Job Information
Oriental Bank Advisor, Information Security (Risk and Data Loss Prevention) in San Juan, Puerto Rico
The Advisor, Information Security will work with the oversight and challenge of Information Security Controls performed by the first line of defense. Also, will be responsible for operating the DLP program, training other administrators, managing alerts, and implementing a training program and assisting in performing various risk assessments related to Information Security. Position works hybrid based in San Juan, PR.
MAJOR DUTIES AND RESPONSIBILITIES:
Assists in the development of an appropriate Information Security Program, as required by GLBA (Financial Services Modernization Act of 1999), and ensure it is approved by the Board of Directors or designated board committee.
Oversees and reports on the management and mitigation of information security risks across the institution and should be held accountable for the results of this oversight and reporting.
Respond to security events by ordering emergency actions to protect the institution and its customers from imminent loss of information; managing the negative effects on the confidentiality, integrity, availability, or value of information; and minimizing the disruption or degradation of critical services.
Assists with the implementation of the information security strategy and objectives, as approved by the Board of Directors, including strategies to monitor and address current and emerging risks.
Engages with management in the lines of business to understand new initiatives, providing information on the inherent information security risk of these activities, and outlining ways to mitigate the risks.
Operate the Data Loss Prevention (DLP) program day-to-day and train and supervisor administrators in daily DLP program operation.
Define and update DLP policies, manage alerts and create and refine DLP classifiers.
Define DLP program’ KPIs, and design and run reports to measure KPIs and system performance.
Other duties may be assigned.
EDUCATION AND EXPERIENCE:
Bachelor’s Degree in Business Administration, Information Technology, Cybersecurity or any related field required. Professional Security Management Certification is highly desirable.
Three (3) years of experience with business management, working knowledge of information security risk management and cybersecurity technologies and/or systems audits required.
Minimum education and experience required can be substituted with the equivalent combination of education, training and experience that provides the required knowledge skills and abilities.
Fully bilingual – English and Spanish (verbal and written) required.
Computer proficiency in MS Office and other business applications required.
Familiarity with industry security standards including NIST, ISO, SANS, COBIT, CERT preferred.
Familiarity with current data privacy regulations, including GLBA and regional standards preferred.
Strong understanding and experience with Secure SDLC and DevSecOps or security automation.
Capable of understanding and communicating business and profit impact that infosec operations have on the organization.
Oriental is an Equal Opportunity Employer ( EEO Employer / Affirmative Action for Females / Disabled / Veterans )
Recruitment Privacy Statement (https://orientalbank.com/assets/pdfs/recruitment_privacy_policy_statement.pdf)
Compliance Posters
This may be the opportunity to change your life and take your career to the next level.
Oriental is a great place to work, grow and develop. Each employee is key in the company's success. Our team consists of an excellent group of people and we believe you could be one of them. We offer you the opportunity to work and be part of an organization that is dedicated to progress. We offer diverse employment opportunities that go from internships to executive positions. We recognize that our employees are the most important asset of our company, which is why we foster an environment of collaboration, based on trust and mutual respect. Our selection process promotes equal employment opportunity and does not discriminate on grounds of sex, color, age, social status, religious beliefs, veteran status or disability. Included is reference material including our recruitment privacy policy and any relevant labor laws we abide to:
Compliance_Posters / Labor Laws (https://orientalbank.com/assets/pdfs/compliance_posters.pdf)
Recruitment Privacy Policy Statement
Esta puede ser la oportunidad que cambie tu vida y lleve tu carrera profesional a otro nivel.
Oriental es un gran lugar para trabajar, crecer y desarrollarse. Cada empleado es nuestro factor clave en el éxito de la compañía. La mejor gente del mundo trabaja aquí y creemos que podrías ser uno de ellos. Oriental te ofrece la oportunidad de trabajar y ser parte de una organización que se dedica al progreso. En Oriental ofrecemos diversas oportunidades de empleo, que van desde internados hasta puestos directivos. Reconocemos que nuestros empleados son el activo más importante de nuestra compañía, es por esto que fomentamos un ambiente de colaboración, basado en la confianza, el respeto mutuo, al valorar las diferencias de cada empleado. Nuestro proceso de selección es uno que promueve la igualdad de oportunidades en el empleo y no discrimina por razón de sexo, color, edad, condición social, creencias religiosas, condición de veterano o incapacidad. A continuación material de referencia incluyendo nuestra política de privacidad y leyes laborales aplicables:
Afiches de Cumplimiento/ Leyes Laborales (https://orientalbank.com/assets/pdfs/compliance_posters.pdf)
Política de Privacidad de Reclutamiento
