Director IT Security CISO

Lincoln Investment recognized as one of Philadelphia's Top Workplaces for over ten years, is an independent broker dealer and registered investment advisor that offers brokerage, investment advisory and other financial services. Lincoln has over 1,000 financial advisors nationwide and we serve over 350,000 clients representing over $36 billion in assets. We are a majority family-owned financial services firm that regards our employees as integral players in our continuous growth. Lincoln Investment's success is built upon our dedication to helping people retire well and promoting a work environment that fosters success. Our financial strength and profitability are natural results of "helping people, having fun, and enjoying success." Lincoln Investment offers a competitive compensation and benefits package. Our Home Office is conveniently located in Fort Washington, PA, just outside of Philadelphia.

Job Summary:

The Director, Cyber and Security will be responsible for implementing and running the enterprise information security program. That will involve identifying, evaluating, and reporting on legal and regulatory, Technology, and cybersecurity risk to information assets, while supporting and advancing business objectives.

The position requires a sound knowledge of business management and a working knowledge of cybersecurity and traditional security technologies covering the corporate network as well as the broader digital ecosystem. This role will also be responsible for establishing and maintaining the information security program to ensure that information assets and associated technology, applications, systems, infrastructure and processes are adequately protected in the digital ecosystem in which we operate.

A key element of the Director, Cyber and Security role is working with executive management to determine acceptable levels of risk for the organization. He or she will proactively work with business units and ecosystem partners to implement practices that meet agreed-on policies and standards for information security. The Director, Cyber and Security should understand and articulate the impact of cybersecurity and security on the business (digital and traditional) and be able to communicate this to senior stakeholders.

The Director, Cyber and Security, will work alongside other key members of Lincoln's Technology functions as well as the CIO to define, manage, and implement the required cybersecurity and security products and services and to protect Lincoln's Employees and Clients, manage disaster recovery and business continuity plans, and ensure compliance with all regulatory standards.

Areas of Focus:

Enhance Collaboration: Foster stronger collaboration between the Director, Cyber and Security, and other departments such as marketing and sales to ensure a holistic approach to cybersecurity that aligns with business objectives.

Continuous Training: Implement regular and mandatory cybersecurity training sessions for all employees to keep them updated on the latest threats and best practices.

Advanced Threat Detection: Invest in advanced threat detection and response technologies to stay ahead of emerging threats and ensure rapid response to incidents.

Regular Audits: Conduct regular internal and external audits to identify and address potential vulnerabilities in the company's security posture.

Employee Engagement: Encourage a culture of security awareness and engagement among employees by recognizing and rewarding proactive security measures and contributions.

Job Responsibilities:

• Understand the Company's business strategy and objectives by studying the business functions, gathering information, and evaluating Company projects and initiatives. Based upon business strategy and regulatory requirements, create cybersecurity and security strategies with detailed roadmap, execution plan, and proposed rollout dates.
• Maintain expertise in information technology and security, while possessing the ability to communicate complicated security concepts to technical and nontechnical employees and Advisors.
• Keep current with national cybersecurity programs such as the NIST Cyber Security Framework.
• Maintain security industry affiliations for information sharing and networking.
• Conduct employee security awareness training, develop secure business and communication practices, and identify security objectives and key performance metrics.
• Work with technology teams in selecting and purchasing security products from vendors.
• Own security breach and incident response, leading the following:
• Development of initial notification, investigation and disclosure processes and procedures
• Case by case investigation and forensics
• Ongoing reporting to senior management
• Work with compliance and legal on proper notifications and disclosures
• Perform vendor risk assessments including:
• Vendor risk assessment questionnaire upkeep
• Annual SOC report review of company vendors
• Vendor security review and onboarding approval
• Development of identity and access management policies and procedures including:
• User credentials, onboarding and offboarding of employees, vendors and Advisors
• Insider threat detection procedures
• Vendor logins and access oversight
• Partner with Compliance on:
• Interpreting regulatory rules and creating policies to ensure compliance (WORM compliance, backup policies, etc.)
• Ongoing reporting of security compliance
• Training on security topics
• Reviewing FINRA/SEC/State regulatory filings and disclosures and determining if action is needed
• Creating and delivering annual report of the state of security at Lincoln to the CIO for presentation to the Board.
• Providing monthly Risk Committee updates
• Ensure that the company is in regulatory compliance with the rules for relevant bodies and enforcing adherence to security practices.
• Experience working with external auditors for annual SOC reporting
• Responsible for managing the Security Operations Center, as an internal company function or outsourced to a security vendor. This includes being responsible for:
  • Continuous monitoring of Alerts
  • Threat response and remediation (malware/security fixes/etc.)
  • Log management and monitoring (SIEM)
  • Continuous update of policies related to threats (Out-of-country login, VPN hopping, multiple login failures, etc.)
  • Threat hunting and threat intelligence
  • End point detection/End point response (EDR)
  • Network Detection and Response (NDR)
  • Secure Access Service Edges (SASE)
  • Security considerations for business continuity and disaster recovery
  • Security considerations for remote work
  • Security Orchestration Automation and Response (SOAR) functionality
• Ensure the company's Patch Management and Fixes Policies and Procedures are current and up to date, as well as monitoring that they are being implemented and followed in partnership with the Director, Infrastructure and Operations.
• Development and management of the vulnerability policy including recommending penetration testing and remediation frequency in partnership with the Director, Infrastructure and Operations, and VP, Engineering.
• Oversee internal and external penetration tests, vulnerability and risk assessments as needed.
• Ability to implement and optimize processes and technologies for secure software development lifecycles or integrated security functions for DevOps.

Knowledge and Abilities:

• Expert in all aspects of cybersecurity and security including nationally adopted policies and procedures, security technology and industry trends.
• Expert in understanding how to secure and manage a hybrid delivery environment of on-premises, cloud, and SaaS based platforms.
• Understanding of the financial services business including all corporate functions, processes, inter-relationships with Middle & Back Office, Software Development, Compliance, Technology Implementations, Data Management and Conversions, and Sales.
• Experience with user-centric design - ability to make the company secure while focusing on jobs-to-be-done.
• Use of the utmost discretion in dealing with highly sensitive and confidential information
• Outstanding communication and interpersonal skills - interface with our Advisors as well as internal stakeholders: fellow technologists, legal, compliance, sales and marketing.
• Entrepreneurial mindset with the ability to build strong data-driven arguments, prioritize with business strategy in mind, and evangelize security related projects to build consensus within an organization.
• Possess strong project control, organizational and time management skills.
• Possess and demonstrates leadership skills and ability.
• Sufficient initiative to work independently.

Physical Requirements:

• Ability to work indoors at a desk for extended periods of time.
• Ability to ascend and descend a set of stairs.
• Ability to lift and carry 10-20 pounds as needed.
• Listen, talk, interact, and effectively communicate with other employees, supervisors and outside contacts
• Standing and/or sitting for extended periods of time.
• Use of phone and/or computer for extended periods of time.
• Bending, reaching and twisting in the performance of daily job functions.
• Seeing, reading, and writing utilizing a computer keyboard, mouse and other computer components.
• Ability to work a set schedule consistent with job and/or business needs.

Qualifications:

Education: Bachelor's degree required in Computer Science, Engineering or STEM related field. MBA, PMP, and or related certifications such CISSP, CISA, CISM, GSE, GSP, etc. preferred.

Experience:10+ years of financial services cybersecurity and security related work.

Lincoln Investment is an equal opportunity employer. Lincoln Investment prohibits discrimination and harassment of any type and affords equal employment opportunities to employees and applicants without regard to race, color, religion, sex, sexual orientation, gender identity or expression, pregnancy, age, national origin, disability status, genetic information, protected veteran status, or any other characteristic protected by law. Lincoln Investment conforms to the spirit as well as to the letter of all applicable laws and regulations.