As a family-owned business that spans five decades and three generations since 1964, we value relationships, supporting each other's unique differences. We understand the importance of personal belonging which is why you'll hear our employees talk about being part of the SNB family. Now, more than ever, as we've expanded our roots into new markets, it's the prime time to join our growing team. As a community bank, we offer comprehensive financial solutions for personal, business, and private banking, treasury management, wealth management and mortgage needs in Nebraska, Iowa, and Texas. We have 10 convenient full-service branch locations in the Omaha and Council Bluffs as well as full-service branches in the Jordan Creek area of West Des Moines and in uptown Dallas. Learn more about our story at www.SNBconnect.com/About-Us or visit us on LinkedIn and Facebook.

JOB SUMMARY

This position is responsible for safeguarding information system assets by identifying and solving potential and actual flaws in the security systems, solutions and programs while recommending specific measures to improve the company's overall security position. Serves as the bank's Information Security Officer.

ESSENTIAL FUNCTIONS

Develops and Implements Security Improvements by Assessing Current Situation, Evaluating Trends, Anticipating Requirements (35%)

• Evaluates and recommends vendor for intrusion testing. Work with vendor to diagnose any outcomes and resolutions. Notify management of any security issues and resolutions
• Explores, analyzes, and implements the company's information and technology security systems.
• Oversees new product risk evaluation, and reviews current product risk assessments for possible impact on systems security
• Manages the overall disaster recovery plans for the bank and ensures minimal possibilities of threats to security; conducts training to users as required.
• Develops and implements tactical threat response procedures to prepare, detect, analyze, eradicate, and recover security incidents across the bank
• Reviews and updates assigned policies and procedures to ensure data security
• Creates and monitors annual department budget
• Collaborates with Firewall Management and Email system providers
• Oversight of the bank's Information Security Training program
• Directs End User Access Review and Management
• Oversight of collaborations with Network Administration on network changes that impact information security

Recognizes Problems by Identifying Abnormalities; Reporting Violations (20%)

• Monitors secure e-mail and email rules.
• Monitors firewall management to control end-user Internet usage. Assists in troubleshooting network issues with service providers and employees and vendors.
• Performs log alerts and reviews on the following: managed service provider, SCM change, Patch Management, and Internet Banking, etc.
• Detects and reports corrective actions for data security breaches.
• Maintains and updates all associated records and reporting

Protects System by Defining Access Privileges, Control Structures & Resources (20%)

• Sets-up, deletes, and changes user status in Fiserv.
• Interacts with end-users for password issues on the Fiserv system.
• Responsible for the following system user management: Director Group, Navigator and log review.
• Reviews all application user setup to analyze and monitor user access.
• Manages Portable Device process and log.

Plans and Organizes Bank-wide Information Security Audits and Training (10%)

• Audits the systems and information management process to identify weaknesses.
• Performs Annual Portable Device audit. Manages and tracks remediation of any audit findings
• Assists in developing periodic testing of Information Security preparedness, as well as conducting monthly phishing tests on all employees
• Trains all employees on Information Security quarterly and new hires during monthly orientation.
• Reviews Record Retention annually
• Conducts annual vendor management to evaluate and assess the information/data security of external vendors
• Communicates best practices with internal customers
• Manages Identity Theft and Red Flags Program

Management (15%)

• Manages employees within department including but not limited to sourcing, hiring, training, coaching and developing employees, holding regular check-in meetings, delegating work assignments, conducting timely quarterly/annual performance reviews, providing salary recommendations, and administering corrective actions as needed.

Performs other duties as required and assigned.

KNOWLEDGE, SKILLS AND ABILITIES

• Thorough knowledge of all cybersecurity and information security related regulations applicable to federal regulations (OCC, FFIEC, CFPB, SEC)
• Knowledge and understanding of recovery management after an incident or disaster
• Knowledge and understanding of applicable rules and regulations regarding computer-related security systems including firewalls, encryption, and password protection and authentication
• Ability to communicate effectively with a diverse array of constituents including senior leaders
• Ability to plan, estimate, manage and control tasks of selves and team
• Strong project management skills
• Excellent mathematical verbal/written communication skills
• Strong proficiency with a broad array of security software applications and tools
• Ability to anticipate information security risks and implement new ways to protect company's computer systems and networks
• Demonstrates excellent problem-solving and analytical skills
• Strong detail oriented and organizational skills
• Ability to demonstrate an understanding of basic banking operations
• Ability to maintain predictable and reliable attendance
• Ability to complete required training on time.

EDUCATION*

• Minimum of a Bachelor's degree in computer science, programming or related field required; Master's degree preferred
• Computer security certification required (Security+, CISSP, CISM, CEH, or similar)

EXPERIENCE*

• Minimum of 4-5 years of progressive work experience in computer systems with specialization in computer security (fraud monitoring tools/procedures) required
• In-depth experience with IT network management (topologies, architectures, protocols, encryption, and certificate authorities) required
• Experience with basic banking operations required
• Minimum of 1-2 years in a role with leadership responsibilities desired

*Equivalent education and experience will be considered

AFFIRMATIVE ACTION
Security National Bank provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, gender, sexual orientation, gender identity or expression, national origin, age, disability, genetic information, marital status, amnesty, or status as a covered veteran in accordance with applicable federal, state and local laws.