Bank of China, U.S.A.

America Data Center - Cybersecurity VP

Location US-NY-New York
ID
2023-1422
Category
IT Support
Position Type
Full-Time
Posting Date
11 months ago(12/28/2023 2:11 PM)

Introduction

Established in 1912, Bank of China is one of the largest banks in the world, with over $3 trillion in assets and a footprint that spans more than 60 countries and regions. Our long-term outlook, institutional weight and global breadth provide our clients with a stable and reliable financial partner, whether in Corporate or Personal Banking or our Trade Services, Commodities, Financial Institutions and Global Markets lines of business.

Overview

The incumbent will lead the Cybersecurity management team to define the 1st line
Cybersecurity management process, methodology and procedure, and oversee America
Data Center cybersecurity related activities. S/he will also be responsible for conducting
information security assessments, vulnerability analysis, and implementing controls to
address information security issues. In addition, s/he will monitor and report the Bank’s
information security status, escalating major issues to management as necessary.

Responsibilities

Include but are not limited to:

Information Security/Cyber Security management

Include but are not limited to:

Information Security/Cyber Security management

  • Conduct periodic information security/Cyber Security assessments (e.g., information security controls, FW rules) and follow up on remediation status
  • Identify, assess, monitor, report and follow up on key Information security/Cyber Security issues
  • Recommend and implement IT solutions related to Information security/Cyber Security
  • Assist in the development and implementation of new security initiatives, including policies, processes and awareness programs

Information Security Operation

  • Manage and operate information security tools (e.g. Nessus, Websense DLP, etc.)
  • Investigate and follow up the information security alerts generated from various security tools
  • Oversee Privilege ID process, including the creation, access modification, and termination within America Data Center
  • Assist the Department Head to manage Contingency exercises and IT incident response processes

Regulatory and Audit communication

  • Act as point of contact with Regulators and Internal/External Auditors.
  • Assist in preparing and reviewing all requested documents from regulators/auditors"

Qualifications

  • Bachelor’s degree required in Computer Science or Risk Management
  • Minimum 6 years of Information Security or Cybersecurity management experience within Financial Services required, auditor experience preferred
  • Demonstrate sound understanding of IT risk and control assessment methodology, information security framework, as well as FFIEC Guidelines, SSAE 18, SP800-53, FIPS-199, COBIT standards
  • Demonstrate strong communication skills, as well as operation skills of Information Security tools
  • Bilingual ability in Mandarin preferred
  • CISSP, CISA certification(s) preferred

Pay Range

Actual salary is commensurate with candidate’s relevant years of experience, skillset, education and other qualifications.

USD $110,000.00 - USD $230,000.00 /Yr.

Options

Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.