Chief Information Security Officer

The Chief Information Security Officer is responsible for oversight of the Information Security Department. This position is also responsible for the execution of the Bank’s Information Security, and Physical Security.

RESPONSIBILITIES

• Develop, implement and monitor a strategic, comprehensive enterprise Information Security program to ensure the integrity, confidentiality and availability of data. Document and maintain a risk assessment framework covering information and physical security, data governance and business continuity. Develop and maintain Information Security policies, standards and guidelines. Oversee the approval, training, and dissemination of security policies, standards and guidelines.
• Monitor the external threat environment for emerging threats and advise relevant stakeholders on the appropriate courses of action. Manage security incidents and events to protect corporate IT assets, including intellectual property, regulated data and the company's reputation.
• Partner with the Enterprise Risk Management to define standards and processes and provide subject-matter expertise to oversee vendor Information Security risk and inform periodic audits of third-party service providers' Information Security and business continuity controls. Provide regular and consistent reporting on the current status of the Information Security program to enterprise risk teams, senior business leaders and the board of directors as part of the strategic enterprise risk management program.
• Provide strategic risk guidance for IT projects, including the evaluation and recommendation of technical controls. Define and facilitate the Information Security risk assessment process, including the reporting and oversight of treatment efforts to address findings. Develop and manage Information Security budgets and monitor them for variances.

QUALIFICATIONS

• 10+ years’ experience in banking regulatory compliance or similar work experience in compliance or risk management.
• Extensive knowledge of privacy and data protection laws, regulations and best practices, including GLBA; GRC tools and implementation; data breach handling and cross-border data transfer requirements and industry standards/frameworks (NIST, ISO27k, COBIT 5, FFIEC).
• Strong presentation and written communication skills and the ability to analyze and make effective, business- centric recommendations to business leaders and senior management.
• Experienced developing a comprehensive security program, including risk assessment framework. Security certification CISM, CISSP, or equivalent.
• Must be able to sit at one of the following locations: Irvine CA, Denver CO or Dallas TX. 

A seasoned, experienced leader with a full understanding of Information Security and Data Privacy providing leadership and solutions to a wide range of situations. Responsible for the Information Security Department which is responsible for the adherence to the required privacy and Information Security compliance program activities including data classification, privacy impact assessments, product and service risk assessments, vendor due diligence, data management and protection, and meeting compliance program operational needs. As part of this program, document and maintain a risk assessment framework covering both information and physical security, and leverage such risk assessment to support prioritization of enhancements required. Partner with the Enterprise Risk Management to define standards and processes and provide subject-matter expertise to oversee vendor Information Security risk and inform periodic audits of third-party service providers' Information Security. Responsible for the development and management of Information Security budgets and the strategic direction of future security related projects. Responsible for the creation and management of security metrics and reporting framework to measure the efficiency and effectiveness of the program, facilitate appropriate resource allocation, and increate the maturity of the security program.

A reasonable, good faith estimate of the minimum and maximum base salary or pay for this position is $222,814.80 to $371,358.00. Actual compensation will vary based on various factors including but not limited to location, experience, and performance.  A discretionary bonus and/or business line incentive may be provided, in addition to a medical and other benefits, dependent on the position.  For more information regarding our benefits, please visit https://www.ppbi.com/careers.html

#LI-Onsite 

#Irvine-CA #Denver-CO #Dallas-TX