First Vice President, Cyber Security

Axos Bank•San Diego, CA

2d•Hybrid

About The Position

The First Vice President, Cyber Security is a hands-on technical leader responsible for driving the execution of Axos Bank's information security strategy. This is a hybrid role that demands both rolling up your sleeves to do deep technical work AND building and leading a high-performing team. You will architect solutions, write detection rules, troubleshoot complex platform issues, and drive strategic initiatives while simultaneously developing your team's capability to operate independently. This role requires a bias for action, the ability to operate at velocity in a fast-paced environment, and comfort moving fluidly between technical execution and team leadership. Ideal Candidate Profile: The ideal candidate is a hands-on technical leader who thrives in fast-paced environments, loves solving complex technical problems while building team capability, and operates with urgency and accountability. You are equally comfortable writing Splunk queries, designing security architectures, coaching team members through technical challenges, and presenting to executives. You understand that this role requires both rolling up your sleeves to do deep technical work AND developing others. You embrace the reality that cyber security leadership requires commitment beyond standard hours. If you are looking for a role where you can make strategic impact through a combination of personal technical execution and building a high-performing team, this is the opportunity. Candidates must demonstrate: Deep hands-on technical expertise with willingness to architect, configure, troubleshoot, and build security solutions directly Ability to balance personal technical execution with developing team capability—knowing when to do the work yourself and when to coach others through it Track record of driving multiple strategic initiatives simultaneously while staying in technical details Demonstrated bias for action and execution velocity—candidates who work methodically at a measured pace will not succeed in this environment Commitment to the demands of a senior leadership role in cyber security, including availability for crisis response and emerging threats outside standard business hours Comfort moving fluidly between writing Splunk detection rules in the morning and presenting to senior leadership in the afternoon

Requirements

10+ years of progressive experience in information security with at least 5 years in technical leadership roles where you personally built solutions while managing teams
Recent hands-on work with security platforms—not just oversight. You should be able to configure a Entra Conditional Access Policy, write a CrowdStrike IoA rule, or investigate an Azure identity issue without handing it off
History of driving large-scale security platform migrations where you were personally in the technical weeds, not just managing from above
Deep expertise in security operations, Active Directory/Entra, SIEM platforms (Splunk), EDR/XDR, and cloud security
Strong understanding of AI/ML applications in security operations and autonomous security capabilities
Working knowledge of identity and access management, network security, application security, and data protection
Familiarity with banking compliance frameworks (FFIEC, GLBA, PCI DSS)
Leading complex incident investigations from detection through containment and recovery. Experience building IR playbooks, conducting tabletop exercises, managing multi-team response efforts, and post-incident analysis.
Deep hands-on experience with Entra ID (Azure AD), Conditional Access policies, PIM, identity governance, Azure security services, and securing Azure workloads at scale.
Designing and implementing zero trust frameworks including identity-based access, micro-segmentation, least privilege access, continuous verification, and secure access service edge (SASE) architectures.
Ability to switch rapidly between deep technical work and strategic leadership conversations
Judgment about when to do the work yourself (speed, complexity, teaching opportunity) versus when to delegate
Track record of staying technically sharp while managing people and projects
Bias for action with ability to make decisions quickly and implement them directly when needed
Comfortable with ambiguity and able to create structure through hands-on execution

Responsibilities

Architect and implement security solutions including SIEM detections, automation workflows, security tool configurations, and integration pipelines
Troubleshoot complex technical issues across the security stack (Splunk, CrowdStrike, Azure, Cisco Secure Access, etc.)
Write and tune detection rules, correlation searches, and AI-powered investigation prompts
Lead technical design sessions and proof-of-concept evaluations for new security capabilities
Build automation and AI agentic workflows to scale security operations
Build and lead a high-performing security team across US and international locations (Manila office)
Develop team capability through pairing on technical work, not just delegating—coach team members while solving problems together
Know when to roll up your sleeves and execute directly versus when to invest time developing someone else's skills
Establish clear ownership and accountability while maintaining technical quality standards
Drive hiring, onboarding, and performance management while staying technically engaged
Drive execution of security technology roadmap including platform migrations, tool consolidations, and capability enhancements
Develop detailed project plans with milestones, dependencies, and resource allocation—proactively, not upon request
Lead multiple concurrent strategic initiatives while maintaining velocity and quality
Remove blockers and drive decisions quickly to maintain momentum
Oversee 24/7 security operations and ensure readiness for incident response
Maintain availability for critical security incidents and emerging threats outside standard business hours
Drive continuous improvement of detection, response, and recovery capabilities
Build autonomous SOC capabilities leveraging AI and automation

Benefits

Medical, Dental, Vision, and Life Insurance
Paid Sick Leave, 3 weeks’ Vacation, and Holidays (about 11 a year)
HSA or FSA account and other voluntary benefits
401(k) Retirement Saving Plan with Employer Match Program and 529 Savings Plan
Employee Mortgage Loan Program and free access to an Axos Bank Account with Self-Directed Trading

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume