Chief Information Security Officer (CISO)

The Senior Vice President (SVP), Chief Information Security Officer (CISO), will enable the business to operate securely and within regulatory requirements by controlling information security governance and compliance, developing guidelines and policies, managing information security risks, and overseeing the Information Security Management organization. This role is Bread Financials top expert on security, including security engineering, security operations, cyber intelligence, and data security. Additionally, this role works with information security as a top priority, while growing familiarity with next-generation technologies (e.g., AI). The SVP, CISO should also understand the bank’s in-depth business to both safeguard critical business processes, while enabling the business to grow to meet its strategic objectives.

Job Summary

Essential Job Functions:

• Information Security Risk Management: Define, measure, assess, and systematically prioritize the most complex and highest impact. Identify protection goals, objectives, and metrics based on information security risks. Develop effective strategies to mitigate information security risk.
• Information Security Governance and Compliance: Develop specific information security guidelines and policies to meet operational and regulatory requirements. Enable the business and IT by supporting requirements for transformation and builds. Control the implementation and compliance with bank-wide standards and other regulatory requirements. Serve as contact person for information security related matters, including interfaces to risk, audit, business and IT. Define and conducting trainings and awareness campaigns to educate the workforce. Manage security events and operations. Oversee and lead response to security events based on escalation criteria. Serve as the point of contact and escalation manager for C-suite, the Board, and other key stakeholders on security topics and requirements.
• Domain Expertise: Evaluate and implement industry standard enterprise-wide security technologies and concepts (Application Security, Data Loss Prevention, Security Event Management, GRC Tools, Threat and Access Management, among others), web-related technologies (such as, Web applications, Web Services and Service Oriented Architectures), network-related protocols, and next generation/ modern technology requirements (evolving encryption environment).

Reports To: Executive Vice President, Chief Technology Officer
Direct Reports: 3+ VP level and Senior Director level as well as 50+ indirect reports
Working Conditions/ Physical Requirements:

• Normal office environment.
• A senior leader, must work at a Bread Financial office a minimum of 6 days per month. Ability to travel 6 days a month if not located near a Bread Financial office or client site.
  

Minimum Qualifications:

• Bachelor's degree in computer science or information systems; or equivalent experience
• 15+ years of engaging with and reporting to Boards, executive management, and external parties (e.g., clients, regulators, external auditors, bankers, outside counsel)
• Experience building and leading Information Security and Privacy programs

Preferred Experience:

• Master’s degree in business administration, cyber security, or information assurance
• Experience working in a financial services company and/or large multi-national company
• Experience planning and implementing compliance with privacy regulations (i.e., GLBA, CCPA).
• Experience overseeing digital transformations, including the investment, implementation, and operationalization of next-generation security solutions
• Experience working with and leveraging offshore partners and resources

Knowledge, Skills, and Abilities:

• Security operations, including incident response, crisis management, threat intelligence, and overall tracking of incidents/crisis across an organization with deep knowledge of how to support leadership requirements while providing lessons learned based on their experience responding to large, public data breaches
• Knowledge of relevant security laws, experience navigating the law enforcement community, and relationships with key government stakeholders
• Eye for designing the secure deployment and monitoring of applications and infrastructure into public cloud services (like AW S or Microsoft Azure)
• Agile/Digital
• Understand relationship with Product Owner, Scrum Master, Design Lead, and the rest of technical team
• Managing technical priorities and dependencies
• Knowledge of industry specific banking regulations (FDIC), SEC requirements, data privacy regulations (e.g., GLBA and CCPA), and industry standards (e.g., NIST CSF, CRI, NIST 800-53, PCI DSS)
• Knowledge running regulatory remediation programs as the primary CISO interface with the Regulators
• Effective and persuasive communicator, liaising with a bank leadership and Board members, shaping their agendas around security and effectively communicating both technical and non-technical concepts, regulatory requirements, and risk profile
• Strong ability to shape business and technology needs
• Ability to create broad vision for Information Security function and execute on vision, including attracting talent for today and tomorrow’s requirements
• Inspirational leader who believes in a non-hierarchical culture of collaboration, transparency, and trust across the team
• Collaborative leadership style, which inspires senior and junior colleagues to act with urgency and successfully hone their craft in team settings

This job description is illustrative of the types of duties typically performed by this job. It is not intended to be an exhaustive listing of each and every essential function of the job. Because job content may change from time to time, the Company reserves the right to add and/or delete essential functions from this job at any time.

Typical Starting Range:
$320,200.00 - $754,700.00

Full Salary Range for position:
California: $368,200.00 - $943,400.00
Colorado: $320,200.00 - $792,500.00
New York: $352,200.00 - $943,400.00
Washington: $336,200.00 - $868,000.00

The actual base pay within this range may be dependent upon many factors, which may include, but are not limited to, work location, education, experience, and skills.

Click the Link Below to Apply!
https://alliancedata.wd5.myworkdayjobs.com/en-US/breadfinancial_US/details/Chief-Information-Security-Officer--CISO-_R1009599

Bread Financial offers medical, prescription drug, dental, vision, and other voluntary benefits (including basic and optional life insurance, supplemental medical plans, and short and long-term disability) to eligible associates (regular full-time associates scheduled to work 30 hours per week or more) and their spouses/domestic partners, and child(ren) under the age of 26. New associate elected coverage begins on date of hire (with the exception of disability coverage which has a 6-month waiting period). Six weeks of 100% paid parental leave for eligible parents is available after a 180-day waiting period. Hired associates can immediately enroll in Bread Financial’s 401(k) plan.

All associates receive 11 paid holidays. Associates have discretion in managing their time away from work through the Flexible Time Off (FTO) program and may need to notify and receive approval from their manager prior to taking the time off. Associates (except those located in Illinois) receive 80 hours of Paid Sick and Safe Time (“PSST”) upon hire and at the beginning of each subsequent calendar year. Illinois associates receive 40 hours of Illinois PSST upon hire and at the beginning of each subsequent calendar year and 40 hours of Illinois Paid Leave upon hire and at the beginning of each subsequent calendar year. Illinois Paid Leave must be used before associates in Illinois will be approved to take FTO.

Hired associates will be able to elect the purchase company stock during offering periods in June and December. You will be eligible for an annual incentive bonus based on individual and company performance.

Click here for more Benefits information.

About Bread Financial

• Bread Financial offers competitive pay, a comprehensive selection of benefit options including 401(k).
• The Company is an Equal Opportunity Employer.
• Any applicant offered employment will be required to establish that they are legally authorized to work in the United States for the Company.
• The Company participates in E-Verify.
• The Company will consider for employment all qualified applicants, including those with a criminal history, in a manner consistent with the requirements of all applicable federal, state, and local laws, including the Los Angeles Fair Chance Initiative for Hiring Ordinance, the San Francisco Fair Chance Ordinance, and the New York City Fair Chance Act. Applicants with criminal histories are encouraged to apply.
• The Company complies with the Americans with Disabilities Act (ADA), as amended, and all applicable state/local laws. The Company will provide accommodations to applicants needing accommodations to complete the application process. Applicants with disabilities may contact the Company to request and arrange for accommodations. If you need assistance to accommodate a disability, you may request an accommodation at any time. Please contact the Recruiting Team at TaOps@breadfinancial.com.