Founded in 1908, CIT (NYSE: CIT) is a financial holding company with more than $65 billion in assets. Its principal bank subsidiary, CIT Bank, N.A., (Member FDIC, Equal Housing Lender) has more than $30 billion of deposits and more than $40 billion of assets. It provides financing, leasing and advisory services principally to middle market companies across a wide variety of industries primarily in North America, and equipment financing and leasing solutions to the transportation sector. It also offers products and services to consumers through its Internet bank franchise and a network of retail branches in Southern California, operating as OneWest Bank, a division of CIT Bank, N.A.
This role will focus on maintaining systems, policies, and procedures to protect data from unauthorized users. The candidate will also serve as interface and subject-matter expert for the purpose of assisting IT teams in protection of company and customer information. The right candidate must be familiar with standard data protection and privacy concepts, industry practices, and financial industry regulations. Common tasks expected to be part of day-to-day operation include:
• Overseeing data security and privacy practice
• Executing data security and privacy procedures
• Incident Response duties
• Maintaining Data Loss policies and infrastructure
• Maintaining database security policies and infrastructure
• Maintaining data masking processes and infrastructure
• Review and respond to data security events
• Coordinate data security event response with Information Risk teams
• Provide metrics and reports as required by management
• Serve as subject-matter expert and attend to internal customer requests
• Identify and suggests roadmap for improving data security and privacy program
Minimum Required Skills & Experience:
The candidate must have:
• A minimum of 5 plus years in information security, preferably in financial industry.
• 10 plus years in Information Technology experience. -Have a deep understanding of data loss prevention practices
• Have demonstrated experience with of Symantec Data Loss Prevention technologies.
• Have demonstrated experience with Data Masking requirements and processes
• Have demonstrated experience with database security controls such as Guardium and Imperva
• Have CISSP or other recognized security certifications.
• Incident Response experience a plus.
• Demonstrated ability to manage IT projects.
• Be able to demonstrate database level encryption.
• Experience with encryption of information while traveling across networks.
• Excellent communication skills.
• Ability to work with other functions to achieve security objectives.