Director Information Security

We are seeking a focused and diligent Director Information Security, Risk & Compliance to own Bridgewater Bank’s technology risk and controls program and ensure audit readiness across the technology environment. This role leads NIST CSF-aligned security risk management and the end-to-end technology audit/exam support program for Internal Audit and regulators. Partnering with the Information Security Officer, Internal Audit, Compliance/ERM, and technology and business leaders, the position maintains the controls framework, coordinates control testing, and drives timely remediation and closure of audit and examination issues.

RESPONSIBILITIES: 

• Partner with IT and the Information Security Officer to implement and continuously improve security strategy, controls, monitoring, vulnerability management, and reporting.
• Lead threat intelligence, including recurring review of internal/external intelligence and proactive risk mitigation.
• Own the NIST CSF-aligned technology controls program (framework/library, evidence standards, and design/operating effectiveness testing) and drive remediation of gaps.
• Own end-to-end audit/exam and SOX technology support, including planning/walkthroughs, evidence quality review, and timely responses; manage workflow/evidence in AuditBoard (or equivalent).
• Manage findings through closure (audits, exams, control testing, pen tests, and vulnerabilities): risk rating, action plans, milestone tracking, validation, and closure evidence.
• Assess third-party technology/service risk and partner with leaders to implement appropriate security controls.
• Provide security engineering guidance across identity/access, data protection, monitoring/response, and cloud/network/endpoint security (including Microsoft security capabilities).
• Maintain governance documentation and audit-ready artifacts (policies, standards, procedures, control narratives, and evidence requirements).
• Drive security tool and process enhancements; coordinate vendors; and develop training/materials for technology staff and employees.
• Deliver concise risk, controls, and audit status reporting to executive and governance stakeholders; escalate emerging risks with recommendations.

 QUALIFICATIONS:

• Bachelor’s degree in Computer Science/MIS (or equivalent experience).
• 5 years’ experience in information security governance/technology risk, controls, audit/compliance, or related roles (regulated environment preferred).
• End-to-end audit readiness/response and exam support experience, including managing evidence, deliverables, and stakeholders (Internal Audit/regulators).
• NIST CSF-aligned controls and testing expertise (controls inventory/library, mapping, evidence standards, and design/operating effectiveness testing), including SOX/ITGC exposure as applicable.
• Proven issue management through remediation and closure for audit/exam and security testing findings (action plans, validation, and closure evidence).
• GRC/audit management tooling experience (AuditBoard preferred).
• Experience supporting penetration testing and vulnerability remediation governance (prioritization, communication, retesting, and closure).
• Technical experience with Microsoft security/identity platforms (M365 security, Entra ID/Azure AD, Intune) plus Active Directory and Group Policy.
• Strong written and verbal communication skills; able to brief technical teams and executives and produce audit-ready documentation.
• Industry certification (e.g., CISSP, CASP , GSEC) or equivalent.

ABOUT BRIDGEWATER BANK:

Picture yourself at one of the Twin Cities’ best places to work, surrounded by people who challenge you, support you, and inspire you to be your best. Welcome to Bridgewater Bank.

We are on a mission to be the finest entrepreneurial bank in the Twin Cities. Like true entrepreneurs, we run fast and lean. We are in constant evolution and the runway for personal and professional growth is long. People are our strength, and that’s why we’ve created and sustained an award-winning culture that promotes growth and celebrates the big and little wins along the way.

At the end of the day, we believe competitive salaries, top-tier benefits, a hybrid work model, and transparency into the business is a given. Working together toward something meaningful with people you enjoy, is just a bonus!

COMPENSATION & BENEFITS:

The typical annual base pay range for this role is between $120,000 – $140,000. Compensation may vary based on individual job-related knowledge, skills, expertise, and experience. This position is eligible for a discretionary annual incentive program driven by organization and individual performance.

Bridgewater Bank provides a broad offering of competitive benefits including (but not limited to):

• Healthcare (medical, dental, vision)
• Basic term and optional term life insurance
• Short-term and long-term disability
• Parental leave
• 401(k) with employer match
• Paid vacation & paid holidays

PLEASE NOTE:

The above is intended to describe the general content of and requirements for this position.  It is not to be construed as an exhaustive list of duties, responsibilities, or requirements. It is Bridgewater Bank’s policy to promote equal employment opportunities. All personnel decisions, including, but not limited to, recruiting, hiring, training, promotion, compensation, benefits, and termination, are made without regard to race, creed, color, religion, national origin, sex, age, marital status, sexual orientation, gender identity, citizenship status, veteran status, disability, or any other characteristic protected by applicable federal, state, or local law.

STATUS: Exempt

Salary : $120,000 - $140,000