Information Security Operations Lead

Lone Star National Bank•McAllen, TX

About The Position

The Information Security Operations Lead is responsible for the operational execution, oversight, and continuous improvement of the Bank’s cybersecurity program, ensuring alignment with regulatory requirements (FFIEC, GLBA, NIST CSF) and enterprise risk management objectives. This role translates the Information Security Officer's (ISO) strategic direction into measurable, tool-driven security operations, including security monitoring, identity and access management (IAM), incident response, and control enforcement. The Operations Lead serves as the primary accountable leader for day-to-day cybersecurity operations, overseeing analysts and engineers and ensuring the effective use of security platforms, including SIEM, IAM, endpoint protection, and vulnerability management tools. The ideal candidate is technical and possesses at least seven years of experience in technology and security administration across large heterogeneous networks, including third-party entities. Additionally, as a senior member of the information security team, the role requires leadership skills to coach and mentor less experienced staffers. Information Security Operations Lead is expected to manage the team and execute the security strategy as directed by senior management. This position requires strong written and oral communication skills, as well as the ability to convey detailed technical information in a manner comprehensible to individuals with varying levels of experience and skill. This role requires the ability to speak confidently in front of large groups and with corporate management, vendors, and service providers. The Information Security Operations Lead also contributes to the company's IT security strategy and roadmap.

Requirements

Bachelor’s degree in Cybersecurity, Information Technology, or a related field (or equivalent experience)
5–8+ years of experience in information security or cybersecurity operations
Hands-on experience with security technologies, including SIEM, EDR, IAM, and vulnerability management tools
Experience and understanding of various regulatory requirements and laws, such as, but not limited to, Payment Card Industry (PCI), Federal Financial Institutions Examination Council (FFIEC), Sarbanes-Oxley (SOX), Health Information Portability and Accountability Act (HIPAA), General Data Protection Regulation (GDPR) and Gramm-Leach-Bliley Act (GLBA). Additionally, experience in one or more of the following is required: ISO 17799, ITIL or NIST.
Extensive knowledge of SSO, MFA, Active Directory (AD), public key infrastructure (PKI), privileged accounts, and integration application programming interface (API) capabilities.
Experience administering IDAM systems, access controls, security, and risk management, as well as a security governance framework at scale.
Track record acting with integrity, taking pride in work, seeking to excel, being curious and adaptable, and communicating effectively
Strong understanding of security frameworks and regulatory requirements (e.g., NIST CSF, FFIEC, GLBA)
Experience supporting audits, risk assessments, and control validation activities
Demonstrated leadership or supervisory experience in a security or IT environment
Strong analytical, problem-solving, and communication skills

Nice To Haves

Professional certifications such as CISSP, CISM, or Security+
Experience in financial services or other highly regulated environments, with familiarity in FFIEC-aligned controls
Experience with identity and access management (IAM) solutions, including access governance, provisioning, and privileged access controls
Familiarity with cloud security practices in environments such as Azure or AWS
Knowledge of security operations technologies, including SIEM, EDR, and vulnerability management tools
Understanding of authentication and access control technologies, including MFA, SSO, and directory services

Responsibilities

Oversee daily security operations, including SIEM monitoring, alert triage, and escalation
Ensure detection use cases are developed, tuned, and aligned to emerging threats
Oversee configuration, optimization, and integration of security tools (SIEM, EDR, email security, vulnerability management)
Ensure security controls are properly implemented across systems and platforms
Drive automation and orchestration initiatives to improve operational efficiency
Maintain system documentation, baselines, and configuration standards
Act as primary escalation point for security incidents and SOC activities
Lead coordination of incident response across IT and business units
Ensure timely containment, eradication, and recovery of security incidents
Maintain and test incident response playbooks and procedures
Conduct post-incident reviews and implement corrective actions
Integrate threat intelligence into monitoring and detection capabilities
Oversee user provisioning and deprovisioning processes
Conduct and enforce periodic access reviews and certifications
Ensure implementation of MFA, SSO, and privileged access controls
Enforce least privilege and segregation of duties
Improve and automate access management processes
Execute and maintain security controls aligned with FFIEC, GLBA, and NIST CSF
Support internal and external audits, including evidence collection and remediation tracking
Perform and support risk assessments and control validation activities
Ensure enforcement of security policies and procedures across the organization
Develop and track key performance indicators (KPIs) and key risk indicators (KRIs)
Provide operational reporting to the ISO
Identify trends and implement improvements to strengthen the security posture
Supervise and mentor security analysts and engineers
Assign tasks and ensure appropriate operational coverage
Foster a culture of accountability, collaboration, and continuous learning
Partner with IT, application teams, and business units to embed security into operations
Participate in change management and project initiatives to ensure secure implementation