BMO Financial Group Information Security Policy and Standards Advisor in Chicago, Illinois
The Information Security Policies and Standards (ISPS)Advisor is accountable to ensure that information security requirements withinBMO are identified, assessed and documented, with appropriate controls inplace. Ensuring that documentation comply with internal BMO InformationSecurity (IS) Corporate Policy and Standards as well as alignment with industrybest practice frameworks (ie. NIST, ISO) and regulatory requirements. Inaddition, the Advisor is expected to act as the lead resource reporting intothe Sr. Manager of IS Policies and Standards, providing global risk andcompliance (GRC) consulting and advisory services.
We’re looking for enthusiastic individuals with a passion toinnovate and find creative approaches to execute this function. Connecting withindustry leaders and peers to improve the effectiveness of this function.
Consulting and Advisory
Reporting, Governance and Control
Training and Awareness
Consulting and Advisory:
Work closely with portfolio personnel, stakeholders, andsenior management to identify improvements to Information Security relatedpolices and standards.
Understand business, local and Information Securitystrategies as they relate to the portfolio.
Translatehigh level corporate information security policy requirements into granular ISmanagement standards and operating directives.
Act aslead resource to support Management, track and maintain currency of existing ISmanagement standards and operating directives. Ensure continual alignment ofstandards to regulatory requirements and industry best practices
Initiateand lead collaborative working sessions with key stakeholders across theenterprise to solicit input / feedback and obtain consensus on new or revisedIS standards and directives
Supportthe development and maintenance of internal process documentation to ensurethese documents across all US CISO & Enterprise IS Programs teams are consistentin their content and quality
Helpdeliver effective performance and risk metrics
Provideleadership in identifying risk exposure, championing best practices andimplementing continuous process improvement initiatives.
AssistManagement with data gathering evidence for audits and regulatory reviews, aidin the resolution of security issues / findings.
Evaluateand assess emerging security threats and vulnerabilities in portfolio and workwith leadership to develop appropriate documentation and requirements.
Delivereffective execution of all processes in order to meet productivity, qualityservice and business goals.
Providesstrong SME consultation and guidance to a multi-disciplinary, professional teamof contractors and employees.
Be anadvocate for IS solutions and standards.
Reporting, Governance andControl:
Identify and report IS trends by reviewing ISPS Teamportfolio and compliance risks to generate reports.
Consolidate, interpret and report key information securityrisk, trends for the portfolio and understand effectiveness of requirements inmanaging the key risks.
Support implementation of information security riskgovernance and control processes within the ISPS Team that incorporates aconsistent, sustainable methodology for identifying, assessing, and documentinginformation security Standards that provides early warning of potential gaps ininformation security requirements.
Monitors due diligence of information security Policies andStandards on an ongoing basis
Encourage compliance to standards specific to the localorganization, consistent with IS policies and guidelines, and with T&Ocontrol frameworks
Review and provide recommendations to IS policies,standards, guidelines/ processes.
Escalate IS potential or unresolved issues tomanagement for resolution as appropriate
Training and Awareness:
Participate and facilitate communication, and training,to promote effective Information Security awareness of Policies andStandards
Influence processes for adoption of the requirements withinthe local organization, leveraging existing programs where available.
Promoting awareness and knowledge of good InformationSecurity practices in the general
Encourage local organizations in developing cascadingprocess documents that align to overarching policies and standards andimplementing their own unit or role specific Information Security training andawareness programs as appropriate.
Post-secondary education in Information Security, Information Technology, Risk Management or a related discipline or equivalent combination of education and on-the-job experience
6 years of working experience in information security
Strong knowledge of information security and industry best practices
Previous experience in writing or contributing to the creation of IS security standards and policies
Previous experience in addressing audit and regulatory requirements
Familiarity with security and privacy legislation, regulation and industry standards impacting global financial institutions
At least 1 industry certification related to the information security field is preferred (e.g. CISSP, CISA, CISM, CRISC)
Experience working in a large financial institution preferred
Highly developed oral and written communication skills, ability to express oneself and communicate effectively at all levels within the organization
Strong ability to negotiate / facilitate & influence discussions with senior leaders
Strong collaboration and relationship management skills
Advanced presentation skills
Strong analytical and organizational skills
Good problem solving and risk analysis skills
Good consulting and leadership skills
We’re here to help
At BMO we have a shared purpose; we put the customer at the centre of everything we do – helping people is in our DNA. For 200 years we have thought about the future—the future of our customers, our communities and our people. We help our customers and our communities by working together, innovating and pushing boundaries to bring them our very best every day. Together we’re changing the way people think about a bank.
As a member of the BMO team you are valued, respected and heard, and you have more ways to grow and make an impact. We strive to help you make an impact from day one – for yourself and our customers. We’ll support you with the tools and resources you need to reach new milestones, as you help our customers reach theirs. From in-depth training and coaching, to manager support and network-building opportunities, we’ll help you gain valuable experience, and broaden your skillset.
To find out more visit us athttps://bmocareers.com.
BMO is committed to an inclusive, equitable and accessible workplace. By learning from each other’s differences, we gain strength through our people and our perspectives. Accommodations are available on request for candidates taking part in all aspects of the selection process.
BMO Financial Group
- BMO Financial Group Jobs