Director, Affirm Bank Information Security

Remote möglichQuellanzeige geprüftBewerbung ohne Konto
Jetzt bewerben bei Dormont Manufacturing Co Sichere Bewerbung über StudySmarter
GEPRÜFTE QUELLE

Aktuelle Original-Stellenanzeige

Quelle: StudySmarter Stellenbestand · Status: aktiv · Bewerbung über das zentrale StudySmarter-Formular.

Aus der Stellenanzeige

Die ganze Ausschreibung von Dormont Manufacturing Co

Automatisch strukturiert · Originaltext unformatiert geliefert

Das ist der Job

Ensure alignment with the Bank’s overall risk management and governance frameworks.

Darum lohnt es sich

The Chief Information Security Officer (CISO) will serve as a key member of the Bank’s Executive Management Team and will be responsible for establishing and leading Bank’s information security and cybersecurity programs.

This leader will collaborate closely with technology, risk, and operations teams to ensure security is integrated into every aspect of the Bank’s systems and operations. Partner with business and technology teams to integrate privacy‑by‑design principles into new products and services.

Build and lead a capable, mission‑driven security team to support the Bank’s evolving needs. Compensation & Benefits Base Pay Grade - T Equity Grade - 14 Employees new to Affim typically come in at the start of the pay range.

Base pay is part of a total compensation package that may include monthly stipends for health, wellness and tech spending, and benefits (including 100% subsidized medical coverage, dental and vision for you and your dependents). We’re extremely proud to offer competitive benefits that are anchored to our core value of people come first.

Some key highlights of our benefits package include: Health care coverage – Affim covers all premiums for all levels of coverage for you and your dependents Flexible Spending Wallets – generous stipends for spending on Technology, Food, various Lifestyle needs, and family forming expenses Time off – competitive vacation and holiday schedules allowing you to take time off to rest and recharge ESPP – An employee stock purchase plan enabling you to buy shares of Affim at a discount We believe It’s On Us to provide an inclusive interview experience for all, including people with disabilities.

Affirm is reinventing credit to make it more honest and friendly, giving consumers the flexibility to buy now and pay later without any hidden fees or compounding interest.

As the Bank prepares to launch as a de novo Industrial Loan Company (ILC), the CISO will design and implement an enterprise-wide security framework that meets FDIC and state regulatory expectations, supports the Bank’s risk appetite, and protects customer and institutional data.

The CISO will lead the development of information security governance, technical controls, and third‑party risk oversight, ensuring a strong and scalable security posture from inception through growth.

What You’ll Do Information Security Program Development Design, implement, and maintain a comprehensive Information Security Program consistent with FDIC guidance (e.g., FIL‑66‑2019, FIL‑13‑2021) and the Interagency Guidelines Establishing Information Security Standards.

Develop and oversee policies, standards, and procedures governing cybersecurity, data protection, and incident response. Provide regular reporting to executive management and the Board on the Bank’s security posture, emerging risks, and mitigation efforts.

Cybersecurity and Threat Management Establish and manage a threat monitoring and detection capability to identify, assess, and respond to cybersecurity risks. Oversee implementation of layered security controls (e.g., network segmentation, encryption, access controls, endpoint protection, vulnerability management).

Lead the Bank’s Incident Response Program, ensuring timely escalation and coordination with regulators when required. Maintain relationships with information‑sharing groups (e.g., FS‑ISAC) and law enforcement to stay informed of emerging threats.

Third‑Party and Affiliate Risk Oversight Evaluate the information security posture of third‑party and affiliate service providers in accordance with the Bank’s Vendor Management Program and FDIC third‑party risk guidance.

Establish due diligence, ongoing monitoring, and contractual requirements for vendors handling sensitive data or performing critical services. Coordinate with Operations, Compliance, and Internal Audit to ensure third‑party risks are identified, assessed, and mitigated.

Data Governance and Privacy Protection Ensure compliance with applicable privacy and data protection requirements (e.g., GLBA, Regulation P, state privacy laws). Implement processes to safeguard customer information and prevent unauthorized access, disclosure, or misuse.

Business Continuity and Resilience Lead development and testing of the Bank’s Business Continuity and Disaster Recovery (BC/DR) plans, ensuring they are integrated with information security objectives. Coordinate regular testing and simulations to validate readiness for cyber incidents and system disruptions.

Support resilience planning for key systems, vendors, and communication protocols. De Novo and Pre‑Opening Readiness Build and document the Bank’s information security program as part of the de novo application process. Establish security architecture, monitoring tools, and vendor relationships prior to launch.

Prepare readiness materials for FDIC and state examinations related to cybersecurity and operational resilience. Ensure security risk assessments and third‑party reviews are completed and incorporated into pre‑opening milestones.

Leadership and Culture Serve as the Bank’s senior advocate for cybersecurity and data protection, promoting a culture of security awareness and accountability. Provide training and guidance across the organization to enhance information security awareness.

Collaborate with peers in Risk, Compliance, Operations, and Technology to align security priorities with business strategy. What We Look For Minimum of 10 years of information security and technology risk management experience, with at least 5 years in a leadership capacity at a regulated financial institution or Fintech.

Demonstrated experience designing and implementing information security programs compliant with FDIC and FFIEC standards. Strong familiarity with third‑party risk frameworks and financial services cybersecurity expectations. Experience leading incident response, penetration testing, and security operations in cloud‑based and hybrid environments.

Proven ability to communicate complex technical topics to executive leadership, the Board, and regulators. Strong leadership, analytical, and problem‑solving skills with a risk‑based and pragmatic approach to decision‑making. Core Competencies Expert knowledge of information security principles, frameworks, and regulatory requirements.

Strategic thinker with strong operational execution and control discipline. Effective communicator capable of influencing across technical and business functions. Collaborative leader who fosters a culture of accountability, awareness, and continuous improvement.

Affim focuses on providing a simple and transparent pay structure which is based on a variety of factors, including location, experience and job‑related skills. In addition, the employees may be eligible for equity rewards offered by Affim Holdings, Inc. (parent company).

USA Pacific base pay range (CA, WA, NY, NJ, CT) per year: $300,000 - $360,000 USA Sapphire base pay range (all other U.S. states) per year: $267,000 - $327,000 Please note that visa sponsorship is not available for this position. Affim is proud to be a remote‑first company!

The majority of our roles are remote and you can work almost anywhere within the country of employment. Affims in proximal roles have the flexibility to work remotely, but will occasionally be required to work out of their assigned Affim office. A limited number of roles remain office‑based due to the nature of their job responsibilities.

We are happy to provide reasonable accommodations to candidates in need of individualized support during the hiring process. (For U.S. positions that could be performed in Los Angeles or San Francisco) Pursuant to the San Francisco Fair Chance Ordinance and Los Angeles Fair Chance Initiative for Hiring Ordinance, Affim will consider for employment qualified applicants with arrest and conviction records. #J-18808-Ljbffr

Bereit?

Bewerbung wird direkt an Dormont Manufacturing Co uebergeben - kein Konto noetig.

Jetzt bewerben
Weitere Stellen bei diesem Arbeitgeber

Dormont Manufacturing Co hat 10 weitere offene Stellen:

Alle 11 Stellen bei Dormont Manufacturing Co ansehen →
Ähnliche Stellen

Wenn dir dieser Job gefällt, schau dir auch an:

Weiter stöbern:

Kostenfrei starten

Jetzt bewerben