Chief Information Security Officer
Credit One Bank, N.A. is a technology and data-driven financial services company offering a full range of consumer credit card products. As one of the largest credit card banks in the United States, Credit One Bank issues Visa®, Mastercard®, and American Express® products, as well as the Official Credit Card of NASCAR® and the Vegas Golden Knights. Credit One Bank is also the official credit card partner of the Raiders and Las Vegas Aviators. Learn more at CreditOneBank.com and connect with us @CreditOneBank on Facebook, Instagram, Twitter, YouTube, and LinkedIn.
We are looking for highly qualified professionals at our state-of-the-art, corporate headquarters in Las Vegas, NV. In addition to providing our card members with superior value and service, we are dedicated to providing engaging and challenging career opportunities for our employees. As a member of the Credit One Bank team, we’ll help you be your best and support you so you can reach your full potential.
Ensuring security of millions of card members is our most important priority. The CISO balances this against the need to innovate and advance business capabilities, and is an enabler and trusted partner for various business and department leaders.
Overall accountability to develop, implement, and maintain the information and cyber security program, including security policy, standards, guidelines and procedures. Information protection responsibilities will include data privacy and protection, mobile and endpoint security, threat detection, vulnerability management, application security architecture, identity and access management, cyber resiliency, network security architecture, network access and monitoring policies, employee education, and more.
The CISO also manages the Security Operations Center (SOC).
We’re looking for an intelligent, articulate and persuasive leader who can serve as an effective member of the senior management team and who is able to communicate security-related concepts to executives and a broad range of technical and non-technical staff. Responsibilities are consistent with the senior-most security leader for a financial services company, including:
- Design / improve security practices for existing and new technology capabilities to avoid security vulnerabilities, including older banking systems as well as newer cloud architectures
- Constantly update the cyber security strategy and policy to leverage new technology and threat information
- Manage the roadmap and delivery of security initiatives
- Stays current on technological change to understand the evolving security threat landscape, and ways to mitigate risks
- Ensure compliance with the changing laws and applicable regulations in Banking and Financial Services
- Oversee periodic security audits, penetration tests, chaos monkey, and other exercises to validate controls.
- Ensure that disaster recovery and business continuity plans are in place and tested
- Oversee incident response planning, as well as the investigation of breaches, including impact analysis and recommendations for avoiding similar vulnerabilities
- Present regular executive-level reporting to create awareness of emerging risks and the company’s preparedness
- Hire, manage and train security team, employees, contractors and vendors
- Create awareness training and communicate best practices and risks to all parts of the business
- Bachelor’s Degree in Computer Science, Engineering, or MIS. Master’s Degree preferred
- 10+ years of experience leading teams in information security in a regulated industry, preferably at a high-volume Banking or Financial Services institution, or healthcare
- 10+ years of experience with information security architecture and enterprise technology such as: Firewalls, SIEM, DLP, VPN, DMZ, MFA, WAF, Intrusion Detection/Prevention, Encryption, Anti-virus, Anti-Malware, SOC operations, forensics, identity management, etc.
- CISSP, CISM or similar certification
- Collaborative and action-oriented management style (big plus is the ability to be hands-on)
- Excellent written and verbal communication skills and high level of personal integrity
- Innovative thinking and leadership with an ability to find safe and secure solutions for business needs
- Experience with contract and vendor negotiations and management including managed services
- Experience in modern software development practices, such as Agile, SAFe, etc.
- Experience with older, legacy banking systems as well as cloud / elastic computing across virtualized environments, hybrid/multi-cloud infrastructures, and externally-managed services
- Excellent understanding of security best practices including: ISO 17799/27001/27002, NIST Cybersecurity Framework
Credit One Bank, N.A. is an equal opportunity at will employer and does not discriminate against any employee or applicant for employment because of age, race, religion, color, disability, sex, sexual orientation or national origin.
Credit One Bank does not accept unsolicited resumes from agencies and is not responsible for related fees.
- Pay Type Salary
- 6801 S Cimarron Rd, Las Vegas, NV 89113, USA