Chief Information Security Officer

About The Position

Requirements

• Bachelor’s degree in Information Security, Computer Science, Information Technology, or a related field (required)
• Demonstrated experience leading information security programs within a regulated financial institution or comparable environment
• Strong working knowledge of cybersecurity frameworks, regulatory standards, and risk management principles
• Proven ability to clearly communicate complex security and risk concepts to executive leadership and the Board of Directors
• High integrity, sound judgment, and the ability to operate independently while collaborating effectively across the organization

Nice To Haves

• Advanced degree and/or professional certifications such as CISSP, CISM, CRISC, or similar (preferred)

Responsibilities

• Developing and executing the Bank’s information security strategy, policies, and governance framework
• Establishing, maintaining, and administering the Information Security Program in accordance with regulatory expectations and industry best practices
• Identifying, assessing, monitoring, and reporting information security and cybersecurity risks
• Overseeing incident response planning, testing, and execution, including coordination with internal and external stakeholders
• Ensuring compliance with applicable laws, regulations, and regulatory guidance, including FF1EC and GLBA requirements
• Leading information security awareness, training, and education initiatives for employees and management
• Partnering with Information Technology, Risk Management, Compliance, and Operations to integrate security controls into business processes
• Managing third-party and vendor cybersecurity risk assessments
• Preparing and delivering periodic information security risk reports to executive management and the Board of Directors
• Evaluating and recommending security tools, technologies, and investments that align with the Bank's risk profile and strategic objective