Director, Integrated Security

Overview

Cornerstone Capital Bancorp, Inc., headquartered in Houston, is a Texas-based financial services company dedicated to helping families, businesses, and communities thrive. Through its primary subsidiary, Cornerstone Capital Bank, the organization operates a community and business banking franchise alongside a premier national home lending, servicing, and home insurance platform-based financial services company dedicated to helping families, businesses, and communities thrive.

The Director, Integrated Security is responsible for developing, implementing, and maintaining a comprehensive information security program to protect the bank's data and systems, ensuring compliance with regulations and industry standards. Areas of oversight include Enterprise Security Governance, the bank’s policies and programs for Information Security, IT Risk Management, and Corporate Security.

• Create and maintain a comprehensive information security program, including policies, procedures, and standards.

• Conduct regular risk assessments to identify vulnerabilities and threats.
• Develop and implement risk mitigation strategies.

• Ensure compliance with relevant regulations, such as the Gramm-Leach-Bliley Act (GLBA) and the Financial Services Modernization Act (FSMA).
• Stay informed about emerging security threats and vulnerabilities.

• Develop and maintain an incident response plan.
• Respond to and investigate security incidents.

• Develop and deliver security awareness training to employees.
• Promote a culture of security within the organization.

• Evaluate and recommend security technologies.
• Monitor and maintain security systems.

• Collaborate with other departments, such as IT, audit, and legal, to ensure a holistic approach to security.
• Work with business leaders to understand their needs and ensure security measures are effective.

• Develop and maintain reports on security performance and compliance.
• Monitor security events and alerts.

• Serves as Bank Protection Officer.
• Deliver an Annual Security Report to the Board.
• Advise on security awareness and training curriculum.
• Champion security and resilience initiatives across the enterprise.
• Other duties as assigned.

• Minimum of 10 years of experience administering Information Security and Physical Security programs within the Financial Sector.
• Minimum of 5 years Mid to Large Bank security experience.
• Bachelor’s Degree preferred.
• Expert knowledge of risk management practices and regulatory expectations.
• Strong analytical reasoning, problem solving and critical thinking skills.
• Strong computer and organizational skills.
• Strong oral and written presentation skills.
• Ability to work independently with a multi-level team.
• Ability to multi-task and meet deadlines.
• Strong proficiency with Microsoft Office (Word, Excel, Outlook, etc.).

• Current Certified Information Systems Security Professional (CISSP).
• Current Certified in Risk and Information Systems Control (CRISC).
• ASIS Certified Protection Professional (CPP) or Physical Security Professional (PSP) preferred.

Because we recognize and reward hard work, we offer a competitive salary, a full benefits package, and the potential for a performance-based bonus.