Banc of California, Inc. (NYSE: BANC) is a bank holding company headquartered in Los Angeles with one wholly-owned banking subsidiary, Banc of California (the "bank"). Banc of California is one of the nation's premier relationship-based business banks focused on providing banking and treasury management services to small-, middle-market, and venture-backed businesses. Banc of California offers a broad range of loan and deposit products and services through more than 70 full-service branches thro... more details
SVP, Deputy Information Security Officer
Job LocationsUS-CA-Santa Ana
ID
2024-3647
Category
Operations/Asset Mgmt/Products Group
Type
Regular Full-Time
Overview
Banc of California, Inc. (NYSE: BANC) is a bank holding company headquartered in Los Angeles with one wholly-owned banking subsidiary, Banc of California (the “bank”). Banc of California is one of the nation’s premier relationship-based business banks focused on providing banking and treasury management services to small-, middle-market, and venture-backed businesses. Banc of California offers a broad range of loan and deposit products and services through more than 70 full-service branches throughout California and in Denver, Colorado, and Durham, North Carolina, as well as full-stack payment processing solutions through its subsidiary, Deepstack Technologies. The bank is committed to its local communities by supporting organizations that provide financial literacy and job training, small business support, affordable housing, and more.
Job Summary
Responsible for overseeing all aspects of information security operations, information security programs/projects, information security & technology risk assessments, vendor security reviews, and information security reporting. Performs all duties in accordance with the company’s policies and procedures, all U.S. state and federal laws and regulations, wherein the company operates.
Responsibilities
Acquire and manage the necessary resources, including leadership support, financial resources, and key security personnel, to support information security goals and objectives to reduce overall organizational risk. Forecast ongoing service demands and ensure that security assumptions are reviewed as necessary. Advise senior management on cost/benefit analysis of information security programs, policies, processes, systems, and elements.
Provide continuous monitoring of security landscape so that possible security threats are identified and actioned appropriately. Supervise or manage the governance, risk and compliance function for protective, preventative or corrective measures when a cybersecurity incident or vulnerability is discovered.
Collect and maintain data needed to meet system cybersecurity reporting. Advise senior management on risk levels and security posture. Advise appropriate senior leadership or of changes affecting the organization's cybersecurity posture.
Establish enterprise information security architecture (EISA) with the organization’s overall security strategy. Ensure that protection and detection capabilities are acquired or developed using the IS security engineering approach and are consistent with organization-level cybersecurity architecture. Evaluate and approve development efforts to ensure that baseline security safeguards are appropriately installed.
Monitor and evaluate the effectiveness of the enterprise's cybersecurity safeguards to ensure that they provide the intended level of protection. Manage threat or target analysis of cyber defense information and production of threat information within the enterprise.
Define and/or implement policies and procedures to ensure protection of critical infrastructure as appropriate. Continuously validate the organization against policies/guidelines/procedures/regulations/laws to ensure compliance.
Collaborate with stakeholders to establish the enterprise continuity of operations program, strategy, and mission assurance. Ensure that cybersecurity requirements are integrated into the continuity planning for that system and/or organization(s). Participate in the development or modification of the computer environment cybersecurity program plans and requirements. Prepare, distribute, and maintain plans, instructions, guidance, and standard operating procedures concerning the security of network system(s) operations.
Oversee information security risk assessments and track self-identified and Internal Audit findings to ensure that appropriate mitigation actions are taken. Ensure that cybersecurity inspections, tests, and reviews are coordinated for the network environment. Ensure that security improvement actions are evaluated, validated, and implemented as required. Ensure that plans of actions and milestones or remediation plans are in place for vulnerabilities identified during risk assessments, audits, inspections, etc.
Interface with external organizations (e.g., public affairs, law enforcement, Command or Component Inspector General) to ensure appropriate and accurate dissemination of incident and other Computer Network Defense information.
Treats people with respect; keeps commitments; inspires the trust of others; works ethically and with integrity; upholds organizational values; accepts responsibility for own actions.
Follows policies and procedures; completes tasks correctly and on time; supports the company’s goals and values.
Demonstrates knowledge of and adherence to EEO policy; shows respect and sensitivity for cultural differences; educates others on the value of diversity; promotes working environment free of harassment of any type; builds a diverse workforce and supports affirmative action.
Performs the position safely, without endangering the health or safety to themselves or others and will be expected to report potentially unsafe conditions. The employee shall comply with occupational safety and health standards and all rules, regulations and orders issued pursuant to the OSHA Act of 1970, which are applicable to one’s own actions and conduct.
Performs other duties and projects as assigned.
Banc of California is an equal opportunity employer committed to creating a diverse workforce. All qualified applicants will receive consideration for employment without regard to age (40 and over), ancestry, color, religious creed (including religious dress and grooming practices), denial of Family and Medical Care Leave, disability (mental and physical) including HIV and AIDS, marital status, medical condition (cancer and genetic characteristics), genetic information, military and veteran status, national origin (including language use restrictions), race, sex (which includes pregnancy, childbirth, breastfeeding and medical conditions related to pregnancy, childbirth or breastfeeding), gender, gender identity, gender expression, and sexual orientation. If you require reasonable accommodation as part of the application process please contact Talent Acquisition Partner.
Qualifications
Demonstrates knowledge of, adherence to, monitoring and responsibility for compliance with state and federal regulations and laws as they pertain to this position including but not limited to the following: Regulation Z (Truth in Lending Act), Regulation B (Equal Credit Opportunity Act), Fair Housing Act (FHA), Home Mortgage Disclosure Act (HMDA), Real Estate Settlement Procedures Act (RESPA), Fair Credit Reporting Act (FCRA), Bank Secrecy Act (BSA) in conjunction with the USA PATRIOT Act, Anti-Money Laundering (AML) and Customer Information Program (CIP), Right to Financial Privacy Act (RFPA, state and federal) and Community Reinvestment Act (CRA).
Laws, regulations, policies, and ethics as they relate to cybersecurity and privacy.
Cybersecurity and privacy principles.
Information security program management and project management principles and techniques.
Risk management frameworks (RMF) and supporting processes.
industry methods for evaluating, implementing, and disseminating information technology (IT) security assessment, monitoring, detection, and remediation tools and procedures utilizing standards-based concepts and capabilities.
Computer networking concepts and protocols, and network security methodologies.
Host/network access control mechanisms (e.g., access control list, capabilities lists).
Intrusion detection methodologies and techniques for host and network-based intrusions.
Cybersecurity and privacy principles related to the use, processing, storage, and transmission of information or data.
System and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, Procedural Language/Structured Query Language [PL/SQL] and injections, race conditions, covert channel, replay, return-oriented attacks, malicious code).
Incident response and handling methodologies.
Cyber threats and vulnerability information dissemination sources (e.g., alerts, advisories, bulletins).
Bachelor’s degree in Computer Science, Information Systems, Cyber Security, or other quantitative fields and a minimum of 7+ years of related experience and/or training.
Prior banking and/or financial services background a plus.
Salary Range:$174,894.72- 233,201.28 USD; Final salary to be determined by the education, experience, knowledge, skills, and abilities of the applicant, internal equity, and alignment with geographic/market data.
Job Abstracts is an independent Job Search Engine. Job Abstracts is not an agent or representative and is not endorsed, sponsored or affiliated with any employer. Job Abstracts uses proprietary technology to keep the availability and accuracy of its job listings and their details. All trademarks, service marks, logos, domain names, and job descriptions are the property of their respective holder. Job Abstracts does not have its members apply for a job on the jobabstracts.com website. Additionally, Job Abstracts may provide a list of third-party job listings that may not be affiliated with any employer. Please make sure you understand and agree to the website's Terms & Conditions and Privacy Policies you are applying on as they may differ from ours and are not in our control.
We would like to take a second to Welcome You to Job Abstracts, the nation’s largest Pure Job Board. With over 3.1 million job listings from 15,000+ Companies & Organizations, we help job searchers find careers that match their interests. As an anonymous user, you have probably discovered how easy our system is to use. However, you have just scratched the surface of what we can offer.
We encourage you to Register so you can use our most powerful features: searching with multiple terms, setting up multiple locations, establishing favorite companies, and accessing your search history. If you find a job you like, you can apply directly for it, and then, keep notes on it. We will also keep a lookout for jobs that match your search terms and email you when we find something you may like.
You can register for free and the system is free to use. If you like our system so far, click on Register and unlock the power required by serious job searchers.
Any time you conduct a search, the system shows you job matches, ranked by their Relevance Score (RS).
The score is calculated by a proprietary algorithm that uses Intelligent Machine Learning.
The Relevance Score tells you how well the job opportunity matches your search term or terms.
When not logged in, the system is limited to one search term. Scores for single term matches are usually lower.
When you register, log in, and set up multiple terms prioritized by importance, the jobs found for you will receive a much higher Relevance Score.
