SVP, Chief Information Security Officer
Company: Cathay General Bancorp
Location: El Monte
Posted on: January 14, 2026
|
|
|
Job Description:
The Chief Information Security Officer (“CISO”) is an
experienced, engaging, and visionary leader responsible for the
Bank’s security program including but not limited to daily
operations of the IT security program, oversight of the annual and
ongoing risk assessment process, development, implementation, and
maintenance of policies and procedures, ensuring the
confidentiality, integrity, and access of electronic protected
information and of monitoring program compliance as well as
investigation and tracking of incidents and breaches and in
compliance with federal and state laws. DIRECT REPORTS The
incumbent has direct reports. ESSENTIAL FUNCTIONS 1. Builds a
strategic and comprehensive information security program that
defines, develops, maintains and implements policies and processes
that enable consistent, effective information security practices
which minimize risk and ensure the integrity, confidentiality and
availability of information this is owned, controlled, and
processed within the Bank. Ensures information security policies,
standards, and procedures are up-to-date and consistent with
perceived threats to data in all forms. 2. Facilitates risk
assessments related to information security and risk management
with business units. 3. Initiates, facilitates, and promotes
activities to foster information security awareness within the
Bank. 4. Creates a culture of cyber security both with IT and
driving behavioral changes for the business. 5. Evaluates security
trends, evolving threats, risks and vulnerabilities and applies
tools to mitigate risk as necessary. 6. Manages security incidents
and events involving electronic protected information. 7. Ensures
that the disaster recovery, business continuity, risk management
and access controls needs of the Bank are addressed. 8. Ensures the
Bank complies with the administrative, technical, and physical
safeguards. 9. Collaborates with Senior Management to establish
governance for the security program. 10. Serves in a leadership
role for security compliance. 11. Works closely with Compliance to
ensure alignment between security and privacy compliance programs
including policies, practices, and investigations, and acts as a
liaison to the information systems and compliance departments. 12.
Is responsible for initial and periodic information security risk
assessment/analysis, mitigation and remediation. Is also
responsible for development and implementation of security risk
management plan. 13. Ensures the Bank has audit controls to monitor
activity on electronic systems that contain protected information.
14. Oversees periodic monitoring and reviewing of audit records to
ensure that activity is appropriate. Such activity would include,
but is not limited to, logons and logoffs, file accesses, updates,
edits, and printing. 15. Ensures the Bank has and maintains
appropriate system use and disclosure/confidentiality statement.
16. Oversees, develops and/or delivers initial and ongoing security
training to the workforce. Initiates, facilitates, and promotes
activities to foster information security awareness within the Bank
and related entities. 17. Establishes and administers a process for
investigating and acting on security incidents which may result in
a privacy breach breaches. 18. Maintains current knowledge of
applicable federal and state security laws, licensing, and
certification requirements and accreditation standards. 19. Serves
as information security consultant to all departments for all data
security related issues. 20. Assists with overall technology
planning. QUALIFICATIONS Education: • Bachelor’s degree in
Information Systems, Computer Science, or a related discipline
preferred. • Certified Chief Information Security Officer (CCISO)
and Certified Information Systems Security Professional (CISSP)
required. • Information Systems Security Engineering Professional
(ISSEP), Certified in Risk and Information Systems Control (CRISC),
and/or Certified Information Security Auditor (CISA) a plus.
Experience: • 10 to 15 years of information system experience
preferably in a U.S. bank of $15 billion or greater in asset size
with network experience. • Knowledge and experience in state and
federal information security laws. Skills/Ability: • Demonstrated
organization, facilitation, written and oral communication, and
presentation skills. • Demonstrated skills in collaboration,
teamwork, and problem-solving to achieve goals. • Demonstrated
skills in verbal communication and listening, writing, and
providing excellent service to clients. • A high level of integrity
and trust. • Proven ability to initiate and manage projects that
will affect other departments and functions, as well as the
corporate environment.
Keywords: Cathay General Bancorp, Garden Grove , SVP, Chief Information Security Officer, IT / Software / Systems , El Monte, California
