Senior Information Security & Governance Officer (SISO)

Crown Universal

Costa Mesa, CA, USA

Published: 6/14/2022

Technology

Full Time

Job Description

About the Role
A leading, well-established financial institution in Southern California is seeking a Senior Information Security Officer (SISO) to lead the development, implementation, and oversight of the organization’s information security program. This strategic role ensures that member data, core systems, and critical IT infrastructure are protected in compliance with regulatory requirements and industry best practices.

The SISO will work cross-functionally with IT, Risk, Legal, and Operations teams and report into senior leadership. The ideal candidate brings a blend of technical security knowledge, governance experience, and strong vendor and risk management skills within a regulated financial services environment.

Key Responsibilities

Develop, maintain, and enforce the enterprise-wide Information Security Program.
Monitor compliance with FFIEC, NCUA, GLBA, and NIST frameworks.
Oversee risk assessments, vulnerability scans, and penetration testing activities.
Serve as the primary point of contact for external auditors, examiners, and internal compliance related to information security.
Lead third-party risk management processes, including security reviews of vendors and contract oversight.
Collaborate with IT and business units to ensure secure system configurations and incident response preparedness.
Evaluate new and existing security tools, manage budgets, and oversee vendor relationships related to cybersecurity solutions.
Draft, implement, and maintain security policies, procedures, and incident response plans.
Educate employees on security awareness and coordinate regular training and phishing simulations.
Stay current on emerging cyber threats and maintain readiness against new vulnerabilities.

Required Qualifications

Bachelor’s degree in Information Security, Computer Science, Information Technology, or a related field.
10+ years of experience in information security, including 3+ years in a leadership or governance role.
Strong knowledge of cybersecurity frameworks and standards (FFIEC, NIST, GLBA, ISO 27001).
Experience in a bank, credit union, or other regulated financial institution required.
Demonstrated success managing vendors, security audits, and compliance examinations.
Familiarity with risk management tools, SIEM systems, and vulnerability management platforms.
Professional certifications such as CISSP, CISM, CRISC, or similar are strongly preferred.

Preferred Skills

Experience working with Symitar, Jack Henry, or other core banking systems.
Knowledge of incident response planning, tabletop exercises, and disaster recovery protocols.
Ability to work independently and communicate clearly with non-technical stakeholders.

Company DescriptionAt Crown Universal, we are dedicated to delivering exceptional service that meets the unique needs of our clients, ensuring meticulous attention to detail in every task we undertake. We are working closely with one of our partner organizations in Costa Mesa to find their next top hire.

Company Description

At Crown Universal, we are dedicated to delivering exceptional service that meets the unique needs of our clients, ensuring meticulous attention to detail in every task we undertake. We are working closely with one of our partner organizations in Costa Mesa to find their next top hire.