VP, Information Security Architect

GENERAL SUMMARY

This position is responsible for designing, architecting, and supporting the administration and management of the Bank’s Information Security infrastructure and protecting its data and assets in accordance with established Information Security and Bank policies, published regulations and industry best practices.

Responsibilities include performing risk assessments of the bank’s network, applications, and endpoint activity, propose adjustments to network topology and implementation of security controls or tools to mitigate cyber risk, ensuring that the Bank’s network and data are secure in accordance with Bank, IT, and IS Policies.

ESSENTIAL FUNCTIONS

Core areas of responsibility include :

• Drive the architecture, design, implementation, and define operational directives on multiple security projects in the strategic plan.
• Participate in Business and Information Technology projects to recommend security controls and solutions applicable. Provide guidance and recommendations for a secure security infrastructure.

Proactively develop and enforce security plans and standards.

• Gather and analyze performance and compliance data / metrics relating to the Bank’s information security and information risk management standards.
• Manage trade-offs and determine cost-benefits between new tools to be implemented to the current security stack, and improve existing tools by reconfiguring, repurposing, or training.

Identify and evaluate opportunities for process improvement.

• Stay updated with emerging security technologies and propose integration to the security architecture as needed. Maintain strong technical security skills that follow the current market trends to work on both cloud and on-prem based solutions.
• Serve as Subject Matter Expert (SME) across technical information security domains. Incorporate security industry best practices to security architecture design and implementation.
• Identify and assess vulnerabilities and risks to enterprise applications infrastructure and data. Develop and implement technical solutions to counter vulnerabilities and risks.
• Conduct research to identify attack vectors against the organization and develop solutions for emerging threats. Track current and emerging security threats, design and implement security solutions to mitigate them.

Evaluate the potential exposure to security risks / threats and recommend appropriate mitigation.

• Ensure alignment between security architecture with framework, standards and overall business strategy and regulatory requirements such as NIST CSF, NIST 800-53 and CIS, or similar.
• Lead the application security program by identifying key risk factors in internal and vendor provided applications.
• Provide guidance to team members and business units by advising on security and configuration best practices, defense-in-depth and SDLC.
• Review, establish and maintain the API security program.
• Build and review threat models.
• Propose scope, design, and supervise the execution of the penetration test program to reach defined objectives.
• Review and propose improvements to email, endpoint and network security.
• Participate in establishing, planning, and administering overall program and goals for the system security requirements and baseline configurations.
• May perform security assessments of internal and external systems based on industry standards.
• Participate in efforts to remediate audit and regulatory findings and recommendations related to Information Security.
• Develop architectural solutions to meet compliance requirements, including but not limited to : Sarbanes-Oxley, Payment card industry standards, and state and federal regulations.

REQUIRED QUALIFICATIONS

Education : College degree in Information Technology or Information Security or equivalent

Certification : Requires one or more of the following certifications CISSP, CISM, CRISC, CISA, Security+, EnCE, CEH, OSCP, GIAC.

Splunk and Microsoft certifications preferred.

Experience :

• 7+ years experience in Information Security Operations or Information Security Risk Management, preferably in the financial services industry.
• 5+ years experience in a Security Engineering or Security Architecture role with proficiency knowledge on SIEM, EDR / XDR, NAC, IDS / IPS, WAF, IAM, FW, AD, EntraID and AVs.
• Proven experience in securing and implementing policies for Cloud Technologies (M365, Azure, AWS) and the Microsoft (E5) technology stack including Microsoft Defender.
• Proven experience in Application Security and assessing Third-party application security concepts.
• Strong understanding of networking, communication and secure email protocols (TCP / IP, UDP, SSL / TLS, IPSEC, SPF, DKIM, DMARC, DNSSEC, etc)
• Experience performing and assessing the effectiveness of vulnerability management programs and performing security assessments of internal and external systems based on industry standards.
• Experience with Secure Development Life Cycle (SDLC) practices and application security testing, including implementation and use of static and dynamic application security testing platforms preferred.
• Governance or oversight of a third-party risk management program experience preferred.
• Experience defining and improving of an Enterprise data loss prevention program by identifying and proposing controls on data loss channels and Insider Threat Management toolsets preferred.
• Experience configuring and managing a Security Information and Event Management (SIEM) platform preferred.

Skills / Ability :

• Proven ability to initiate and manage projects.
• Self-starter, highly motivated, and able to work with general supervision.
• Strong documentation skills including presentations to technical audiences and to business-driven departments.
• Strong interpersonal communication and collaboration skills.
• Must be available to respond to emergencies in support of incident investigation performed by the Security Operations team, or for troubleshooting of security tools.
• Combination of strong troubleshooting, technical and communication skills.
• Able to train and coach other members of the Security Architecture and Engineering team.

OTHER DETAILS

$140K $160K / year

Pay determined based on job-related knowledge, skills, experience, and location.

Cathay Bank offers its full-time employees a competitive benefits package which is a significant part of their total compensation.

It is our goal to provide employees with a comprehensive benefits package to fit their needs which includes, coverage for medical insurance, dental insurance, vision insurance, life insurance, long-term disability insurance, and flexible spending accounts (FSAs), health saving account (HSA) with company contributions, voluntary coverages, and 401(k).

Cathay Bank may collect personal information from potential job candidates and applicants. For more information on how we handle personal information and your applicable rights, please review our Privacy Policy.

Cathay Bank is an Equal Opportunity and Affirmative Action Employer. We believe in diversity, equity, and inclusion in the workplace.

We welcome applications for employment from all qualified candidates, regardless of race, color, ethnicity, ancestry, citizenship, gender, national origin, religion, age, sex (including pregnancy and related medical conditions, childbirth and breastfeeding), reproductive health decision-making, sexual orientation, gender identity and expression, genetic information or characteristics, disability or medical condition, military status or status as a protected veteran, or any other status protected by applicable law.

Click here to view the EEO is the Law poster in English. Poster- English

Click here to view the EEO is the Law supplement in English.Supplement- English

Clic aquí para ver la EEO es la Ley póster en español. Poster- Spanish

Clic aquí para ver la EEO es la Ley suplemento en español.Supplement- Spanish

点击这里查看EEO是法律海报的中文Poster- Chinese

点击这里查看EEO是法律和补充條例的中文"Supplement- Chinese