Job Specifications
Meridian is seeking a highly experienced Senior Manager to lead our cybersecurity team and drive the execution of our enterprise-wide Cyber Security Strategy.
In this pivotal role, you will develop and mentor a team of security specialists, oversee the cybersecurity Risk Assessment, Vulnerability Management and Security Awareness Programs, and lead the Computer Incident Response Team (CSIRT), ensuring rapid mitigation of threats to organizational assets.
You will play a critical role in shaping Meridian’s security architecture, standards and key cyber controls, including coordinating compliance activities, collaborating on strategic initiatives, evaluating new technologies, and championing continuous improvement in cybersecurity practices to safeguard Meridian’s reputation and assets.
Key Responsibilities:
Team Leadership & Development:
Mentor and coach a high-performing team of security professionals, fostering engagement and building competencies.
Conduct performance appraisals and support professional growth.
Allocate security resources to business project teams and manage priorities based on business needs and cybersecurity risks.
Incident Response:
Lead and enhance Meridian’s Computer Incident Response Team (CSIRT), including annual tabletop exercises and executive reporting.
Oversee incident monitoring, escalation, and documentation to ensure rapid response to threats.
Design and govern incident response systems, including intrusion detection, security event management, and data loss prevention.
Risk Assessment & Controls:
Lead organizational information security audits and risk assessments, ensuring timely delivery and quality output.
Collaborate with business units to remediate audit findings and implement security requirements for new and existing processes.
Design and implement security controls and standard configurations for information systems.
Threat Intelligence:
Provide expertise on emerging threats and the external threat landscape.
Facilitate security monitoring and threat intelligence programs, and communicate risks to executives.
Develop threat intelligence communications standards and produce regular security reporting.
Security Standards & Compliance:
Review and improve Enterprise security architecture, standards, procedures, and controls.
Coordinate compliance activities and ensure alignment with organizational policy and industry best practices.
Lead the security exception and exemption process, recommending actions where standards cannot be met.
Vulnerability Management
Oversee the identification, assessment, and prioritization of vulnerabilities across Meridian’s technology environment, ensuring timely remediation and risk reduction.
Develop and maintain processes for continuous vulnerability scanning, reporting, and follow-up with relevant stakeholders to ensure closure of identified issues.
Collaborate with IT and business units to implement best practices and controls that minimize exposure to known and emerging threats.
Security Awareness
Design and deliver comprehensive security awareness training initiatives to educate employees on cybersecurity risks, policies, and best practices.
Monitor program effectiveness through metrics, feedback, and periodic assessments, adapting content to address evolving threats and organizational needs.
Champion a culture of security awareness by promoting proactive behaviors, open communication, and ongoing engagement across all levels of the organization.
General & Strategic Initiatives:
Provide subject matter expertise on corporate and operational projects.
Lead security assessments and audits, interpret results, and communicate recommendations.
Liaise with vendors and partners to ensure compliance with security requirements.
Represent Meridian within the broader financial institution cybersecurity community.
Knowledge, Skills, and Abilities:
Working knowledge of techniques, technologies and processes for securing large infrastructures, including intrusion prevention and virus detection, firewalls, VPN technologies, authentication, encryption, Active Directory, Data Leak Prevention, Certificate services, protocol analysis and database security.
Understanding of common networking protocols and services and their relevant security issues.
Understanding of operations system and network security weaknesses, vulnerabilities and remediation.
Ability to research, analyze and resolve complex problems and escalate issues as appropriate.
Working knowledge of access control systems, cryptography, telecommunications, network and internet security, information security management, physical and operations security.
Strong analytical skills.
Proactive - Seize the initiative by anticipating needs and identifying opportunities to provide a higher level of service.
Integrity - Doing the right thing by always acting with openness, honesty and respect.
Talent Developer: nurtures and supports direct reports, identifies strong team members, develops digital a