Cyber Security Operations Director

Ameris Bank is a purpose-driven company, dedicated to bringing financial peace of mind to communities, one person at a time. Whether a customer wants to grow their business, buy a home, or feel confident in their retirement plan, they have a partner in Ameris Bank. We serve customers in our locations across the Southeast, Mid-Atlantic and nationwide through our extensive digital offerings and mobile app.

Delivering financial peace of mind starts with a team that values integrity and rewards ingenuity. At Ameris, you'll find teammates who are inclusive, collaborative problem-solvers who go the extra mile to support one another and to meet every customer's needs. When teammates are empowered and bring their diverse perspectives to the table, we create the best possible outcomes for our customers. At Ameris, we know that a growth mindset is key for high performance and fosters an environment that prioritizes continuous improvement. Teammates have access to Employee Resource Groups that serve as advocates and allies as well as professional development opportunities to drive ongoing education. Learn more about our purpose and how you can bring it to life as an Ameris Bank teammate.

The Cyber Security Operations Director is responsible for overseeing and enhancing our organizations' capabilities to defend our cyber landscape while ensuring the safety and security of all assets, including personnel, infrastructure, data, and intellectual property. This role involves developing and implementing security strategies, overseeing the day-to-day security operations, managing security incidents, threat intelligence, cyber financial crimes intelligence, countermeasures and ensuring compliance with relevant regulations and standards. The Cyber Security Operations Director will also oversee vulnerability management including application security. Performs other projects and duties as assigned.

Essential Functions, Duties, and Responsibilities:

* Security Operations and Threat Intel

* Develop and implement comprehensive security strategies, policies, and procedures that align to industry standards (e.g. NIST, FFIEC)

* Lead, mentor, and manage the security operations team, fostering a culture of security awareness across

* Collaborate with executive leadership to align security initiatives with business goals.

* Oversee the daily operations of the security operations center (SOC), ensuring effective monitoring

* Manage and coordinate incident response activities, including investigation, mitigation, and reporting of security incidents.

* Optimize security monitoring to ensure the right use cases through threat modeling are in place and aligned to MITRE ATT&CK methodology.

* Lead the cyber threat and financial crimes intelligence function, gathering and analyzing threat data to inform security strategies.

* Develop and implement countermeasures to address identified threats, including advanced persistent threats (APTs) and emerging cyber threats.

* Work closely with external intelligence agencies and partners to stay ahead of the latest threat landscape.

* Provide threat intelligence insights to guide decision-making at the executive level.

* Conduct regular risk assessments and vulnerability assessments to identify potential security threats.

* Prepare and deliver reports on security status, risk assessments, and incidents to executive management.

* Conduct post-incident analysis and implement improvements to prevent future incidents.

* Coordinate with law enforcement and other external agencies during investigations.

* Vulnerability Management, Application Security and Penetration Testing

* Lead the organization's vulnerability management program, including the identification, assessment, and ensure regular scanning and monitoring of the IT environment to identify vulnerabilities.

* Develop and enforce patch management policies to ensure timely remediation of vulnerabilities.

* Report on vulnerability management metrics and progress to executive leadership.

* Develop and implement application security best practices across the organization.

* Work closely with the software development teams to integrate security into the software development lifecycle (SDLC).

* Conduct regular security assessments of applications to identify and remediate vulnerabilities.

* Stay informed about the latest application security threats and trends, ensuring the organization's applications are secure against potential threats.

* Oversee and manage the organization's penetration testing program to identify and mitigate security weaknesses.

* Plan and execute red, blue, and purple team exercises to test the effectiveness of the organization's security defenses.

* Analyze the outcomes of these exercises to improve the organization's security posture and incident response capabilities.

* Collaborate with internal and external teams to continuously refine testing methodologies and tools.

* Ensure compliance with local, national, and international regulations and industry standards.

* Evaluate and recommend investments in security technology and resources.

* Oversee vendor relationships and negotiate contracts related to security services and products.

* Manage the security operations budget, ensuring optimal use of resources.

Required Knowledge, Skills and Competencies:

* Strong understanding of security frameworks, standards, and best practices.

* Proven ability to manage and lead a security operations team.

* Excellent problem-solving skills and the ability to make critical decisions under pressure.

* Strong communication and interpersonal skills, with the ability to interact effectively with all levels of the organization.

* Experience with security technologies and tools, such as SIEM, IDS/IPS, Bot Protection, WAF and endpoint protection.

* Proficiency in application security, vulnerability management, and Penetration Testing best practices.

Industry and Work Experience:

* 8-10+ years of experience in security operations, with at least 5 years in a leadership or management role.

Academic:

* High School Diploma or GED required.

* Bachelor's degree in Computer Science, Information Security, or a related field. A Master's degree is preferred.

* Relevant certifications such as CISSP, CISM, CEH, or similar strongly preferred.

Benefits Available to Employees:

Ameris Bank provides a comprehensive employee benefit package to all eligible employees.

• Medical, Dental and Vision Insurance
• Ameris Bank absorbs a major portion of the cost of healthcare. You become eligible for coverage on the first of the month following 30 days of employment
• Life Insurance provided at no additional cost to employees
• Accidental Death & Dismemberment Coverage
• Long-Term Disability Coverage
• Paid Sick and Vacation Leave
• 11 Holidays
• Volunteer/Service Day
• Employee Stock Purchase Plan
• 401(k) Retirement Plan
• Ameris Bank matches 50% of your first 8% of contributions to the plan
• Flexible Spending Accounts
• Health Savings Account
• Health Reimbursement Arrangement
• Supplemental Life & Other Insurance Plans
• Identity Theft Protection
• Pet Insurance
• Legal Insurance
• Employee Assistance Program
• Employee Advocacy Program
• Tickets at Work (Entertainment discounts for Ameris Bank Employees)
• AT&T Employee Discount
• Wellness Discounts for Medical Premiums and Other Rewards
• Employee Referral Incentive
• Education Assistance
• Employee Resource Groups
  

Banking Advantages for Employees:

In addition to a wide array of benefits, Ameris Bank employees are also eligible for special bank services.

• Free Interest Checking
• Free Safe Deposit Box
• Free Money Orders, Travelers' Checks and Cashier Checks
• Discount on Mortgage Origination Fee
• Free Online Banking and Free Unlimited Online Bill Payment
• Employee Banking Perks
  

Disclaimer:

The above job description is meant to describe the general nature and level of work being performed; it is not intended to be construed as an exhaustive list of all responsibilities, duties, and skills required for the position.

All job requirements are subject to possible modification to reasonably accommodate individuals with disabilities. Some requirements may exclude individuals who pose a direct threat or significant risk to the health and safety of themselves or other employees.