Director of IT Risk and Compliance

Primary Office Location: 30 Isabella Street. Pittsburgh, Pennsylvania. 15212. Join our team. Make a difference - for us and for your future. Position Title: Director of Information Technology Risk and Compliance Business Unit: Risk Management Reports to: Chief Information Security Officer Position Overview: This position is primarily responsible for leading, developing and maintaining the IT Risk and Compliance management strategy. The incumbent develops and maintains policy, standards, processes and procedures to assess, monitor, report, escalate and remediate issues, works collaboratively with Lines of Business (LOB) partners in the design and implementation of IT compliance practices, advises senior management on appropriate mitigation strategies and approaches and coordinates the IT component of both internal and external audits, federal and state examinations. Primary Responsibilities: Monitors Information Technology security intelligence and keeps abreast of pertinent risks, events, research and developments. Acts as the Information Security liaison for Audit and Examiner requests. Participates in the development and maintenance of the information security procedures and awareness program. Conducts regular security audits, analysis and assessments per security policy. Proactively provide security and risk related feedback on project designs, operational processes and procedures. Oversees maintenance and governance of the Information Security Program, including the drafting and finalization of Information Security Policies, Procedures, Standards and reporting. Oversees and performs vendor due diligence processing, coordination, and documentation by evaluating vendor compliance with organizational standards and regulatory requirements. This includes conducting risk assessments, collecting and analyzing vendor information, maintaining accurate records, and ensuring timely follow-up on any outstanding issues. Provides information security training and employee awareness content. Manages records management program by developing and implementing policies and procedures for the systematic organization, retention, and disposal of records. Ensures compliance with legal and regulatory requirements, conducts regular audits, and provides training to staff on best practices for record keeping. Oversees security architecture and disaster recovery. Will ensure the security architecture and disaster recovery testing functions operate efficiently, effectively and complete results timely. Will ensure KPIs and KRIs are met. Performs other related duties and projects as assigned. All employees have the responsibility and the accountability to serve as risk managers for their businesses by understanding, reporting, responding to, managing and monitoring the risk they encounter daily as required by F.N.B. Corporation's risk management program. F.N.B. Corporation is committed to achieving superior levels of compliance by adhering to regulatory laws and guidelines. Compliance with regulatory laws and company procedures is a required component of all position descriptions. Minimum Level of Education Required to Perform the Primary Responsibilities of this Position: BA or BS Minimum # of Years of Job Related Experience Required to Perform the Primary Responsibilities of this Position: 10 Skills Required to Perform the Primary Responsibilities of this Position: Excellent communication skills, both written and verbal Excellent customer service skills Excellent project management skills Detail-oriented Strong security background in network/systems/physical security, authentication, authorization and usability Comprehensive knowledge of OSI, NIST CSF, AICPA SOC Reports and COBIT Strong technical problem solving Licensures/Certifications Required to Perform the Primary Responsibilities of this Position: CISSP, Security+, Network+, GCIA, GCIH Physical Requirements or Work Conditions Beyond Traditional Office Work: Heavy lifting over 45 pounds Equal Employment Opportunity (EEO): It is the policy of FNB not to discriminate against any employee or applicant for employment because of his or her race, color, religion, sex, sexual orientation, gender identity, national origin, disability status, or status as a protected veteran. FNB provides all applicants and employees a discrimination and harassment free workplace.

Created: 2024-11-09