Director of Information Security

Job not on LinkedIn

June 20

🏄 California – Remote

Although this job is listed in California, this company may be open to hiring remote in other states.

💵 $140k - $200k / year

⏰ Full Time

🔴 Lead

👮‍♂️ Cybersecurity / Security Engineer

Apply Now

Receive Emails with Similar Jobs

River City Bank

WebsiteLinkedInAll Job Openings

Founded in 1973, River City Bank is California's premier business bank with assets of over $4.9 billion, River City Bank offers a comprehensive suite of banking services, including loans, deposits and cash management tools to the business, clean energy, and commercial real estate sectors. River City Bank is the largest, independent, locally-owned and managed bank in the Sacramento region with an office in the San Francisco Bay Area and a presence in Southern California.

51 - 200 employees

📋 Description

• The Director of Information Security is responsible for establishing and maintaining the overall information security program within the Bank. • The Director is responsible for providing leadership, strategic direction, and guidance to ensure the confidentiality, integrity, and availability of the Bank's information assets. • The Director oversees the development and implementation of information security policies, procedures, and controls and ensures compliance with industry regulations and standards. • Develops and implements a comprehensive information security program, including policies, procedures, and controls. • Monitors and urgently addresses current and emerging cybersecurity risks that pertain to the Bank and its customers. • Advises the Bank's Chief Risk Officer, IT Committee, and Senior Management in developing and implementing information technology safeguard strategies and controls to mitigate risks. • Conducts ongoing information security compliance monitoring and performs IT and customer information risk assessments for all areas of the Bank. • Manages enterprise-wide Business Continuity Planning (BCP), including establishing and validating policies and procedures to restore business-critical services of the Bank in the event of a disaster or event. • Works closely with and challenges the Director of Information Technology and the Chief Risk Officer to develop strategic plans and makes recommendations for significant information technology projects involving functional changes within the Bank. • Provides the Board with an annual assessment of the Bank's Information Security program in accordance with the Gramm Leach Bliley Act. • Assures audit compliance and procedure quality control through internal and external reviews, recommends and initiates corrective actions, and ensures system resources are in compliance with established Bank policies, procedures, and state and federal laws, rules and regulations. • Manages physical security policies, protocols, procedures, and systems. • Continuously monitors and assesses the information security team and resources to ensure the organization employs and develops top talent. • Performs personnel actions, including performance appraisals, disciplinary actions, and interviewing candidates for employment, and supervises the daily activities of the department, including, but not limited to, effective delegation of assignments, developing work schedules, and providing necessary training. • Fosters a culture of security awareness and accountability throughout the organization. • Supports Community Reinvestment Act (CRA) through business development efforts. • Actively participates in community organizations. • Maintains a current knowledge of bank regulations. • Ensures compliance with all Federal, State and Bank policies, procedures, and regulations.

🎯 Requirements

• Bachelor's degree in Computer Science, Information Technology, or a related field. • Extensive experience in information security management, including experience in a leadership or executive role. • Professional certifications such as ISACA-CISM, and/or ISC2-CISSP are required. • In-depth knowledge of information security frameworks, standards, and best practices. • Strong understanding and experience in implementing the guidelines of FFIEC IT Booklets. • Strong understanding of risk management principles and experience conducting risk assessments. • Demonstrated ability to develop and execute strategic plans and initiatives. • Strong leadership and people management skills, with the ability to build and develop a high-performing security team. • Up-to-date knowledge of emerging threats, vulnerabilities, and security technologies. • Ability to deal with complex problems involving multiple facets and variables in non-standardized situations.