Information Security Officer (Remote)

1st Financial Bank USA (1FBUSA), focuses on establishing and maintaining credit card relationships on a nationwide basis to the U.S. college and graduate student market and is currently hiring for an Information Security Officer.

Title:Information Security Officer

Location:Remote position for NE residence

Job Overview:

The Information Security Officer has primary responsibility for oversight of the Bank’s Information Security Program, focusing on operational management, ongoing risk assessments, regulatory compliance, and board-level reporting. This includes chairing the Information Security Committee, providing clear and concise reports to executive leadership, and maintaining a cohesive security posture enterprise wide. While a vCISO service provides strategic design and establishment of the overarching security framework, the Information Security Officer ensures it is effectively implemented and continuously refined to address emerging threats, meet regulatory expectations, and align with the organization’s risk tolerance.

Job Responsibilities:

1.Oversee the Information Security Program

oProvide operational oversight for the Bank’s security controls, policies, and procedures.

oContinuously monitor program effectiveness, identifying gaps or areas for improvement and collaborating with internal teams to address them.

2.Chair the Information Security Committee

oSchedule, facilitate, and document all committee meetings, ensuring key stakeholders stay informed about threats, regulatory changes, policy and security initiatives.

oTrack open issues, ensure timely resolution and clear lines of accountability.

3.Risk Assessment & Management

oConduct ongoing risk assessments to identify and evaluate threats, vulnerabilities, and gaps in current controls, coordinate remediation efforts in collaboration with relevant stakeholders.

oMaintain documentation of mitigation activities, ensuring alignment with the Board of Director’s overall risk appetite.

4.Board & Executive Reporting

oPrepare and deliver regular reports to executives and the Board of Directors, highlighting critical risks, security incidents, and progress on key initiatives.

oTranslate technical security findings into actionable insights and recommendations for senior decision-makers.

5.Policy & Procedure Administration

oManage the development, review, and maintenance of the Bank’s information security policies and procedures, ensuring they meet FDIC, FFIEC, GLBA, and other applicable regulatory requirements.

oCommunicate policy updates effectively across departments, ensuring understanding and consistent adoption.

6.Regulatory Compliance & Audit Coordination

oServe as the Bank’s primary liaison for information-security-related audits and examinations.

oCoordinate the preparation of required documentation and responses, working cross-functionally to address any findings or recommendations issued by regulators or auditors.

7.Incident Coordination & Response

oOversee incident response efforts in collaboration with relevant internal teams; ensure incidents are managed efficiently, escalated as needed, and fully documented.

oInterface with the vCISO or external forensic/legal experts when complex or high-severity incidents require strategic guidance or specialized support.

8.Security Awareness & Training

oDevelop, deliver, and continually refine the Bank’s security awareness and training programs, ensuring employees understand their role in protecting data and maintaining compliance.

9.Third-Party Oversight

oManage relationships with external security vendors and managed service providers, ensuring that day-to-day services meet agreed-upon standards and contribute to the Bank’s risk mitigation goals.

oReview security-related vendor performance and help negotiate relevant contracts, in coordination with the vCISO or other stakeholders as appropriate.

10.Collaboration with vCISO Service

oMaintain a close working relationship with the vCISO to align strategic priorities, share risk assessment outcomes, and ensure the Bank’s operational security efforts remain in sync with the broader program design.

oProvide input and feedback on any recommended framework updates or strategic adjustments.

11.Other Duties as Assigned

oUndertake additional responsibilities to bolster the Bank’s security posture and ensure continued alignment with evolving regulatory and industry standards.

Qualifications:

Education:

• Bachelor’s degree (or equivalent experience) in Information Security, Computer Science, or a data security discipline.

Experience:

• Minimum of four years in a regulated financial environment with security and IT responsibilities.
• Demonstrable experience managing an information security program in a banking or financial institution context.
• Familiarity with FDIC, FFIEC, GLBA, and other relevant regulations, as well as a working knowledge of security frameworks (NIST preferred).

Technical & Regulatory Knowledge

• Solid understanding of security operations, regulatory expectations, and risk management methodologies.
• Knowledge of common security tools and practices used to identify, monitor, and mitigate threats.

Skills & Competencies

• Leadership & Coordination: Proven ability to chair committees, lead cross-functional teams, and manage complex initiatives.
• Risk & Compliance Mindset: Skilled at identifying operational security risks, implementing mitigation plans, and monitoring progress under regulatory constraints.
• Communication: Adept at translating technical findings into executive- and board-level insights; comfortable delivering presentations and written reports.
• Collaboration: Experienced in working with external providers (e.g., vCISO) and internal teams to ensure seamless integration of strategic directives and day-to-day practices.

We provide a highly competitive and comprehensive compensation and benefits program including affordable medical/dental/vision insurance, generous paid leave program, 401(k), health savings account, tuition reimbursement, financial childcare assistance and much more!

1st Financial Bank USA is an equal opportunity and affirmative action employer.

All qualified applicants will receive consideration for employment without regard to race, color, sex, sexual orientation, gender identity, religion, national origin, disability, veteran status, or other legally protected status.

1st Financial Bank USA participates in E-Verify

E-Verify Right to Work Poster (justice.gov)

Added to system:3/5/25 8:07 AMLast updated:4/3/25 4:19 PM