Director of Information Security

At New Horizon, we’re building a bank that runs on grit, speed, and execution. We move fast, challenge assumptions, and obsess over doing things better — for our clients and for each other. This isn’t a place for red tape; it’s a place for builders. From product design to client experience to operations, we’re constantly pushing for sharper thinking and smarter solutions. Our team is made up of passionate individuals who share a relentless drive to enhance our services and deliver exceptional experiences. If you’re energized by momentum, motivated by results, and excited to shape the future of banking, you’ll feel right at home here.

General Job Summary: New Horizon Bank is seeking a strategic, hands-on Director of Information Security to lead and mature the bank’s enterprise cybersecurity, information security, and technology risk management programs. This role is responsible for protecting the bank’s systems, customer data, digital banking platforms, and operational infrastructure while ensuring compliance with all applicable banking regulations and industry standards.

The ideal candidate is both a technical leader and business partner who can align security initiatives with organizational growth objectives. As New Horizon Bank continues to expand and scale, this role is designed with a clear growth path into a future Chief Information Officer (CIO) leadership position.

Requirements

• Develop, implement, and maintain the bank’s enterprise information security strategy, roadmap, policies, and standards.
• Lead all cybersecurity operations, including threat monitoring, incident response, vulnerability management, endpoint protection, and access controls.
• Establish and maintain a robust security governance framework aligned with FFIEC, FDIC, GLBA, NIST, and other applicable regulatory requirements.
• Oversee security awareness and training programs for employees and leadership.
• Conduct regular risk assessments, penetration testing, business continuity planning, and disaster recovery exercises.
• Manage third-party/vendor security reviews and ongoing technology risk assessments.

Compliance & Risk Management

• Partner with Compliance, Internal Audit, and Risk Management teams to support examinations and audits.
• Ensure adherence to regulatory requirements and cybersecurity best practices across all banking operations.
• Develop metrics, reporting, and dashboards for executive leadership and the Board of Directors.
• Maintain incident response procedures and coordinate investigations and remediation activities when security events occur.

Technology & Infrastructure Collaboration

• Collaborate with information technology department to secure cloud environments, digital banking platforms, network infrastructure, and core banking systems.
• Provide guidance on secure architecture, data protection, identity management, and technology procurement.
• Evaluate emerging cybersecurity technologies and trends to enhance organizational resilience.

Leadership & Strategic Growth

• Build and mentor a high-performing information security function as the organization grows.
• Serve as a trusted advisor to executive leadership on cybersecurity strategy, operational risk, and technology investments.
• Contribute to long-term technology planning and digital transformation initiatives.
• Demonstrate readiness and capability for future advancement into broader enterprise technology leadership, including a potential CIO role.

Required Knowledge, Skills, and Abilities

• Strong understanding of FFIEC guidance, GLBA, NIST Cybersecurity Framework, and financial institution regulatory expectations.
• Experience leading security programs in a regulated environment.
• Knowledge of network security, cloud security, endpoint protection, IAM, SIEM platforms, and incident response methodologies.
• Excellent leadership, communication, and executive presentation skills.

Education and Experience:

• Bachelor’s degree in Information Security, Computer Science, Information Technology, or related field required; Master’s degree preferred.
• 8 years of progressive experience in cybersecurity, information security, or IT risk management, preferably within banking or financial services

Preferred Certifications

• CISSP (Certified Information Systems Security Professional)
• CISM (Certified Information Security Manager)