Information Security Manager

Pay Range: $101,536.00 - $135,374.00

The position of Information Security Manager is a high-level security position which reports toand performs tasks under the direction of the Director of Information Security. The Information Security manager will coordinate the efforts of the IT Security Officers, Technology Services, projects, and incident response to protect its information systems and networks from cyber-attacks, intrusions malware and various data security. In addition, this position will provide support across NBT Bancorp company sectors including subsidiaries and affiliates.

Education and Experience:

• 5+ years experience in Information security, computer science, or information technology field
• 1 year management experience
• Bachelors Degree in Information Technology, Cybersecurity, Computer Science or equivalent industry experience
• Information Security certifications preferred

Skills and Abilities:

• Thorough Knowledge of all cybersecurity and information security related regulations applicable to federal regulations (OCC, FFIEC, CFPB, SEC).Ability to communicate effectively with a diverse array of constituents including senior leaders. Ability to plan, estimate, manage and control tasks of selves and others. Strong project management skillsAbility to work under pressure and remain adaptable in a fast-paced, changing work environment.

Unique Job Characteristics and Requirements:

CISSP or CISM Certification Preferred. Knowledge of Secure Software Development.

Tasks Performed:

• 20% Develop and Maintain the NBT Bancorp information security program and architecture that includes; risk assessments, policies, principles and standards to ensure ongoing maintenance of security. This would include protection of sensitive corporate assets, ensure data privacy and comply with all laws and regulations.
• 20% Functioning as a subject matter expert, Identify security design gaps in existing and proposed information security architecture and recommend industry standards or best practices. Collaborate with Infrastructure team members to identify, select and implement and analyze required technical controls and relate them to acceptable risk and security controls.
• 20% Manage and conduct security reviews of network and web application architectures processes to identify security controls are present and identify avenues of compromise. This could include either inhouse testing or act as a third-party vendor liaison for independent testing.
• 20% Manage and maintain knowledge of security systems including firewalls, virus protection, Vulnerability Scanning, Web/Email filters, Forensic systems and network based host intrusion systems. Develop processes that analyze data and produce accurate, meaningful and easily interpreted results based on user requirements and use cases.
• 10% Oversee the monitoring, identification and resolution of security incidents to detect threats through analysis, investigations, and prioritization of incidents based on exposure. Develop reporting to be presented to senior management on residual risk, vulnerabilities, and other security exposure including misuse of information assets.
• 5% Train, mentor, develop and oversee staff. Conduct performance based coaching, establish individual goals while maintaining an up to date knowledge of information security and cybersecurity threats.
• 5% Other duties as assigned.

Physical Requirements:

• Communicate effectively with internal and/or external customers
• Stationary 75% of time or greater
• Move Objects to Maximum 10 lbs

Benefits for Full-Time Employees: 

• Generous Paid Time Off: At least 22 days annually, prorated in the year of hire. 

• Parental Leave: Six weeks of paid leave at 100% of your salary. 

• Comprehensive Medical Coverage: Includes employer contributions to HSA for High Deductible Health Plan participants. 

• Dental and Vision Coverage: Ensuring your overall health and well-being. 

• Flexible Spending Accounts: For healthcare and dependent care expenses. 

• Employer-Paid Disability Coverage: Both short-term and long-term, with an option to purchase additional long-term coverage. 

• Life Insurance: Employer-paid basic life insurance, with an option to purchase supplemental coverage. 

• Voluntary Benefits: Including hospital, accident, and critical illness coverage. 

• Retirement Plans: Benefit from a 401(k) plan with employer matching, an optional Roth 401(k), and a pension plan to help secure your future.

• Adoption Assistance: Supporting your growing family. 

• Tuition Reimbursement: Invest in your education and career growth. 

• Employee Assistance Program (EAP): Access to support and resources. 

• Financial and Banking Services: Various benefits and financial planning assistance. 

Benefits for Part-Time Employees Working 20+ Hours/Week: 

• Medical Coverage: Includes employer contributions to HSA for High Deductible Health Plan participants. 
• Generous Parental Leave: Six weeks of paid leave at 100% of your salary. 

Benefits for All Part-Time Employees: 

• Retirement Plans: Benefit from a 401(k) plan with employer matching, an optional Roth 401(k), and a pension plan for employees who work at least 1,000 hours in a calendar year, all designed to help secure your future

• Paid Sick and Safe Leave: For your health and safety. 

• Employee Assistance Program (EAP): Access to support and resources. 

• Financial and Banking Services: Various benefits and financial planning assistance. 

Applicants must be authorized to work for any employer in the U.S. We are unable to sponsor or assume sponsorship of an employment Visa at this time.