HOURS:  (SHIFTS WILL VARY AND ARE SUBJECT TO SCHEDULE NEEDS 40/HOURS PER WEEK)

MONDAY - FRIDAY: 8:00 AM - 5:00 PM

Prosperity Bank is seeking to fill the position of Information Security Officer in our Sugar Land - East Lawn office.

POSITION PURPOSE

Information Security is essential to what we do, from protecting our customers to our employees to our Intellectual Property. The Information Security Officer at Prosperity Bank will be accountable for leading our Information Security Team and overseeing the Information Security Program and its continued improvement.

You will enable the business in security and risk management.  You will lead the team to manage exceptions, and document alignment of both requirement drivers and adherence monitoring processes related to policy.  You work on the cutting edge of security and technology and address new risks. You will collaborate and innovate with other groups within Prosperity Bank to mature the Bank’s Information Security Program.

ESSENTIAL FUNCTIONS AND BASIC DUTIES

1. Aligning policies and procedures to laws, regulations, guidance, best practices, industry standards, and internal risk requirements.
2. Leading projects on security policy emphasizing the identification, understanding, and socialization of new risks
3. Measuring and reporting on the Bank’s cybersecurity position and level of compliance with stated security policy standards
4. Approving and tracking security policy exceptions and tracking policy violations
5. Approving requests for changes in the Bank’s technology environment having a cybersecurity impact
6. Defining and refining security policy requirements to address the risks presented by new and emerging technologies
7. Consulting on information security policy compliance for unique issues
8. Assessing and reporting to senior management on information security risk across the enterprise
9. Overseeing the incident response plan and directing incident response activities
10. Remaining current on developments in the cyber-security industry including: security alerts, bugs, zero day issues, vulnerabilities, viruses and malware, and providing evaluation and recommendations depending on their potential impact
11. Managing the use and reporting of outputs of designated internal security systems
12. Directing security activities and assessments with key third party security partners and develop the responses, the remediation, and ongoing adherence from those reports
13. Interacting with exam and audit personnel, responding to requests for information, and addressing noted findings
14. Working closely with the project management and vendor management teams in providing timely security reviews and assessments to potential technologies being considered by the organization
15. Working closely with the Management team and Training to ensure that security awareness training remains a current, positive training solution for employees
16. Serving on various technology and risk committees
17. Other duties as assigned

Prosperity Bank is committed to providing our customers a personalized service experience, we're looking for people who are passionate about satisfying customers, will not settle for the average, embrace creativity and operate with a sense of purpose. If this is you, then we are looking forward to meeting you and are excited that you are interested in joining Prosperity Bank - where we are Simply Better!

Come join our team and explore the endless possibilities that a career in banking can provide!

A pre-employment credit check will be performed on all qualified applicants.

Prosperity Bank is an Equal Employment Opportunity and Affirmative Action employer, and Member of the FDIC.

Required Skills

KNOWLEDGE REQUIRED: Knowledge of IS areas, such as authentication, encryption, logging, monitoring, vulnerability management and assessment

Demonstrated ability to integrate business needs and exceptional customer service with that of maintaining a strong security framework

SKILLS/ABILITIES: Excellent written and oral English communication and presentation skills

Ability to discuss security topics with non-technical audiences

Willingness to work beyond standard business hours when necessary

Ability to keep multiple concurrent tasks and projects moving forward

Possess strong analytical and troubleshooting skills.

Required Experience

EDUCATION/CERTIFICATION: Bachelor’s degree in Computer Information Sciences, Information Technology, Engineering or a related technical field; or Associates

GSEC, SSCP, CISSP certification is preferred

RSA Security Analytics – Preferred

EXPERIENCE REQUIRED:        7+ years of practical IS/IT work experience in financial services with direct knowledge surrounding enterprise security technologies such as SIEM, firewalls, VPN, IPS/IDS, content filters, AV, and similar

Experience utilizing common frameworks including FFIEC, NIST, ISO

5+ years’ experience in a management capacity with experience working with business leaders in collaborating on technology and security items

5+ years technical experience in skills including Vendor Management, Information Security, IS Program Management, and/or Security Vendor Management

Experience with managing small focused teams

PREFERENCE WILL BE GIVEN TO ANY CANDIDATES WITH THESE ADDITIONAL SKILLS

Technical experience with a minimum of four years’ experience in one or more of the following: computer network penetration testing and techniques; computer evidence seizure, computer forensic analysis, and data recovery; computer intrusion analysis and incident response; intrusion detection; computer network surveillance/monitoring; network protocols, network devices, multiple operating systems, and secure architectures.

Ability to obtain a security clearance.

Applicable Certifications: CISSP, GIAC Certified Intrusion Analyst (GCIA), GIAC Certified Incident Handler (CGIH), GIAC Certified Forensic Analyst (GCFA)

KNOWLEDGE REQUIRED: Knowledge of IS areas, such as authentication, encryption, logging, monitoring, vulnerability management and assessment

Demonstrated ability to integrate business needs and exceptional customer service with that of maintaining a strong security framework

SKILLS/ABILITIES: Excellent written and oral English communication and presentation skills

Ability to discuss security topics with non-technical audiences

Willingness to work beyond standard business hours when necessary

Ability to keep multiple concurrent tasks and projects moving forward

Possess strong analytical and troubleshooting skills.