The Security Executive Council
Chief Information Security Officer
The Security Executive Council, Palo Alto, California, United States, 94306
Overview
About the job
The Chief Information Security Officer (CISO) will be responsible for developing, implementing, and overseeing the enterprise-wide information security and cyber risk management strategy for TabaPay and its subsidiaries. The CISO will serve as the executive accountable for ensuring the confidentiality, integrity, and availability of critical information assets, systems, and infrastructure. This role requires close collaboration with business leaders, regulators, auditors, and technology partners to maintain compliance with banking and financial services security standards while enabling business growth.
Responsibilities
Strategic Leadership: Develop and lead the enterprise information security strategy aligned with the company’s business objectives and regulatory requirements. Advise executive leadership and the Board of Directors on emerging cyber threats, security posture, and risk mitigation priorities. Establish governance structures and policies to manage information and cyber risks across all subsidiaries and affiliates.
Risk Management & Compliance: Oversee the enterprise cyber risk management framework in coordination with Operational Risk, Compliance, and Audit teams. Ensure compliance with NIST, CISA, FFIEC, OCC, Federal Reserve, and other applicable regulatory requirements. Lead cybersecurity risk assessments, penetration testing, and incident simulations. Manage third-party/vendor risk assessments related to information security.
Security Operations: Provide second line of defense oversight and credible challenge of security operations, including monitoring, detection, response, and recovery from cybersecurity incidents. Ensure effective implementation of security controls for data, infrastructure, applications, and networks. Oversee identity and access management, vulnerability management, and data loss prevention programs. Establish and maintain incident response and disaster recovery capabilities.
Collaboration & Awareness: Partner with Technology, Risk, Compliance, and Business Unit leaders to embed security into products, services, and operations. Develop security training, awareness, and culture programs for employees and executives. Engage with regulators, law enforcement, and industry groups on cybersecurity issues.
Qualifications Education & Experience
Bachelor’s degree in Information Security, Computer Science, Risk Management, or related field (Master’s preferred).
15+ years of progressive experience in information security, risk, or technology roles, with at least 7 years in a senior leadership capacity within financial services or banking.
Deep knowledge of U.S. banking regulatory expectations, including GLBA, FFIEC Cybersecurity Assessment Tool, NIST CSF, ISO 27001, PCI DSS, and SOC frameworks.
Proven track record leading enterprise security programs in a complex, regulated environment.
Certifications (preferred)
CISSP, CISM, CISA, CRISC, or equivalent advanced information security certifications.
Skills & Competencies
Strong executive presence with the ability to communicate complex cyber risk issues clearly to the Board, regulators, and non-technical stakeholders.
Demonstrated ability to balance risk management with enabling business innovation.
Strong vendor management and contract negotiation skills.
Experience leading large security teams and developing future leaders.
Compensation The base pay for this position is $250,000, however, base pay offered may vary depending on job-related knowledge, skills, and experience. In addition to a full range of medical, financial, and/or other benefits, dependent on the position offered. This position is located in Palo Alto, CA and will require in office attendance 2x a week.
Benefits
100% employer-paid health care insurance including medical, dental, vision, and life insurance (for employee only)
Employer 401K Matching
Generous and Flexible PTO
We know how to fine-tune corporate security because we\'ve led effective and efficient Fortune 500-level security programs. The SEC helps businesses find the best balance of risk mitigation, cost and innovation.
#J-18808-Ljbffr
The Chief Information Security Officer (CISO) will be responsible for developing, implementing, and overseeing the enterprise-wide information security and cyber risk management strategy for TabaPay and its subsidiaries. The CISO will serve as the executive accountable for ensuring the confidentiality, integrity, and availability of critical information assets, systems, and infrastructure. This role requires close collaboration with business leaders, regulators, auditors, and technology partners to maintain compliance with banking and financial services security standards while enabling business growth.
Responsibilities
Strategic Leadership: Develop and lead the enterprise information security strategy aligned with the company’s business objectives and regulatory requirements. Advise executive leadership and the Board of Directors on emerging cyber threats, security posture, and risk mitigation priorities. Establish governance structures and policies to manage information and cyber risks across all subsidiaries and affiliates.
Risk Management & Compliance: Oversee the enterprise cyber risk management framework in coordination with Operational Risk, Compliance, and Audit teams. Ensure compliance with NIST, CISA, FFIEC, OCC, Federal Reserve, and other applicable regulatory requirements. Lead cybersecurity risk assessments, penetration testing, and incident simulations. Manage third-party/vendor risk assessments related to information security.
Security Operations: Provide second line of defense oversight and credible challenge of security operations, including monitoring, detection, response, and recovery from cybersecurity incidents. Ensure effective implementation of security controls for data, infrastructure, applications, and networks. Oversee identity and access management, vulnerability management, and data loss prevention programs. Establish and maintain incident response and disaster recovery capabilities.
Collaboration & Awareness: Partner with Technology, Risk, Compliance, and Business Unit leaders to embed security into products, services, and operations. Develop security training, awareness, and culture programs for employees and executives. Engage with regulators, law enforcement, and industry groups on cybersecurity issues.
Qualifications Education & Experience
Bachelor’s degree in Information Security, Computer Science, Risk Management, or related field (Master’s preferred).
15+ years of progressive experience in information security, risk, or technology roles, with at least 7 years in a senior leadership capacity within financial services or banking.
Deep knowledge of U.S. banking regulatory expectations, including GLBA, FFIEC Cybersecurity Assessment Tool, NIST CSF, ISO 27001, PCI DSS, and SOC frameworks.
Proven track record leading enterprise security programs in a complex, regulated environment.
Certifications (preferred)
CISSP, CISM, CISA, CRISC, or equivalent advanced information security certifications.
Skills & Competencies
Strong executive presence with the ability to communicate complex cyber risk issues clearly to the Board, regulators, and non-technical stakeholders.
Demonstrated ability to balance risk management with enabling business innovation.
Strong vendor management and contract negotiation skills.
Experience leading large security teams and developing future leaders.
Compensation The base pay for this position is $250,000, however, base pay offered may vary depending on job-related knowledge, skills, and experience. In addition to a full range of medical, financial, and/or other benefits, dependent on the position offered. This position is located in Palo Alto, CA and will require in office attendance 2x a week.
Benefits
100% employer-paid health care insurance including medical, dental, vision, and life insurance (for employee only)
Employer 401K Matching
Generous and Flexible PTO
We know how to fine-tune corporate security because we\'ve led effective and efficient Fortune 500-level security programs. The SEC helps businesses find the best balance of risk mitigation, cost and innovation.
#J-18808-Ljbffr