America Data Center - Cybersecurity VP
Bank of China, U.S.A. - New York City, NY
Apply NowJob Description
Established in 1912, Bank of China is one of the largest banks in the world, with over $3 trillion in assets and a footprint that spans more than 60 countries and regions. Our long-term outlook, institutional weight and global breadth provide our clients with a stable and reliable financial partner, whether in Corporate or Personal Banking or our Trade Services, Commodities, Financial Institutions and Global Markets lines of business.The incumbent will lead the Cybersecurity management team to define the 1st lineCybersecurity management process, methodology and procedure, and oversee AmericaData Center cybersecurity related activities. S/he will also be responsible for conductinginformation security assessments, vulnerability analysis, and implementing controls toaddress information security issues. In addition, s/he will monitor and report the Bank’sinformation security status, escalating major issues to management as necessary.Include but are not limited to:Information Security/Cyber Security managementInclude but are not limited to:Information Security/Cyber Security managementConduct periodic information security/Cyber Security assessments (e.g.,information security controls, FW rules) and follow up on remediation statusIdentify, assess, monitor, report and follow up on key Information security/CyberSecurity issuesRecommend and implement IT solutions related to Information security/CyberSecurityAssist in the development and implementation of new security initiatives,including policies, processes and awareness programsInformation Security OperationManage and operate information security tools (e.g. Nessus, Websense DLP, etc.)Investigate and follow up the information security alerts generated from varioussecurity toolsOversee Privilege ID process, including the creation, access modification, andtermination within America Data CenterAssist the Department Head to manage Contingency exercises and IT incidentresponse processesRegulatory and Audit communicationAct as point of contact with Regulators and Internal/External Auditors.Assist in preparing and reviewing all requested documents fromregulators/auditors'Bachelor’s degree required in Computer Science or Risk ManagementMinimum 6 years of Information Security or Cybersecurity managementexperience within Financial Services required, auditor experience preferredDemonstrate sound understanding of IT risk and control assessmentmethodology, information security framework, as well as FFIEC Guidelines, SSAE18, SP800-53, FIPS-199, COBIT standardsDemonstrate strong communication skills, as well as operation skills ofInformation Security toolsBilingual ability in Mandarin preferredCISSP, CISA certification(s) preferredUSD $110,000.00 - USD $230,000.00 /Yr.
Created: 2024-09-07