The Role
Job Summary & Responsibilities
Bachelor's Degree required in Information Security Management or equivalent work experience required
SUMMARY: This position serves as the business leader responsible for developing and delivering the company's security education and awareness program with the purpose of creating an enterprise security positive culture where expected security behavior is embedded into normal behavior and where all relevant individuals make effective risk-based decisions and protect critical and sensitive information and systems. This role will be responsible for liaising with other experts and vendors to execute communication and training in support of security education and awareness. In this role, the individual must have passion for and experience with information security, and is capable of generating creative ideas that evangelize the criticality of information security in fun and engaging ways. This role will drive programs that increase visibility and understanding around information security best practices that reduce risk to our company.
ESSENTIAL DUTIES AND RESPONSIBILITIES include the following. Other duties and special projects may be assigned.
- Establish and maintain a comprehensive Information Security Education and Awareness strategy and program that targets employees' behavior to become more security conscious and aligns with emerging CISO needs.
- Leadership and oversight of the Security Education and Awareness Program, including risk identification, content development, program road map and collaboration with teams across IT / IS to leverage the right communication mediums, training and education, and speaking engagements.
- Asset top human risk to our company and the employee behaviors that need to change to mitigate those risks.
- Create and manage Information Security Education and Awareness training programs for employees and contractors making sure the security programs comply with applicable regulations and policies, to minimize risk and mitigate / resolve audit findings.
- Actively partner with other business areas, e.g. Compliance, Fraud, HR to drive the right messages under a shared security-focused campaign and brand to enhance education and awareness activities.
- Collaborate with the CISO organization (Access & Identity, Cyber Threat Unit, and Risk Management) to enhance Information Security Education and Awareness training activities.
- Effectively measure and regularly report on the effectiveness of security education and awareness programs and delivery methods.
- Develop, collect, analyze metrics for education and awareness campaigns in terms of reach, impact, and change in behavior to determine effectiveness and influence strategy/direction.
- Determine the frequency of cybersecurity related education and awareness activities to achieve the greatest impact.
- Support cybersecurity education and awareness efforts across the employee population including executives.
- Develop targeted communications to stakeholders on identified cybersecurity related topics as needed.
- Conduct analysis and research of cybersecurity capabilities that improve the education and awareness programs and expand security messaging.
- Lead, develop, and execute cybersecurity related education and awareness activities leveraging a variety of teaching and delivery methods
- Provide support and security-related information as needed to business unit stakeholders.
- Promote and communicate information security education and awareness within the organization.
- Perform additional duties, as assigned.
- Adheres to and complies with applicable, federal and state laws, regulations and guidance, including those related to anti-money laundering (i.e. Bank Secrecy Act, US PATRIOT Act, etc.).
- Adheres to Bank policies and procedures and completes required training.
- Identifies and reports suspicious activity.
EDUCATION
Bachelor's Degree required in Information Security Management or equivalent work experience required
EXPERIENCE
- 3 - 5 Years of Information Technology or Information Security experience required
- Prior experience within a financial institution preferred
- Experience authoring information security policies, standards, and guidelines required
- Prior experience working with regulations in the area of FFIEC, GLBA, SOX, and FDICIA preferred
CERTIFICATES, LICENSES, REGISTRATIONS
- CISSP Certified Information Systems Security Professional preferred
- Certified Information Security Manager (CISM) preferred
- CISSA or related certifications preferred
KNOWLEDGE, SKILLS AND ABILITIES
- Must be committed to incorporating security into all decisions and daily job responsibilities
- Strong interpersonal skills and professionalism to foster collaboration, increased education and awareness and promote a cybersecurity savvy workforce.
- Requires good analytical skills with experience creating a security education and awareness strategy and implementing the program to carry out the strategy.
- Strong knowledge of core Information Security concepts related to Governance, Risk & Compliance.
- Broad knowledge IS policies, standards and guidelines.
- Broad understanding of best practice control frameworks and regulatory requirements such as GLBA and ISO 27001/2
- Demonstrated understanding of internal security controls.
- Effectively collaborates with leaders at multiple levels across disciplines.
- Good business acumen, ability to understand the potential impact of non-compliance on the business.
- Solid management, leadership and mentoring skills.
- Possess strong writing, verbal communication and presentation skills.
- Ability to perform multiple projects simultaneously.
- Working knowledge of Adobe Creative software (Fireworks, InDesign, Photoshop, Illustrator, After Effects, Audition)
- Working knowledge of Microsoft Word, Excel, PowerPoint, Publisher and Visio.
ADDITIONAL INFORMATION
- Candidates residing in locations within BankUnited's footprint may be given preference.
#GoForMore
BankUnited Compensation & Benefits Highlights
The following summarizes recurring compensation and benefits themes identified from responses generated by popular LLMs to common candidate questions about BankUnited and has not been reviewed or approved by BankUnited.
-
Healthcare Strength — Healthcare coverage is positioned as comprehensive, with medical, dental, and vision options plus disability and life insurance. Wellness programming is described as robust, including incentives, screenings, and on-site fitness facilities at the corporate center.
-
Retirement Support — Retirement support includes a 401(k) plan with a company match and relatively quick eligibility after one month. Auto-enrollment and auto-increase features are described, which can help employees build savings consistently.
-
Leave & Time Off Breadth — Time-off offerings are described as broad, including a sizable PTO range by level and paid holidays. Additional time-off programs such as volunteer time and flexible/hybrid/remote arrangements are also described for eligible positions.
BankUnited Insights
Similar Jobs
.png)
Get Personalized Job Insights.
Our AI-powered fit analysis compares your resume with a job listing so you know if your skills & experience align.
Success! Refresh the page to see how your skills align with this role.
The Company
What We Do
BankUnited, Inc., with total consolidated assets of $35.2 billion at March 31, 2021, is a bank holding company with one wholly owned subsidiary, BankUnited. BankUnited, a national banking association headquartered in Miami Lakes, Florida, provides a full range of banking services to individual and corporate customers through banking centers in Florida and New York. The Bank also provides certain commercial lending and deposit products on a national platform. Here at BankUnited, we endeavor to provide, through experienced lending and relationship banking teams, personalized customer service and offer a full range of traditional banking products and services to both commercial and retail customers.
