Sign In
 [New User? Sign Up]
Mobile Version

Information Risk Management Specialist

Bank of Hawaii

Oahu, HI
Job Code:
Bank of Hawaii
  • Save Ad
  • Email Friend
  • Print
  • Research Salary

Job Details

Information Risk Management Specialist-1700618

Under the direction of the Manager, the Senior Information Risk Management Specialist interfaces with the user community and other information security program risk specialists (line management, Information Security Coordinators, Information Technology, Corporate Sourcing, Corporate Security, and Corporate Business Continuity) to identify information security risks, improve information security awareness, education and training,  and implement the Information Security and Identity Theft programs. Assists with business unit’s compliance to ensure line and technology management compliance with applicable laws and regulations, regulatory requirements and Bank policies and procedures, including but not limited to GLBA, FACTA, PCI DSS, Anti-Money Laundering laws and regulations, Bank Secrecy Act and USA PATRIOT Act.  In addition, this position is responsible for demonstrating the Excellence in Sales/Service (ESS) philosophy by participating in and practicing ESS disciplines and behaviors.




  • Leads Information Security risk management activities including IT security risk assessment, vendor and procurement risk management, and manages the remediation of identified gaps and issues.
  • Identifies measurements of program effectiveness and provides analysis to senior management.
  • Develops processes and acquires tools for evaluating information security risk, and integrates those tools within the overall Information Security risk management process.
  • Develops enhanced information security training, education, and awareness program including the development of training tools, tips, alerts, and training schedules.
  • Manages and matures the information technology and information security governance program. 
  • Recommends, maintains, develops, and revises corporate wide information security, information technology, and identity theft program policies and procedures.
  • Provides guidance and determines which components need to be in place for the information technology, information security and identity theft programs for the user community throughout BOHC. 
  • Serves as the Information Security Incident Response program manager, providing oversight of the Bank’s incident response program, developing schedule for and coordinating and conducting incident response exercises, and ensuring updates to associated policies and procedures.
  • Act as a subject matter expert in relation to various Technologies, IT Risk, Control and Security.
  • Develops and manages ongoing business partnerships and communication for information security and identity theft program implementation, including regular activity reporting, with the user community.
  • Interpret regulatory requirements and corporate policies, communicate these clearly alongside current status, and provide oversight of compliance as required.
  • Build and mature a culture focused on the pro-active awareness and improvement of the risk environment.
  • Performs other miscellaneous duties as assigned.




  • Bachelor’s Degree or equivalent.



  • Minimum 7 – 10 years of information security/information technology work experience with 5 or more years in a combination of the following areas:
    • Conducting information security risk assessments
    • Managing vendor/procurement risk
    • Developing and maintaining information security awareness and education programs
    • Experience with information technology audits, preferably in the financial services industry
    • Experience in managing information technology/security projects to drive business process improvements required
    • Demonstrating and influencing the behaviors and competencies of a risk based mindset across the bank
    • Excellent organizational skills
    • Excellent communications skills, coupled with ability to be versatile and flexible
    • Ability to drive action within the business units to ensure appropriate risk management
    • Experience with Sarbanes Oxley, Gramm-Leach Bliley Act, and other regulations affecting the financial services industry


Technical Skills:

  • This position requires use of a personal computer and other standard office equipment (typewriter, fax, copier, calculator and telephone). 
  • PC proficiency, product research, evaluation and solution definition, familiarity with Microsoft Office suite including SharePoint, and web site maintenance experience required. 
  • Proficient knowledge of information security risk assessment frameworks and risk management methodologies required. 
  • Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), and/or Certified Information Security Auditor (CISA) preferred. 


Other Job Qualifications:

  • Demonstrated written and verbal communication and presentation skills to all levels of management. 
  • Must have strong interpersonal skills with a collaborative work style and the ability to interact effectively with all levels of staff and management. 
  • Must possess strong influence and problem solving skills with the ability to adapt their approach as required to achieve goals in different business areas. 
  • Possesses analytical skills, knowledgeable of information security systems concepts, awareness of new approaches and techniques in information security technology and able to identify and implement process improvements. 
  • Must be able to provide own transportation and arrive at various locations on a timely basis. 
  • Must be able to work at multiple job locations. 


All qualified applicants will receive consideration for employment and will not be discriminated against on the basis of any legally protected classification including race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, or protected veteran status.  Bank of Hawaii takes affirmative action in support of its policy to advance in employment legally recognized individuals including minorities, women, protected veterans and individuals with disabilities.


Job Function Information Technology
Primary Location Hawaii-Oahu
Schedule Full-time
Job Posting Jul 19, 2017, 12:25:53 PM
Unposting Date Ongoing
Powered By

Featured Jobs [ View All ]