IT GRC & Security Risk Manager

There are important qualities you look for in an employer - meaningful work, community engagement, competitive benefits, commitment to employee development, and so many more. At Bankers Trust, our team members experience an inclusive and community-focused culture and we're proud of the premier workplace we've created. We regularly receive best in class results through our biennial employee engagement survey. We're also proud to receive recognition from others, including our designation as a "Best Place for Working Parents," being a four-time recipient of the Greater Des Moines Partnership's Inclusion Award, and being named one of the "Best Businesses Supporting Local Charity" by readers of the Business Record.

Job Summary:

The IT GRC & Security Risk Manager leadership role is responsible for overseeing the integration of Governance, Risk, Compliance (GRC), IT Security, and Audit functions. This position will have oversight and course set strategic direction for IT security operations, risk management, and compliance, ensuring alignment with regulatory requirements and industry best practices. The manager will lead the development and compliance of IT governance, security policies, and standards, working closely with cross-functional teams, including Legal, Risk, Audit, and Technology departments. Additionally, they will oversee asset management, identity access management, and audit remediation, and drive continuous improvement in the organization's security posture, risk mitigation strategies, and the ongoing maturity of security and compliance frameworks.

Primary Functions and/or Responsibilities:

• Develops and oversees the implementation of the enterprise-wide IT security strategy, ensuring alignment with business objectives and regulatory requirements.
• Oversees the design, implementation, and maintenance of robust security architectures and frameworks to ensure resilience against cyber threats.
• Manages the development, implementation, and compliance of information security policies, procedures, and standards to protect critical assets.
• Leads and directs security operations, including threat detection, incident response, and vulnerability management, ensuring timely remediation of security incidents.
• Oversees the audit and compliance programs, ensuring adherence to internal controls, regulatory standards, and audit requirements.
• Collaborates with cross-functional teams and external partners to enhance the organization's cybersecurity posture, including managing relationships with regulators and auditors.
• Provides strategic leadership for identity and access management (IAM) programs, ensuring secure and efficient access to IT resources.
• Leads the continuous improvement of IT governance practices, driving innovation and process optimization in compliance and security operations.
• Directs the integration of security and compliance considerations into the software development lifecycle and IT infrastructure projects.
• Mentors and develops security and compliance staff, fostering a culture of professional growth and continuous learning.
• Develops and maintains reporting mechanisms to communicate the organization's security and compliance posture to senior management and the board of directors.
• Acts as a thought leader in IT security and compliance, staying abreast of emerging threats, technologies, and best practices to continuously enhance the organization's capabilities.
• Performs other duties as assigned.

Education and/or Experience:

• 10 - 15 years experience
• Four-year college degree in a related field preferred OR an equivalent combination of education and experience

Specific Skills, Knowledge & Abilities:

• Four-year degree in a related field required
• At least ten years of relevant experience or equivalent combination of experience and education
• Prior supervisory experience required
• CISSP, CISM, CRISC, or equivalent certifications
• Proven track record of strategic leadership in IT security and compliance, preferably in the banking or financial services industry
• Experience as a security professional with proven people management and leadership skills within the security industry
• Experience with security tools and platforms including SIEM, IPS/IDS, DLP, Application Whitelisting, Email Security, Endpoint and Server protection, Network protection, Firewalls, etc.
• Extensive experience in cyber threat and vulnerability analysis and remediation
• Significant experience involving internal and external penetration testing, and application testing
• Prior working experience in the banking industry is preferred
• 4+ years of experience in any of the following security and control frameworks is preferred NIST Cybersecurity Framework, CRI Profile CIS, NIST, FFIEC IT Examination Handbook, MITRE ATT&CK or COBIT

Hiring Salary Range

The hiring range below reflects targeted base salary. Actual compensation will be determined based on the candidate's prior related experience & education and will be finalized at the time of offer. In addition to base salary, most positions are also eligible to participate in our annual bonus program. Select positions may also be eligible to earn incentives and/or commissions. Hiring Salary Range: $115,000 - $136,000

Benefits

• Group Health, Dental, and Vision Insurance
• Generous Paid Time Off (PTO)
• Volunteer Time Off (VTO)
• 401(k) plan with lucrative company match
• Tuition assistance
• Company Paid Life Insurance
• Paid Parental Leave
• Lifestyle Accounts that provide employees with reimbursement for the things that are most important to them such as childcare, student loan payments, gym memberships, pet insurance and much more.
• Team Member Banking - a suite of products and services with special benefits for employees

Hybrid Eligibility: Position may be eligible for a hybrid work schedule (requiring some days in the office each week).

AFFIRMATIVE ACTION/EQUAL OPPORTUNITY EMPLOYER

"PROTECTED VETERANS" AND "INDIVIDUAL WITH DISABILITY"