Amalgamated Bank seeks a dedicated Chief Information Security Officer to be r esponsible for designing and implementing the Bank's Information Security program while protecting the business from cyber security threats. This is a hybrid role reporting to our NYC headquarters.
By joining our team, you'll be joining a Bank that believes that maintaining a diverse and inclusive workplace where everyone feels valued and respected is essential for us to grow as a company. We are dedicated to building a more equitable world in our everyday practices by embracing the values of our employees and customers.
Essential Job Functions:
Develop and maintain an Enterprise Information Security Program
Design a critical response process for Cyber Security incidents
Identify, report and control Cyber Security incidents
Manage and train Information Security staff and develop and deliver Information Security training to the Bank's employees
Continuously monitor threats to the Bank's operating environment
Approve and administer identity access policies
Maintain a current understanding of the IT and Cyber Security threat landscape for the industry
Ensure Bank compliance with relevant Information Security laws and applicable regulations
Lead, and assess the results of periodic security tests, including internal and external penetration testing and phishing
Schedule table-top exercises for Crisis Team and senior management and report findings to management, including implementation of recommendations
Review and approve Information Security policies, procedures and controls
Ensure that they are kept current and are communicated to staff/consultants
Ensure staff/vendor compliance with the Bank's security policies and procedures
Manage a team of employees, contractors and vendors involved in Information Security
Brief the Executive Team on status and risks, overall strategy and necessary budget
Communicate best practices and risks to the Bank
Perform a risk assessment of the Bank's vulnerabilities in the Cybersecurity landscape and develop the Bank's risk appetite for Information Security
Develop Key Risk Indicators (KRIs) and dashboard metrics reporting to both the Management Team and the Board of Directors
Establish strong working relationships with the Heads of IT and business lines
Develop and present quarterly reports to the Board of Directors.
Knowledge, Skills and Experience Requirements:
Master's degree or equivalent experience
Minimum of ten (10) years of experience, at least five (5) years focused on managing information security in a complex, matrixed environment
Extensive experience in regulated industries, especially financial services; banking experience is preferred
Proven ability to create and maintain enterprise-level information security programs
Motivated individual with strong analytical, problem solving and root cause analysis skills
Ability to work on multiple, time-critical projects simultaneously
Knowledge of Data Privacy Laws
Working knowledge of information security engineering concepts and principles
Familiarity with DFS 500 and similar regulations
Experience working with external regulators, including NY DFS and FDIC
Excellent verbal and written communications, including presentation of complex data in easily, understood ways
Ability to confidently interact at multiple levels in the organization and lead cross-departmental team projects
Experience presenting to senior levels, including Board of Directors
CISSP, CISA or CISM designations preferred
Our job titles may span more than one career level. The starting base salary for this role is between $240,000.00 - $260,000.00. The actual base pay is dependent upon many factors, such as: training, transferrable skills, work experience, business needs and market demands. The base pay range is subject to change and may be modified in the future.
Amalgamated Bank is an Equal Opportunity and Affirmative Action Employer, Minorities / Females / Individuals with Disability / Veterans . (https://www.eeoc.gov/sites/default/files/migrated\files/employers/poster\screen\reader\optimized.pdf) AmeriCorps, Peace Corps and other national service alumni are encouraged to apply. View our Pay Transparency Statement (https://www.amalgamatedbank.com/sites/default/files/pay-transparency.pdf) . Submission of a resume or any information regarding your qualifications does not constitute a promise or offer of employment. At Amalgamated Bank, we consider an applicant to be someone who has interviewed at least once, in person, with the hiring manager. Amalgamated Bank does not sponsor applicants for work visas.
Hybrid Work Model
Effective February 18, 2025, employees in office-based positions will be working a Hybrid work schedule consisting of three days or more, on-site per week, Monday - Thursday, although the specific days may vary by site or organization, with Friday designated as a remote-working day, unless business critical tasks require an on-site presence. This Hybrid work model does not apply to, and daily in-person attendance is required for, the contact center, branch service roles, and general services where the work to be performed is located at a Company site; positions covered by a collective-bargaining agreement (unless the agreement provides for hybrid work); or any other position for which the Company has determined the job requirements cannot be reasonably met working remotely. Please note, this Hybrid work model guidance does not apply to roles that have been designated as "remote".
Search Firm Representatives- Please Read Carefully
Amalgamated Bank does not accept unsolicited assistance from search firms for employment opportunities. All CVs / resumes submitted by search firms to any employee at our company without a valid written search agreement in place for the position will be deemed the sole property of our company. No fee will be paid in the event a candidate is hired by our company as a result of an agency referral where no pre-existing agreement is in place. Where agency agreements are in place, introductions are position specific. Please, no phone calls or emails.
