Returning Candidate?

VP of Information Security

VP of Information Security

Job ID 
2017-1989
Job Locations 
US-CA-San Diego
Job Type 
Regular Full-Time
Department 
Office of the CEO

More information about this job

Description:

BofI Federal Bank is one of the fastest growing banks in the nation. We are publicly traded (NASDAQ: BOFI), FDIC insured, Equal Housing Lender.

 

We rely on our employees’ collaborative creativity, intelligence, curiosity and innovation. We’re tech-savvy problem-solvers who are competitive and hungry for success.

 

The VP of Information Security will report directly to the CISO and contribute to and support the Bank's information security program.  The position collaborates primarily with the Information Technology area of the Bank.

 

Primary Responsibilities:

  • Study the FFIEC Cybersecurity Assessment (CAT) framework and assist with implementing and maintaining all controls
  • Coordinate / oversee the implementation and maintanance of advanced controls needed for the CAT specifically related to: 1) Threat Intelligence & Collaboration and 2) Cyber Incident Management and Resilience
  • Perform periodic oversight activities of information security controls found in the CAT and other standards
  • Maintain the Critical Security Controls spreadsheet and recommend projects needed for additional maturity
  • Self-test and / or coordinate third party testing on the Bank's information security controls
  • Identify risks within the environment and work with the control owners and management to find and implement solutions
  • Lead projects / tasks related to improving technical information security controls
  • Receive and review external information feeds to identify threats or control recommendations
  • Maintain the Bank's incident response plan
  • Enter and manage documentation for incident response events in an incident response system
  • Develop and / or lead incident response training activities delivered to multiple stakeholders on a periodic basis

Secondary Responsibilities:

  • Recommend, build and / or maintain information security policies, standards and / or procedures
  • Participate in a variety of Bank meetings / calls related to change management, architecture review, etc
  • Stay aware of information security control domains/categories and specific vendors that may provide them
  • Provide after-hours phone support for physical security alarm calls and events
  • Assist with operational activities related to physical security badges and information security controls like internet filtering

Key Skill Sets or Knowledge Requirements:

  • Strong verbal and written communication skills
  • Knowledge of multiple information security frameworks including FFIEC IT Handbooks, FFIEC Cybersecurity Assessment Tool (CAT), Center for Internet Security Top 20, ISO 27001/2
  • CISA, ​CISM, CISSP or equivalent experience

Desired Career Experience & Education Requirements:

  • ​​Previous information technology hands-on experience with desktop, server, network or other related infrastructure roles
  • Multiple years of information security hands-on and/or oversight experience
  • Familiar with risk assessment methodologies such as NIST 800-30
  • Banking or financial services background
  • Project management experience
  • 4-year college degree

Preferred:

  • Advanced degree

Job Functions & Work Environment:

 

While performing the duties of this position, the employee is required to sit for extended periods of time. Manual dexterity and coordination are required while operating standard office equipment such as computer keyboard and mouse, calculator, telephone, copiers, etc.

 

The work environment characteristics described here are representative of those an employee may encounter while performing the essential functions of this position. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions of this position.

 

 

Equal Employment Opportunity:

 

BofI Federal Bank is an equal opportunity employer committed to creating a diverse workforce. We consider all qualified applicants without regard to race, religion, color, sex , gender identity and expression, sexual orientation, national origin, ancestry, citizenship status, uniform service member and veteran status, marital status, pregnancy, age, protected medical condition, genetic information, disability, or any other protected status in accordance with all applicable federal, state and local laws. Candidates must possess authorization to work in the United States.