Director Cyber Security

Texas Capital Bank•Richardson, TX

About The Position

Texas Capital is built to help businesses and their leaders. Our depth of knowledge and expertise allows us to bring the best of the big firms at a scale that works for our clients, with highly experienced bankers who truly invest in people’s success — today and tomorrow. While we are rooted in core financial products, we are differentiated by our approach. Our bankers are seasoned financial experts who possess deep experience across a multitude of industries. Equally important, they bring commitment — investing the time and resources to understand our clients’ immediate needs, identify market opportunities and meet long-term objectives . At Texas Capital, we do more than build business success. We build long-lasting relationships.

Requirements

Bachelor’s degree in Information Security, Information Technology, Computer Science, Engineering, or related field.
Minimum 10 years of progressive experience in Identity and Access Management, Information Security, or a closely related discipline.
5+ years’ experience in Financial Services or Banking — familiarity with OCC, FFIEC, SEC, and SOX regulatory expectations required.
5+ years’ experience leading people managers and building high-performing teams.
Deep technical knowledge of IGA platforms (SailPoint IdentityNow/IIQ, Saviynt, or equivalent) and PAM solutions (CyberArk, Delinea, or equivalent).
Strong knowledge of directory services and federation protocols — Active Directory, Entra ID, SAML, OIDC, SCIM, and LDAP.
Advanced knowledge of regulatory and control frameworks relevant to access management (FFIEC, NIST CSF, NIST 800-53, COBIT, ITIL).
Demonstrated experience designing and defending access certification (UAR) programs under regulatory examination.
Strong understanding of cloud IAM models (AWS IAM, Azure RBAC) and hybrid identity architectures.
Experience with Zero Trust identity concepts — conditional access policies, risk-based authentication, and continuous verification.
Advanced ability to translate complex identity requirements into scalable, auditable controls.
Advanced ability to influence and build relationships with LOB stakeholders, leadership, internal audit, and external examiners.
Advanced ability to obtain, analyze, and synthesize information from multiple sources, including access risk metrics and compliance data.
Advanced analytical mindset focused on results with critical thinking, research, problem-solving, and decision-making skills.
Highly self-motivated with a strong sense of initiative.
Strong ability to manage competing priorities across concurrent large, complex programs and regulatory deliverables.
Strong verbal, written, and interpersonal communication skills — able to articulate IAM risk to both technical and non-technical audiences.

Nice To Haves

CISSP, CISM, or CISA certification.
Specialized IAM certification (e.g., SailPoint Certified IdentityNow Engineer)
Experience leading an IAM program through a regulatory remediation or MRA/MRIA response.

Responsibilities

Own the enterprise IAM strategy encompassing identity governance and administration (IGA), privileged access management (PAM), authentication services.
Lead, mentor, and develop a team of IAM engineers, analysts, and architects; set clear performance expectations and cultivate a culture of operational excellence.
Design and enforce access certification programs (UAR) that satisfy FRB and TXDoB examination requirements, including evidence packaging for regulatory inquiries.
Drive the adoption of Zero Trust principles across identity — least-privilege enforcement, just-in-time access, and continuous authentication controls.
Manage the lifecycle of IAM platforms (e.g., SailPoint, Delinea, Entra ID, Okta) including roadmap planning, vendor management, and platform engineering.
Partner with application development, cloud engineering, and business line owners to integrate IAM controls into CI/CD pipelines, cloud-native workloads, and SaaS applications.
Establish and maintain identity-related KPIs and risk metrics; present posture and trend reporting to the CISO, CIO, CRO, and board committees.
Ensure compliance with SOX ITGC requirements for access provisioning, deprovisioning, and segregation of duties across financially significant applications.
Lead incident response activities related to identity compromise, credential theft, and privilege escalation — coordinating with the SOC and threat intelligence teams.
Align IAM capabilities with regulatory frameworks including NIST 800-63, FFIEC Authentication Guidance, and other directive controls as applicable.
Drive automation strategies to reduce manual provisioning, accelerate joiner-mover-leaver processes, and improve access request fulfillment SLAs.
Perform risk assessments of third-party identity integrations and federated trust relationships; own the technical due diligence for IAM-adjacent vendor selections.