOX, GLBA and other regulatory agency guidance.
• Obtain and maintain current industry-related compliance certifications and memberships.
• Maintain detailed written documentation on all customer engagement/projects, including consulting services, training provided, client needs, meetings held, requests and/or issues, time tracking.
• May perform other job duties as assigned.
What you'll need to have:
• A minimum of 10 years of combined experience in information security, auditing, third party risk management (TPRM), and/or Governance, Risk, & Compliance.
• A minimum of 5 years within the financial industry.
• Project management experience.
• Expertise in regulatory requirements and industry trends for financial institutions, including one or more of the following: FFIEC, NIST, COBIT.
• Certifications: Certified Information Security Manager (CISM), Certified Information Security Auditor (CISA), Certified in Risk and Information Systems Control (CRISC), Certified in the Governance of Enterprise IT (CGEIT), Certified Information Systems Security Professional (CISSP), or ability to obtain within six months or employment.
• Ability to effectively manage multiple projects.
• Outstanding written and verbal communications skills.
• Ability to travel up to 10% to attend meetings, trainings, and/or professional conferences.
What would be nice for you to have:
• Bachelor's degree in IT, Computer Science, MIS, or Business.
• Experience working within a Managed Service Provider (MSP) environment.
• Background as an examiner or auditor.
• Background in information security and regulatory compliance consulting.
If you got this far, we hope you're feeling excited about this opportunity. Even if you don't feel you meet every single requirement on this posting, we still encourage you to apply. We're eager to meet motivated people who align with Jack Henry's mission and can contribute to our company in a variety of ways.
Why Jack Henry?
At Jack Henry, we pride ourselves through our motto of, "Do the right thing, do whatever it takes, and have fun." We recognize the value of our associates and believe much of our company's strength and success depends on their well-being.
We demonstrate our commitment by offering outstanding benefit programs to ensure the physical, mental & financial wellbeing of our people is always met.
Culture of Commitment
Ask our associates why they love Jack Henry, and many will tell you it is because our culture is exceptional. We do great things together. Rising to meet challenges and seeking opportunities is part of who we are as an organization. Our culture has helped us stay strong through challenging times and we credit our dedicated associates for our success. Visit our Corporate Responsibility site to learn more about our culture and commitment to our people, customers, community, environment, and shareholders.
Equal Employment Opportunity
At Jack Henry, we know we are better together. We value, respect, and protect the uniqueness each of us brings. Innovation flourishes by including all voices and makes our business-and our society-stronger. Jack Henry is an equal opportunity employer and we are committed to providing equal opportunity in all of our employment practices, including selection, hiring, performance management, promotion, transfer, compensation, benefits, education, training, social, and recreational activities to all persons regardless of race, religious creed, color, national origin, ancestry, physical disability, mental disability, genetic information, pregnancy, marital status, sex, gender, gender identity, gender expression, age, sexual orientation, and military and veteran status, or any other protected status protected by local, state or federal law.
No one will be subject to, and Jack Henry prohibits, any form of discipline, reprisal, intimidation, or retaliation for good faith reports or complaints of incidents of discrimination of any kind, pursuing any discrimination claim, or cooperating in related investigations.
Requests for full corporate job description may be requested through the interview process at any time.
The Virtual Information Security Officer will be joining our Gladiator Governance, Risk, and Compliance Services (GRC) team that is responsible for risk assessment, policy management, vendor management, and business continuity management within a GRC platform - OnSpring. In this role, you will be performing technology- based asset risk assessments, control validations, and third-party/ vendor risk assessments. You will also lead ongoing compliance meetings with clients. The ideal candidate will have expert knowledge on regulatory requirements and industry standards (including the FFIEC Handbook and NIST frameworks) and industry trends for financial institutions along with outstanding communication and project management skills.
This position can be based to work out of any Jack Henry office or remotely from any US location. The target salary range for this position is $102-152k, based on location and experience.
What you'll be responsible for:
• Provide risk and compliance consulting services to financial institutions, including but not limited to:
• IT audit support.
• IT risk assessment.
• Vendor management/third party risk assessment management.
• Regulatory compliance consulting service engagements focused on initial and ongoing management of Information technology (IT) and information security.
• Onsite security review/evaluation services for IT Risk Assessment.
• Ongoing compliance management.
• Information security/cyber control assessment and validation.
• Virtual CISO services.
• Information Security Officer Advisory.
• Data Classification.
• Internal and external communications regarding IT, security, and compliance.
• Presentation to client and internal IT Steering Committees.
• Compliance guidance and support for Internal Operations.
• Third party risk management due diligence activities on behalf of clients.
• Ongoing education on FFIEC, FDIC, OCC, FRB, NCUA, SEC, SOX, GLBA and other regulatory agency guidance.
• Obtain and maintain current industry-related compliance certifications and memberships.
• Maintain detailed written documentation on all customer engagement/projects, including consulting services, training provided, client needs, meetings held, requests and/or issues, time tracking.
• May perform other job duties as assigned.
What you'll need to have:
• A minimum of 10 years of combined experience in information security, auditing, third party risk management (TPRM), and/or Governance, Risk, & Compliance.
• A minimum of 5 years within the financial industry.
• Project management experience.
• Expertise in regulatory requirements and industry trends for financial institutions, including one or more of the following: FFIEC, NIST, COBIT.
• Certifications: Certified Information Security Manager (CISM), Certified Information Security Auditor (CISA), Certified in Risk and Information Systems Control (CRISC), Certified in the Governance of Enterprise IT (CGEIT), Certified Information Systems Security Professional (CISSP), or ability to obtain within six months or employment.
• Ability to effectively manage multiple projects.
• Outstanding written and verbal communications skills.
• Ability to travel up to 10% to attend meetings, trainings, and/or professional conferences.
What would be nice for you to have:
• Bachelor's degree in IT, Computer Science, MIS, or Business.
• Experience working within a Managed Service Provider (MSP) environment.
• Background as an examiner or auditor.
• Background in information security and regulatory compliance consulting.
If you got this far, we hope you're feeling excited about this opportunity. Even if you don't feel you meet every single requirement on this posting, we still encourage you to apply. We're eager to meet motivated people who align with Jack Henry's mission and can contribute to our company in a variety of ways.
Why Jack Henry?
At Jack Henry, we pride ourselves through our motto of, "Do the right thing, do whatever it takes, and have fun." We recognize the value of our associates and believe much of our company's strength and success depends on their well-being.
We demonstrate our commitment by offering outstanding benefit programs to ensure the physical, mental & financial wellbeing of our people is always met.
Culture of Commitment
Ask our associates why they love Jack Henry, and many will tell you it is because our culture is exceptional. We do great things together. Rising to meet challenges and seeking opportunities is part of who we are as an organization. Our culture has helped us stay strong through challenging times and we credit our dedicated associates for our success. Visit our Corporate Responsibility site to learn more about our culture and commitment to our people, customers, community, environment, and shareholders.
Equal Employment Opportunity
At Jack Henry, we know we are better together. We value, respect, and protect the uniqueness each of us brings. Innovation flourishes by including all voices and makes our business-and our society-stronger. Jack Henry is an equal opportunity employer and we are committed to providing equal opportunity in all of our employment practices, including selection, hiring, performance management, promotion, transfer, compensation, benefits, education, training, social, and recreational activities to all persons regardless of race, religious creed, color, national origin, ancestry, physical disability, mental disability, genetic information, pregnancy, marital status, sex, gender, gender identity, gender expression, age, sexual orientation, and military and veteran status, or any other protected status protected by local, state or federal law.
No one will be subject to, and Jack Henry prohibits, any form of discipline, reprisal, intimidation, or retaliation for good faith reports or complaints of incidents of discrimination of any kind, pursuing any discrimination claim, or cooperating in related investigations.
Requests for full corporate job description may be requested through the interview process at any time.
Created: 2024-05-17
Reference: 14614
Country: United States
State: Not Specified
City: Remote