Chief Information Security Officer

Position Overview

Security First Bank is seeking an experienced and strategic Chief Information Security Officer (CISO) to lead and mature the Bank’s enterprise-wide information security program. The CISO will safeguard the confidentiality, integrity, and availability of information systems and customer data while ensuring compliance with applicable regulatory requirements and alignment with the Bank’s business strategy. The role is responsible for establishing a comprehensive information security framework, overseeing cybersecurity risk management, and serving as a trusted advisor to executive management and the Board of Directors.

• Developing and executing the Bank’s information security strategy, policies, and governance framework
• Establishing, maintaining, and administering the Information Security Program in accordance with regulatory expectations and industry best practices
• Identifying, assessing, monitoring, and reporting information security and cybersecurity risks
• Overseeing incident response planning, testing, and execution, including coordination with internal and external stakeholders
• Ensuring compliance with applicable laws, regulations, and regulatory guidance, including FF1EC and GLBA requirements
• Leading information security awareness, training, and education initiatives for employees and management
• Partnering with Information Technology, Risk Management, Compliance, and Operations to integrate security controls into business processes
• Managing third‑party and vendor cybersecurity risk assessments
• Preparing and delivering periodic information security risk reports to executive management and the Board of Directors
• Evaluating and recommending security tools, technologies, and investments that align with the Bank's risk profile and strategic objectives

• Bachelor’s degree in Information Security, Computer Science, Information Technology, or a related field (required)
• Advanced degree and/or professional certifications such as CISSP, CISM, CRISC, or similar (preferred)
• Demonstrated experience leading information security programs within a regulated financial institution or comparable environment
• Strong working knowledge of cybersecurity frameworks, regulatory standards, and risk management principles
• Proven ability to clearly communicate complex security and risk concepts to executive leadership and the Board of Directors
• High integrity, sound judgment, and the ability to operate independently while collaborating effectively across the organization

Security First Bank offers a unique opportunity to serve in a critical leadership role within a community‑focused financial institution committed to integrity, customer trust, and operational excellence. We invest in our people and build resilient systems that support long‑term growth.

Security First Bank is an Equal Opportunity Employer, Minority / Female / Disabled / Veteran / Gender Identity / Sexual Orientation.