Information Security Officer

Full-Time | $70,000 – $90,000 per year

JOB DESCRIPTION:

• • Responsible for overseeing information security, cybersecurity and IT risk management programs based on industry-accepted information security and risk management frameworks. The ISO will be an integral part of the Information Technology organization reporting directly to the President and Board of Directors to help improve and communicate the maturity levels of information security, state of cybersecurity and IT risk practices across GSB.

RESPONSIBILITIES:

• • Coordinate the continuous development, implementation and updating of security and privacy policies, standards, guidelines, baselines, processes, and procedures in compliance with local, state, and federal regulations and standards for GSB information systems.
  • Develop and manage the frameworks, processes, tools, and consultancy necessary for IT to properly manage risk and to make risk-based decisions related to IT activities.
  • Proactive identification and mitigation of IT risks as well as responding to observations identified by third party auditors or examiners while assisting in the development of periodic reports presenting the level of controls compliance and current IT risk posture.
  • Assist with audits and facilitate management response and remediation efforts. Ensure overall IT compliance with regulatory requirements through proactive planning and communication, ownership, and relationships.
  • Broaden and deepen knowledge of the business and environment of IT with respect to the delivery of projects, strategic initiatives, and systems portfolio to effectively assist the IT manager with risk and compliance management.
  • Identify acceptable levels of residual risk and assist with action plans, policy, and procedural changes for risk mitigation. Provide strategic recommendations to key IT projects to help improve project results, quality of deliverables, risk optimization, security processes and compliance with regulations.
  • Provide information systems security management education and training in regulatory and industry standards for all GSB employees.
  • Receive allegations of security incidents and conduct complex investigations; prepare written findings, recommendations and follow up evaluation; and analyze patterns and trends.
  • Coordinates GSB information security incident response and reporting for events or exploited vulnerabilities including unauthorized system or network access, denial of Grinnell State Bank service, inappropriate data access, data corruption, and/or collection of private or confidential information.
  • Acts as ombudsman for disputes, requests for exceptions and complaints regarding GSB wide information systems security policies, practices, and related issues.
  • Works as a liaison with local, state and federal authorities requiring information and reports on security incidents to include FBI or other law enforcement agencies.

QUALIFICATIONS:

• • Degree in computer science or a technology-related field or equivalent experience.
  • Professional information security certification preferred.
  • Experience in an information security role preferred.
  • Excellent organizational and communication skills (both oral and written).
  • Strong interpersonal skills and the ability to effectively communicate.
  • Ability to provide in-depth analysis of complex problems, manage risk and provide timely and accurate decisions.
  • Experience in risk and information security policy development.
  • Knowledge and understanding of banking, corporate/industry information security, governance, risk and compliance practices and standards.
  • Knowledge of laws and regulations including but not limited to: Gramm-Leach-Bliley (GLB) Act and Sarbanes-Oxley.
  • Experience with development of educational programs in security awareness.
  • Knowledge of IT processes and controls and strong understanding of risk and control frameworks such as (ISO, NIST, ITIL, PCI).
  • General knowledge of information security regulatory requirements and standards such as ISO 27001/2, SANS top 20 and NIST 800-53.
  • Possess Certified Information Systems Security Professional (CISSP) or other information systems security certifications.

Personal Banker

Full-Time or Part-Time | $15 – $18 per hour

JOB DESCRIPTION:

• • Perform customer service such as opening new accounts, processing transactions, and assisting customers with inquires via the phone or face-to-face interaction. In addition, you are responsible for maintaining and establishing new consumer and commercial relationships.

QUALIFICATIONS:

• • High School Diploma
  • Good Communication Skills
  • Detail Oriented
  • Problem Solving Skills
  • Customer Service & Cash Handling Experience