×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Information Security

Director, Bank Information Security

Job in Las Vegas, Clark County, Nevada, 89105, USA
Listing for: Affirm
Full Time position
Listed on 2026-02-16
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security
Salary/Wage Range or Industry Benchmark: 80000 - 100000 USD Yearly USD 80000.00 100000.00 YEAR
Job Description & How to Apply Below
Position: Director, Affirm Bank Information Security

Overview

Affirm is reinventing credit to make it more honest and friendly, giving consumers the flexibility to buy now and pay later without any hidden fees or compounding interest. The Chief Information Security Officer (CISO) will serve as a key member of the Bank’s Executive Management Team and will be responsible for establishing and leading Bank’s information security and cybersecurity programs. As the Bank prepares to launch as a de novo Industrial Loan Company (ILC), the CISO will design and implement an enterprise-wide security framework that meets FDIC and state regulatory expectations, supports the Bank’s risk appetite, and protects customer and institutional data.

The CISO will lead the development of information security governance, technical controls, and third-party risk oversight, ensuring a strong and scalable security posture from inception through growth. This leader will collaborate closely with technology, risk, and operations teams to ensure security is integrated into every aspect of the Bank’s systems and operations.

What You’ll Do

  • Information Security Program Development
  • Design, implement, and maintain a comprehensive Information Security Program consistent with FDIC guidance (e.g., FIL-66-2019, FIL-13-2021) and the Interagency Guidelines Establishing Information Security Standards.
  • Develop and oversee policies, standards, and procedures governing cybersecurity, data protection, and incident response.
  • Ensure alignment with the Bank’s overall risk management and governance frameworks.
  • Provide regular reporting to executive management and the Board on the Bank’s security posture, emerging risks, and mitigation efforts.
  • Cybersecurity and Threat Management
  • Establish and manage a threat monitoring and detection capability to identify, assess, and respond to cybersecurity risks.
  • Oversee implementation of layered security controls (e.g., network segmentation, encryption, access controls, endpoint protection, vulnerability management).
  • Lead the Bank’s Incident Response Program, ensuring timely escalation and coordination with regulators when required.
  • Maintain relationships with information-sharing groups (e.g., FS-ISAC) and law enforcement to stay informed of emerging threats.
  • Third-Party and Affiliate Risk Oversight
  • Evaluate the information security posture of third-party and affiliate service providers in accordance with the Bank’s Vendor Management Program and FDIC third-party risk guidance.
  • Establish due diligence, ongoing monitoring, and contractual requirements for vendors handling sensitive data or performing critical services.
  • Coordinate with Operations, Compliance, and Internal Audit to ensure third-party risks are identified, assessed, and mitigated.
  • Data Governance and Privacy Protection
  • Ensure compliance with applicable privacy and data protection requirements (e.g., GLBA, Regulation P, state privacy laws).
  • Implement processes to safeguard customer information and prevent unauthorized access, disclosure, or misuse.
  • Partner with business and technology teams to integrate privacy-by-design principles into new products and services.
  • Business Continuity and Resilience
  • Lead development and testing of the Bank’s Business Continuity and Disaster Recovery (BC/DR) plans, ensuring they are integrated with information security objectives.
  • Coordinate regular testing and simulations to validate readiness for cyber incidents and system disruptions.
  • Support resilience planning for key systems, vendors, and communication protocols.
  • De Novo and Pre-Opening Readiness
  • Build and document the Bank’s information security program as part of the de novo application process.
  • Establish security architecture, monitoring tools, and vendor relationships prior to launch.
  • Prepare readiness materials for FDIC and state examinations related to cybersecurity and operational resilience.
  • Ensure security risk assessments and third-party reviews are completed and incorporated into pre-opening milestones.
  • Leadership and Culture
  • Serve as the Bank’s senior advocate for cybersecurity and data protection, promoting a culture of security awareness and accountability.
  • Provide training and guidance across the organization to enhance…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search