at WSFS Bank
Job DescriptionWSFS Bank is seeking a Chief Information Security Officer. The Chief Information Security Officer will serve as the strategic leader and process owner of a comprehensive enterprise information security program to ensure the availability, integrity, and protection of the customer, business partner, associate, and business information assets and technologies. The incumbent is responsible for establishing and maintaining a corporate-wide information security program to protect information assets, including developing an appropriate cybersecurity posture and proper business and disaster recovery protocols. The Chief Information Security Officer is responsible for communicating and working with executive management and the board to determine acceptable levels of risk for the organization that protects its assets and supports business outcomes. The incumbent will provide advice and guidance to management to enable leaders to make sound business decisions and serve as an internal resource concerning various external reporting matters. The incumbent will manage five to ten direct reports and exercise a manager's customary authority concerning staffing, coaching, performance management, promotions, salary recommendations, and terminations.
This is a full-time, 40-hr work week M-F, 8:00 AM - 5:00 PM located at our Operations Center in North Wilmington, DE.
- Provide leadership to the enterprise's information security organization by evaluating the IT threat landscape, devising cyber security policy and controls to reduce risk, leading auditing, and compliance initiatives, and more.
- Develop, implement, and monitor a strategic, comprehensive enterprise information security, cybersecurity risk management and disaster/business continuity framework and ongoing program
- Develop, implement, and monitor disaster recovery and business continuity planning creating cyber resiliency so the bank can rapidly recover from hacking, security incidents, or infringements.
- Work directly with executive management, the Board of Directors, and the business units to facilitate risk assessment and risk management processes
- Understand and interact with related disciplines to ensure the consistent application of policies and standards across all technology projects, systems, and services
- Partner with business stakeholders across the company to raise awareness of risk management concerns
- Assist with the overall business technology planning, providing a current knowledge and future vision of technology and systems
- Work with vendor management and risk to ensure that information security requirements are included in contracts to manage third party risk
- Create and manage a targeted information security awareness training program for all employees, contractors, and approved system users, and establish metrics to measure the effectiveness of this program for different audiences
- Liaise with external agencies including government, law enforcement and other advisory and/or regulatory bodies to maintain a strong security posture and stay abreast of the relevant threats
- Partner with the enterprise architecture team to develop security architecture standards and to ensure alignment between security and the enterprise architecture framework as a whole
- support our culture of engagement and forge relationships among peers, as well as, with other areas of the Bank, whilegiven broad latitude with making decisions relative to his/her roles and primary responsibilities and plans and carries out the work in accordance with previous experience, organizational priorities and by exercising good judgment.
- This role is responsible for establishing and managing annual operating expenses, capital expenditures and hiring at approved and appropriate levels to accomplish outcomes and ensuring an appropriate return on investment for the function.
- Other duties as assigned
- Bachelor's degree in Business Administration or Information Technology related field of study or equivalent experience and industry recognized security certification such as CISSP, CCISO and CGEIT. MS or MBA is preferred.
- Must have10+ years Information Security experience, preferably in the Financial services industry.
- Must have 5+ years’ experience leading a team.
- Professional security management certifications, including but not limited to CISSP, CCISO and CGEIT
- Knowledge of common information security management frameworks, such as ISO/IEC 27001, and NIST.
- Experience in Agile (scaled) software development or other best in class development practices.
- Experienced with Cloud computing/Elastic computing across virtualized environments
- Previous experience with contract and vendor negotiations and management including managed services.
- Must demonstrate innovative thinking and leadership with an ability to lead and motivate cross-functional, interdisciplinary teams
- Must have excellent problem-solving abilities, including weighing business opportunities against security risks that can potentially compromise long-term financial and strategic outcomes.
- Excellent written and verbal communication skills and high level of personal integrity
- Ability to travel within the WSFS Bank footprint in the Greater Philadelphia Region
How do you get to be nearly 200 years old in a world that's constantly changing? For us, the answer has always been the same: create a team of Associates who are passionate about serving the community, and success will follow. Our Mission and Values serve as essential reminders about who we are and how we do business. WSFS is an equal opportunity employer. We do not discriminate based upon race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics.