Lead Information Security Governance & Risk Specialist Position Available In Duval, Florida

Lead Information Security Governance & Risk Specialist EverBank N.A. Jacksonville, FL 32202 • Hybrid work Lead Information Security Governance & Risk Specialist The Lead Information Security Governance & Risk Specialist identifies and manages potential information security risks to the environment by conducting control assessments, vendor due diligence and identifying remediation action plans to mitigate cybersecurity risks. Under limited supervision, this role will also support the overall program and process execution of the supplier risk management team and business information security office to drive improvements to minimize possible risk exposure to the organization. Key Responsibilities and Duties Completes cybersecurity risk assessments and maturity assessments to identify inherent risk and implemented security controls. Reviews technical feasibility of adopting external cloud-based IT platform and infrastructure services within the organization. Leads the identification of portions of the organization’s IT platform/infrastructure with the highest potential return for cloud deployment. Facilitates implementation of the organization’s global strategies and initiatives to enhance Information Technology plans, operations and procedures. Works with technology and risk partners to create remediation action plans to mitigate cybersecurity risks and govern action plans through until completion. Coordinates and tracks program deliverables such as team strategy, capacity management, reporting deliverables, and team communications. Drives the remediation of control gaps based on priorities set by the organization. Communicates effectively with representatives of the Lines of Business, technology areas, risk partners, and vendors to escalate when needed. Develops deep understanding of vendor risk program and provide guidance to internal partners. Collaborates across extended teams to drive efficiencies within the vendor engagement and vendor due diligence. Maintains and enhances documented policies and procedures. Leads the cost/benefit evaluation of cloud solutions compared to virtual private networks, dedicated hosting, and in-house solutions. Educational Requirements University (Degree) Preferred Work Experience 5+ Years Required; 7+

Years Preferred Physical Requirements Physical Requirements:

Sedentary Work Career Level 8

IC Requirements:

Risk Assessment including

Fraud:

Conduct risk assessments with vendor to identify potential fraud vulnerabilities in business processes and information systems. Included are 3rd party reviews. Evaluate internal controls and recommend improvements to reduce fraud risk exposure.

Cyber and Fraud Prevention Strategy:

Design and implement fraud prevention programs, including monitoring systems and policies to mitigate fraudulent activities. Work with the security operations center (SOC) to continuously monitor for suspicious activities across digital platforms.

Compliance & Regulatory Adherence:

Policy and Standards including customer authentication, verification, and fraud prevention. Ensure that business units comply with relevant fraud-related regulations, such as GLBA, NIST, and anti-money laundering (AML) requirements. Stay up to date with fraud-related legal and regulatory changes to maintain compliance.

Incident Management & Response:

Knowledge of cyber and fraud related tools including LexisNexis and Actimize Lead investigations into suspected fraud incidents and work with forensic teams to collect evidence. Develop and execute incident response plans for fraud-related security breaches.

Cross-Functional Collaboration:

Work closely with legal, finance, IT, and audit teams to investigate and resolve fraud-related issues. Provide fraud insights and guidance to business leaders, helping to mitigate emerging fraud risks.

Security Awareness & Training:

Develop training materials and conduct awareness programs on fraud risks, prevention, and detection techniques for the business including customers. Advocate for fraud prevention best practices throughout the organization.

Fraud Analytics & Reporting:

Leverage data analytics and security tools to detect patterns, trends, and anomalies indicative of fraud. Generate regular reports on fraud risk status and progress toward mitigation efforts for executives. Hybrid work is a minimum of four days a week in office, with one flexible day for remote work.

Posting end date:

4/26/24

Req Benefits:

EverBank, N.A. and Sterling Bank and Trust, a division of EverBank, N.A. (together, the “Company”) is committed to the well-being of its associates. That’s why we offer a comprehensive Total Rewards package commensurate with the position and job-related qualifications, skills and knowledge. The Company’s comprehensive Total Rewards package provides choice and flexibility and respects differences. The following benefits are available through the

Company:

Medical, dental, vision & HSA/FSA 401(k) savings Paid holidays & generous PTO Additional wellness & voluntary benefits Additional Company-provided benefit options (subject to plan terms): Tuition reimbursement

Commuter Benefits Life and Disability Insurance Compensation:

$124,200 – $168,000

Additional Details :

EverBank, N.A. and Sterling Bank and Trust, a division of EverBank, N.A. (together, the “Company”) is a nationwide specialty bank providing high-value products and services to consumer and commercial clients nationwide. As a pioneer in online banking, we offer convenient digital access for clients 24/7, in addition to phone banking services and a network of financial centers. The Company’s commitment is to deliver to our clients high-performing, high-yield solutions backed by exceptional service, always giving them the advantage they expect, to make the most of their money. VEVRAA Federal Contractor Member FDIC Notice to Job Seekers