Overview
On Site
Full Time
Skills
Physical Security
Policies and Procedures
Leadership
Finance
Law Enforcement
FBI
Test Plans
Social Engineering
Incident Management
Documentation
Financial Services
Cyber Security
Business Continuity Planning
Banking
Budget
Collaboration
Network Design
Legal
Research
Fraud
Supervision
Filing
Training
Communication
Analytical Skill
Microsoft Office
Internet
Management
Computer Science
Information Technology
CISM
Information Security
Job Details
SUMMARY OBJECTIVE:
The Security and Fraud Officer provides the leadership and strategies necessary to protect physical security and information security from a second-line perspective of AmeriServ Financial, Inc. and all affiliate entities. The Security and Fraud Officer will manage policy, procedure, and process to ensure the execution of the Company's Corporate Security and Information Security Programs.
ESSENTIAL FUNCTIONS:
1. Provides the leadership and strategies necessary to protect the security, both physical and information, of AmeriServ Financial, Inc. and all affiliate entities.
2. Manages the execution of the Company's Corporate Security and Information Security Programs.
3. Chairs the following key Committees: Information Security Committee, Fraud Committee, Information Security Steering Committee, and Incident Response Team.
4. Act as the contact person for Information Security issues with law enforcement and oversight agencies, including local police, State Police, FBI, Secret Service, Federal Reserve Bank, and others.
5. Prepares and executes a robust employee information security education and testing plan, including phishing and social engineering tests.
6. Develops, maintains, and exercises incident response plans. Keeps informed of Information Security incidents and act as primary control point during significant information/cyber security incidents.
7. Work with external IT Auditors in the execution of Information Security-related assessments. Ensure remediation of findings, including the documentation of risk acceptance and false positive results.
8. Maintain a current understanding of the IT threat landscape for the financial services and update information security, cyber security, and business continuity strategies to leverage new technology and threat information. Establish and maintain contacts with banking industry peer groups.
9. Implement and maintain the Company's Strategic Information Security Plan and budget developed in cooperation with the Chief Risk Officer (CRO) and Chief Information Officer (CIO).
10. Conduct research, assess, and evaluate Information Security technologies and make a determination on the appropriate fit for the Company in cooperation with the CIO. Work with the CIO to ensure that IT and network infrastructure is designed with best security practices.
11. Utilize the e-mail archive system to fulfill subpoena requests, legal holds, etc., and as requested perform other related research.
12. Manage all fraud activities through the Fraud Coordinator, including researching and evaluating fraud prevention resources.
Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities, and activities may change at any time with or without notice.
SUPERVISORY RESPONSIBILITY:
This position requires supervision of employees.
WORK ENVIRONMENT:
This job operates in a professional office environment. This role routinely uses standard office equipment such as computers, phones, photocopiers, filing cabinets and fax machines.
PHYSICAL DEMANDS:
The employee is frequently required to: 1) Type or otherwise work with fingers; 2) Talk expressing or exchanging ideas by means of the spoken word. Those activities in which they must convey detailed or important spoken instructions to other workers or clients accurately, loudly, or quickly; 3) Hearing - perceiving the nature of sounds at normal speaking levels with/without correction. Ability to receive detailed information through oral communication and make the discriminations in sound. Operating a motor vehicle and the ability to adapt to environmental weather conditions, as seasons change.
Sedentary work may require occasionally lifting of up to 25 pounds and/or move up to 30 pounds. This work involves sitting most of the time with walking, driving and sitting.
Specific vision abilities required by this job include: 1) viewing a computer monitor; 2) extensive reading; 3) driving.
TRAVEL:
Minimal travel is required -- includes travel to company offices and occasional attendance at training or seminars.
COMPETENCIES:
1. Strong Communication Skills (Written and verbal)
2. Strong Analytical Skills
3. Superior Computer Skills (including Microsoft Office and Internet)
4. Deadline Driven
5. Ethical Conduct
6. Principled Time Management
7. Composure Under Pressure/Stressful Situations
8. Ability to handle multiple projects/priorities simultaneously
REQUIRED EDUCATION and EXPERIENCE:
A Bachelor's degree in computer science, information technology, information security, or related field and a minimum of 2 years of experience in Information Technology or Information Security. Information Security certification, such as a CISM is required. If the candidate does not have the appropriate Information Security certifications, they must be willing to acquire one within 2 years.
Equal Opportunity Employer
This employer is required to notify all applicants of their rights pursuant to federal employment laws. For further information, please review the Know Your Rights notice from the Department of Labor.
The Security and Fraud Officer provides the leadership and strategies necessary to protect physical security and information security from a second-line perspective of AmeriServ Financial, Inc. and all affiliate entities. The Security and Fraud Officer will manage policy, procedure, and process to ensure the execution of the Company's Corporate Security and Information Security Programs.
ESSENTIAL FUNCTIONS:
1. Provides the leadership and strategies necessary to protect the security, both physical and information, of AmeriServ Financial, Inc. and all affiliate entities.
2. Manages the execution of the Company's Corporate Security and Information Security Programs.
3. Chairs the following key Committees: Information Security Committee, Fraud Committee, Information Security Steering Committee, and Incident Response Team.
4. Act as the contact person for Information Security issues with law enforcement and oversight agencies, including local police, State Police, FBI, Secret Service, Federal Reserve Bank, and others.
5. Prepares and executes a robust employee information security education and testing plan, including phishing and social engineering tests.
6. Develops, maintains, and exercises incident response plans. Keeps informed of Information Security incidents and act as primary control point during significant information/cyber security incidents.
7. Work with external IT Auditors in the execution of Information Security-related assessments. Ensure remediation of findings, including the documentation of risk acceptance and false positive results.
8. Maintain a current understanding of the IT threat landscape for the financial services and update information security, cyber security, and business continuity strategies to leverage new technology and threat information. Establish and maintain contacts with banking industry peer groups.
9. Implement and maintain the Company's Strategic Information Security Plan and budget developed in cooperation with the Chief Risk Officer (CRO) and Chief Information Officer (CIO).
10. Conduct research, assess, and evaluate Information Security technologies and make a determination on the appropriate fit for the Company in cooperation with the CIO. Work with the CIO to ensure that IT and network infrastructure is designed with best security practices.
11. Utilize the e-mail archive system to fulfill subpoena requests, legal holds, etc., and as requested perform other related research.
12. Manage all fraud activities through the Fraud Coordinator, including researching and evaluating fraud prevention resources.
Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities, and activities may change at any time with or without notice.
SUPERVISORY RESPONSIBILITY:
This position requires supervision of employees.
WORK ENVIRONMENT:
This job operates in a professional office environment. This role routinely uses standard office equipment such as computers, phones, photocopiers, filing cabinets and fax machines.
PHYSICAL DEMANDS:
The employee is frequently required to: 1) Type or otherwise work with fingers; 2) Talk expressing or exchanging ideas by means of the spoken word. Those activities in which they must convey detailed or important spoken instructions to other workers or clients accurately, loudly, or quickly; 3) Hearing - perceiving the nature of sounds at normal speaking levels with/without correction. Ability to receive detailed information through oral communication and make the discriminations in sound. Operating a motor vehicle and the ability to adapt to environmental weather conditions, as seasons change.
Sedentary work may require occasionally lifting of up to 25 pounds and/or move up to 30 pounds. This work involves sitting most of the time with walking, driving and sitting.
Specific vision abilities required by this job include: 1) viewing a computer monitor; 2) extensive reading; 3) driving.
TRAVEL:
Minimal travel is required -- includes travel to company offices and occasional attendance at training or seminars.
COMPETENCIES:
1. Strong Communication Skills (Written and verbal)
2. Strong Analytical Skills
3. Superior Computer Skills (including Microsoft Office and Internet)
4. Deadline Driven
5. Ethical Conduct
6. Principled Time Management
7. Composure Under Pressure/Stressful Situations
8. Ability to handle multiple projects/priorities simultaneously
REQUIRED EDUCATION and EXPERIENCE:
A Bachelor's degree in computer science, information technology, information security, or related field and a minimum of 2 years of experience in Information Technology or Information Security. Information Security certification, such as a CISM is required. If the candidate does not have the appropriate Information Security certifications, they must be willing to acquire one within 2 years.
Equal Opportunity Employer
This employer is required to notify all applicants of their rights pursuant to federal employment laws. For further information, please review the Know Your Rights notice from the Department of Labor.
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.