Chief Information Security Officer

City National Bank of Florida

full-time

Posted on: 4/10/2026

Location Type: Hybrid

Location: United States

Visit company website

Explore more

Security Engineer jobs

✨ AI Apply

Apply

Job Level

Lead

Tech Stack

Cloud Cyber Security

About the role

Define and execute a risk based information security strategy aligned with the Bank’s business objectives, digital initiatives, and regulatory requirements.
Establish and maintain the Bank’s Information Security Program, including policies, standards, procedures, and governance frameworks.
Partner closely with the Chief Operating Officer and Enterprise Risk Management to integrate cybersecurity risk management into core operational processes and the Bank’s overall risk management framework.
Provide independent challenge and credible oversight of technology and business initiatives from a cybersecurity risk perspective.
Serve as the primary executive responsible for communicating cybersecurity risks, trends, and overall security posture to senior management, the Enterprise Risk Committee, and the Board of Directors.
Maintain direct and unrestricted access to the Board of Directors and its committees on cybersecurity and information security risk matters.
Develop and present clear, actionable cyber risk metrics, key risk indicators (KRIs), and maturity assessments to support informed decision making.
Advise executive leadership on material cybersecurity risks, risk trade offs, and mitigation strategies.
Ensure compliance with GLBA, applicable privacy and cybersecurity regulations, and regulatory guidance.
Own and manage the enterprise wide GLBA Risk Assessment and other cybersecurity risk assessments.
Act as the primary point of contact for regulators, internal audit, and external auditors on information security matters.
Maintain executive oversight of the Bank’s cybersecurity incident response and crisis management framework.
Has authority to escalate, contain, suspend, or recommend cessation of systems, vendors, or business processes during cybersecurity incidents where material risk to the Bank exists.
Lead or direct response efforts for significant security incidents, including investigation, coordination with Legal, Compliance, ERM, Operations, and external parties as required.
Provide governance and oversight for security architecture across on premise, cloud, SaaS, and hybrid environments.
Establish data classification, protection, and encryption standards to safeguard sensitive, confidential, and customer information.
Oversee identity and access management governance, including privileged access controls and authentication standards.
Own the Bank’s third party and vendor cybersecurity risk management framework in coordination with Third Party Risk Management, Operations, and Procurement.
Ensure cybersecurity risk is assessed, monitored, and managed throughout the vendor lifecycle.
Establish and maintain a comprehensive security awareness and education program that promotes a strong, enterprise-wide risk aware culture.
Lead, develop, and retain a high performing information security organization.

Requirements

Minimum 10 years of working experience with information security, audit, compliance and/or related knowledge preferably in banking or a highly regulated industry.
CISO designation and associated certifications e.g. CISSP, CISM, CISA, at a prior financial institution of similar scope and scale.
10+ years of managerial experience in information security.
Proven experience in disaster recovery planning, risk assessment, and policy writing.
Enterprise level experience including managing and successfully delivering cross functional initiatives.
Experience in leading projects and multi-tasking with diverse groups and locations.
Advanced knowledge of applicable US laws and regulations as they relate to Information Security and the effective management of Information Security Risks.
Ability to understand new laws and regulatory requirements and how they relate to security and compliance and present the overall risk to the Bank.
Demonstrable experience in implementing strategic plans and managing an information security program.
Exceptional and proven leadership capabilities – communication, influence & negotiation, conflict resolution, people management, relationship management (internal/external), and team building.
Proven ability to successfully partner with internal clients and vendors to align strategy with deliverables, identify business challenges and develop alternatives to mitigate.
Strong service management and service delivery orientation.
Excellent written, oral, and interpersonal communication skills.
Ability to present ideas in at appropriate levels for different audiences.
Proven ability to work within a changing environment and lead the implementation of change.
Ability to apply change management principles to initiatives of variable sizes and degrees of complexities.
Ability to assess the impact or potential impact of change management initiatives of various sizes and degrees of complexities on business financial and performance.
Advanced level of creativity, strategic thinking and problem management skills.
Ability to conduct and direct research into information security issues.
Self-motivated, self-directed, attentive to detail, and able to multi-task.
Ability to effectively prioritize and execute tasks in a high-pressure environment.

Benefits

Competitive salary
Flexible working hours
Professional development budget
Home office setup allowance
Global team events

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

information securityrisk assessmentdisaster recovery planningpolicy writingcybersecurity incident responseidentity and access managementdata classificationencryption standardscyber risk metricssecurity architecture

Soft Skills

leadershipcommunicationinfluencenegotiationconflict resolutionpeople managementrelationship managementteam buildingstrategic thinkingproblem management

Certifications

CISOCISSPCISMCISA