Banc of California · 1 day ago
SVP, Security Risk and Assurance
Santa Ana, California, United States
Full-time
Onsite
Senior Level, Lead/Staff
$145K/yr - $200K/yr
8+ years expBanc of California is a bank holding company headquartered in Los Angeles, focused on providing banking and treasury management services to various businesses. The SVP of Security Risk and Assurance is responsible for overseeing all aspects of information security programs, risk assessments, and compliance, while advising senior management on security posture and resource management.
BankingFinanceFinancial Services
Responsibilities
Acquire and manage the necessary resources, including leadership support, financial resources, and key security personnel, to support information security goals and objectives to reduce overall organizational risk. Forecast ongoing service demands and ensure that security assumptions are reviewed as necessary. Advise senior management on cost/benefit analysis of information security programs, policies, processes, systems, and elements
Provide continuous monitoring of security landscape so that possible security threats are identified and actioned appropriately. Supervise or manage the governance, risk and compliance function for protective, preventative or corrective measures when a cybersecurity incident or vulnerability is discovered
Collect and maintain data needed to meet system cybersecurity reporting. Advise senior management on risk levels and security posture. Advise appropriate senior leadership or of changes affecting the organization's cybersecurity posture
Establish enterprise information security architecture (EISA) with the organization’s overall security strategy. Ensure that protection and detection capabilities are acquired or developed using the IS security engineering approach and are consistent with organization-level cybersecurity architecture. Evaluate and approve development efforts to ensure that baseline security safeguards are appropriately installed
Monitor and evaluate the effectiveness of the enterprise's cybersecurity safeguards to ensure that they provide the intended level of protection. Manage threat or target analysis of cyber defense information and production of threat information within the enterprise
Define and/or implement policies and procedures to ensure protection of critical infrastructure as appropriate. Continuously validate the organization against policies/guidelines/procedures/regulations/laws to ensure compliance
Work closely with client executives and management teams to understand their businesses and assist in identifying and managing financial and operational risks within their business systems to ensure technology risks are managed. Collaborate with stakeholders to establish the enterprise continuity of operations program, strategy, and mission assurance. Ensure that cybersecurity requirements are integrated into the continuity planning for that system and/or organization(s). Participate in the development or modification of the computer environment cybersecurity program plans and requirements
Review business processes and controls against industry frameworks, identifying gaps in design and execution, and communicating issues and recommendations to business clients. Oversee the development of business continuity programs and the execution of internal control assessments in the areas of:
IT strategy and governance
IT operations, business continuity and disaster recovery
Cybersecurity
Third party risk
ITGC and application controls
SOC reporting
Regulatory and compliance requirements
Oversee information security risk assessments and track self-identified and Internal Audit findings to ensure that appropriate mitigation actions are taken. Ensure that cybersecurity inspections, tests, and reviews are coordinated for the network environment. Ensure that security improvement actions are evaluated, validated, and implemented as required. Ensure that plans of actions and milestones or remediation plans are in place for vulnerabilities identified during risk assessments, audits, inspections, etc
Treat people with respect; keep commitments; inspire the trust of others; work ethically and with integrity; uphold organizational values; accept responsibility for own actions
Demonstrates knowledge of and adherence to EEO policy; shows respect and sensitivity for cultural differences; promotes working environment free of harassment of any type
Follows policies and procedures; completes tasks correctly and on time; supports the company’s goals and values
Performs the position safely, without endangering the health or safety to themselves or others and will be expected to report potentially unsafe conditions. The employee shall comply with occupational safety and health standards and all rules, regulations and orders issued pursuant to the OSHA Act of 1970, which are applicable to one’s own actions and conduct
Performs other duties and projects as assigned
Qualification
Required
8 - 12 year(s) experience with IT audit or cybersecurity
3+ year(s) experience with business continuity, disaster recovery
Bachelor's degree in computer science, Information Systems, Cyber Security, or other quantitative fields
CISA or CISSP Certification required
Laws, regulations, policies, and ethics as they relate to cybersecurity and privacy
Cybersecurity and privacy principles
Information security program management and project management principles and techniques
Risk management frameworks (RMF) and supporting processes
Industry methods for evaluating, implementing, and disseminating information technology (IT) security assessment, monitoring, detection, and remediation tools and procedures utilizing standards-based concepts and capabilities
Computer networking concepts and protocols, and network security methodologies
Host/network access control mechanisms (e.g., access control list, capabilities lists)
Intrusion detection methodologies and techniques for host and network-based intrusions
Cybersecurity and privacy principles related to the use, processing, storage, and transmission of information or data
System and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, Procedural Language/Structured Query Language [PL/SQL] and injections, race conditions, covert channel, replay, return-oriented attacks, malicious code)
Incident response and handling methodologies
Cyber threats and vulnerability information dissemination sources (e.g., alerts, advisories, bulletins)
Preferred
Prior banking and/or financial services background a plus
Benefits
You will be eligible to participate in a 401k plan in which the Bank will match 100% of the first 4% of your contributions, which is immediately vested.
We offer comprehensive insurance options including medical, dental, vision, AD&D, supplemental life, long-term disability, pre-tax Health Savings Account with employer contributions, and pre-tax Flexible Spending Account (FSA).
Banc of California partners with providers that offer adoption, surrogacy, and fertility assistance as well as paid parental leave and family support solutions including care options for your family.
Eligible team members receive paid vacation days, holidays, and volunteer time off.
To support career growth of our team members, we offer tuition reimbursement, an annual mentorship program, leadership development resources, access to LinkedIn Learning, and more.
Company
Banc of California
Banc of California provides a full-service banking and home lending to individuals and their businesses and families.
1001-5000 employees
H1B Sponsorship
Banc of California has a track record of offering H1B sponsorships. Please note that this does not
guarantee sponsorship for this specific role. Below presents additional info for your
reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (5)
2024 (1)
2023 (1)
Funding
Current Stage
Public CompanyTotal Funding
$20MKey Investors
Patriot Financial Partners
2013-12-05Post Ipo Equity· $20M
2002-08-23IPO
Leadership Team
Ken McMullen
Treasurer
Recent News
Benzinga.com
2026-01-07
2025-12-08
2025-11-12
Company data provided by crunchbase