Chief Information Security Officer; CISO

The Chief Information Security Officer (CISO) is responsible for developing, implementing, and overseeing the bank's comprehensive cybersecurity strategy, ensuring compliance with industry regulations, and mitigating risks associated with financial operations. As a key member of the leadership team, the CISO will align security initiatives with business objectives while fostering a culture of security awareness across the organization.

• Develop and execute the bank’s information security strategy, ensuring alignment with business goals and regulatory compliance (e.g., FFIEC, PCI-DSS, GLBA).
• Lead cybersecurity risk management efforts, conducting assessments and establishing risk mitigation protocols.
• Oversee security architecture, threat detection, and incident response programs to protect financial and customer data.
• Ensure compliance with federal and state banking regulations, including active engagement with the Office of the Comptroller of the Currency (OCC) and other regulatory bodies.
• Serve as the primary liaison for cybersecurity audits, examinations, and regulatory reporting, maintaining strong relationships with financial regulators.
• Collaborate with IT, risk management, and operations teams to integrate security measures into infrastructure and processes.
• Drive security awareness training programs for employees to strengthen the organization's cyber resilience.
• Lead security governance initiatives, reporting to executive leadership on risk posture and incident response readiness.
• Stay ahead of evolving cyber threats, emerging technologies, and industry trends to continuously refine security strategies.
• Manage security budgets, vendor contracts, and compliance frameworks to optimize security investments.

• 10+ years of experience in cybersecurity, with 5+ years in a leadership role, ideally within banking or financial services.
• Proven expertise in cyber risk management, compliance, and regulatory frameworks specific to financial institutions.
• Direct experience working with financial regulators, including OCC, FDIC, and state banking commissions, with a strong track record of managing regulatory examinations and audit responses.
• Strong knowledge of security technologies, including SIEM, IAM, SOC operations, and cloud security.
• Certifications such as CISSP, CISM, or CCISO are highly preferred.
• Experience managing incident response, penetration testing, and vulnerability assessments.
• Exceptional leadership, communication, and strategic decision-making skills.