Deputy Chief Information Security Officer

Job Summary

Owning the bank-entity scope of the 2LOD Information Security program, the full-time Deputy Chief Information Security Officer will manage governance, policy, risk oversight, and examiner readiness while engaging directly with regulatory bodies and internal stakeholders.

Key responsibilities

• Oversee the governance and policy framework for the bank-entity 2LOD Information Security program
• Manage examiner interactions and ensure the program is consistently prepared for OCC, FFIEC, and other regulatory inquiries
• Lead remediation efforts for identified FFIEC IT control deficiencies to ensure charter readiness

Required qualifications

• 8+ years in Information Security, including 3+ years within a regulated bank or trust bank environment
• Deep fluency in FFIEC and OCC regulations, including the FFIEC IT Examination Handbook
• Experience in direct interactions with examiners from OCC, FDIC, or Federal Reserve
• Proficiency in drafting board-ratifiable policies and operational standards
• Understanding of the three-lines-of-defense model and experience in an oversight role