Information Security Officer

Fortis BankMidvale, UT
$190,000 - $200,000Onsite

About The Position

The ISO will be responsible for protecting the bank's sensitive data, ensuring compliance with regulatory requirements, and mitigating risks in an evolving threat landscape. This role requires a strategic thinker with deep expertise in banking regulations, including mandatory experience in FDIC examinations and audits for mid-sized banks. The ideal candidate will foster a culture of security awareness while implementing robust frameworks to safeguard our operations, customers, and assets.

Requirements

  • Bachelor's degree in Information Security, Computer Science, or a related field; Master's degree preferred.
  • Minimum of 7-10 years of experience in information security, with at least 3 years in a leadership role within the banking or financial services industry.
  • Proven experience with FDIC examinations, including preparation, participation, and follow-up on findings for banks with assets in the $1-2 billion range.
  • Demonstrated expertise in conducting and managing other relevant audits, such as financial statement audits, IT general controls audits, and compliance reviews typical for mid-sized community banks (e.g., under GLBA, FFIEC guidelines, and BSA/AML frameworks).
  • Hands-on experience implementing cybersecurity frameworks, including CRI Profile of NIST Cybersecurity Framework (CSF) 2.0 and CIS 8.1, with a track record of mapping controls to regulator requirements.
  • Professional certifications such as CISSP, CISM, CRISC, or equivalent.
  • Strong knowledge of security technologies, including firewalls, intrusion detection/prevention systems, encryption, and endpoint protection.
  • Excellent communication skills, with the ability to translate complex technical concepts to non-technical stakeholders.
  • Ability to work in a fast-paced environment and manage multiple priorities effectively.
  • Strong organizational time management skills, problem solving skills, and the ability to quickly grasp concepts and processes with limited guidance from management.
  • Strong written and verbal communication skills.
  • Must be able to work in a team environment with the ability to interact well, and in a positive manner, with co-workers and management.
  • A positive and collaborative approach with both peers and management.
  • Versatility, flexibility, and a willingness to work on consistently changing priorities with enthusiasm.

Nice To Haves

  • Master's degree preferred.

Responsibilities

  • Develop, implement, and maintain the bank's information security policies, procedures, and standards in alignment with regulatory requirements and industry best practices.
  • Lead risk assessments, vulnerability management, and security incident response efforts, including coordination with internal teams and external partners during security incidents.
  • Oversee the design and execution of security controls for IT systems, networks, cloud environments, and third-party vendors.
  • Conduct regular security audits, IT risk assessments, penetration testing, and compliance reviews to identify and remediate potential weaknesses.
  • Collaborate with senior leadership to integrate security into business processes, including new product launches and technology acquisitions.
  • Manage security awareness training programs for employees and ensure ongoing education on emerging threats.
  • Prepare and present reports on security metrics, risks, and compliance status to executive management and the board of directors.
  • Manage the business continuity/disaster recovery program for the Bank, including annual tabletop exercises.
  • Stay abreast of evolving cyber threats, regulatory changes, and technological advancements to proactively enhance the bank's security posture.
  • Coordinate with regulators during examinations and audits, ensuring timely response to findings and implementation of corrective actions.
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service