Chief Information Security Officer

Job Description

Chief Information Security Officer, XD Bank

Summary:

The Chief Information Security Officer (CISO) is responsible for establishing and maintaining the enterprise vision, strategy, and program to ensure information assets and technologies are adequately protected. The CISO will lead the development and implementation of security policies, procedures, and practices to safeguard sensitive data, ensure regulatory compliance, and support the banking and secure growth of cryptocurrency and digital asset products. This role will oversee the organization’s overall information security posture, with specific responsibility for protecting the bank’s operations and digital asset products.

Essential Job Duties & Responsibilities (Include but are not limited to):

Responsible for the management, development and implementation of global security policies, standards, guidelines and procedures to ensure ongoing maintenance of Information Security for XD Bank within the traditional banking platform and digital asset products.

Direct the focus of the company in identifying, developing, implementing, and maintaining security processes, practices, and policies throughout the organization to reduce risks, respond to incidents, and limit exposure and liability in all areas of information, financial, physical, personal, and reputational risk.

Creates and defines strategic information security plans with a vision for the future of Information Security for XD Bank. Responsible for implementing and monitoring said security plans and policies.

Lead efforts to assess and manage risks related to cybersecurity, blockchain security, data privacy, business continuity, and IT compliance. Oversee the security of systems supporting digital asset custody, trading, lending, and wallet technologies. Coordinate blockchain-specific threat detection and incident response processes across product lines. Define and maintain the organization’s security architecture, including blockchain nodes, APIs, smart contracts, and cryptographic key management systems.

Responsible for the successful completion of all Information Security audits by assisting in the audit process and providing the needed information and documentation to the auditors and senior management.

Research and evaluate new and emerging products and technologies, and deploy state-of-the art technology solutions and innovative security management techniques to safeguard the organization’s assets, including intellectual property. Establishes appropriate standards and associated risk controls to protect these assets.

Perform internal audits to help the Information Technology department find exposures. Based on this understanding, suggest appropriate information security solutions that uniquely protect these activities and assets. Performs periodic security scans of the network and network systems. Advises administrators of vulnerable systems to ensure that systems are properly patched and protected by monitoring the remediation of these networks and network systems.

Formulates and implements security designs. Including but not limited to: firewall deployment, authentication systems, authorization systems, intrusion detection, intrusion prevention, encryption, network monitoring, flow analysis, system integrity, risk analysis, DoS mitigation strategies and other proactive security measures.

Oversee the investigation of security breaches and assist with disciplinary and legal matters associated with such breaches as necessary. Coordinates computer incident response efforts, including investigation, evidence gathering, recovery assessment, and ISERT notifications.

Evangelize security within XD by developing content and materials for the User Information Assurance training program. Delivers training classes and workshops on computer security-related topics on a periodic basis.

Track security patches and incidents, distribute relevant information to IT staff. Advises departments on current best practices related to security and makes on-site visits when necessary.

Maintain relationships with local, state and federal law enforcement and other related government agencies.

Work with outside consultants as appropriate for independent security audits.

Responsible for designing, maintaining and operating the XD data and telecommunications network systems.

Responsible for interconnecting local and wide area networks throughout the Beal organization, providing the communication infrastructure for voice, and data transport.

Responsible for the leadership and daily directives of the Network & Security Team.

Responsible for designing, maintaining and operating the XD data and telecommunications network systems.

Responsible for physical security planning and the development of physical security programs with in XD and its subsidiaries.

Function effectively in time sensitive situations as well as present ideas and plans in an open forum.

Formulates, develops, and implements integrated network architectures for XD and its subsidiaries. Develops standards for computer and network systems, to include standards for wiring, equipment, system security, and routing protocol.

Provide planning, leadership, direction, and advanced technical expertise regarding computer and network services for both local and wide area networks, and the worldwide Internet. Serves as high-level technical expert in regards to computer/network systems and associated issues.

Serves as primary point of contact and liaison with vendors; reviews vendor products, and coordinates and facilitates vendor interviews and presentations.

Negotiates exact technical requirements with vendors; establishes contracts, and writes technical contract specifications and proposals.

Maintains a broad knowledge of current and emerging state-of-the-art computer/network systems technologies, architectures, and products.

Responsible for ancillary but related security systems and programs such as, Web Filtering, VPN, RFID, Building Access Control, Video surveillance and control, off Duty Policy Security Force, Intrusion Prevention, and Wireless Defense.

Qualifications (Education, Experience, Computer Skills, Certifications, Etc.):

BA or BS or equivalent, Masters preferred.

15 or more years of progressive IT management experience within banking. Digital assets experience a plus.

Strong people management skills.

Strategic cybersecurity leadership in a banking environment

Crisis and incident response management

Regulatory and compliance acumen (especially BSA/AML and data privacy)

Excellent communication and stakeholder engagement

Team building and cross-functional collaboration

An in-depth knowledge of existing technology to address our customers’ needs.

Strong knowledge of the new technologies emerging in the financial data processing industry.

Strong organizational and problem-solving skills.

Adaptability to client and industry needs.

Strong written, verbal, and non-verbal communication skills.

The ability to envision new or existing applications and/or enhancements and their impact on the Company’s position within the financial services industry.

Benefits options include:

Medical, dental and vision coverage

401K with company match

10 paid holidays

Accrue up to 17 vacation/sick days per year in your first year on a pro rata basis

Applicant may be eligible for annual discretionary bonus

No relocation assistance provided.

If you are looking to be a part of a winning team and meet the above requirements, we look forward to hearing from you.

XD Bank and their affiliates are Equal Opportunity Employers. XD Bank and their affiliates do not discriminate against any candidate or employee on the basis of race, national origin, color, genetics, sex, marital status, sexual orientation, gender identity, age, disability, pregnancy, religion or religious affiliation, veteran or service member status, or any other characteristic protected by federal, state or local laws.

All applicants have rights under federal employment laws. To view your rights and government notices on the Family Medical Leave Act (FMLA), the Equal Employment Opportunity (EEO) and the Employee Polygraph Projection Act (EPPA), please see the following Department of Labor links: FMLA EEO EPPA

Notice to California Residents: XD Bank and their affiliates may collect personal information about you as part of the job application or employment process. Please see the California Privacy Rights Act Policies at CPRA Policy, CPRA Policy CLMG Corp, CPRA CSG Investments CPRA Policy for details.

Full-time