Lead second-line technology and information security risk oversight for a de novo national bank, establishing the 2LOD technology risk framework and providing independent oversight of IT, cybersecurity, and cloud infrastructure.
172k – 238k/yr
Remote8+ YOESecurity Engineering
About the role
How you’ll make an impact
Provide independent second-line review and credible challenge of first-line technology and information security activities, including cybersecurity controls, software development lifecycle (SDLC) and incident response programs, technology resiliency, and third-party arrangements
Oversee completion of the FFIEC Cybersecurity Assessment Tool (CAT) or equivalent framework; conduct technology and security risk assessments; and provide independent oversight of technology and security risks in alignment with OCC guidance on cloud computing
Serve as a primary second-line point of contact for OCC examiners, internal audit, and other external stakeholders on technology risk and information security program topics and inquiries; prepare and deliver technology risk reporting to risk committees, the CRO, and the board
Build and lead a growing Technology Risk team, shaping how the bank identifies, prioritizes, and responds to its most important technology and security risks in alignment with applicable industry regulations
Partner with first-line IT and cybersecurity teams, TPRM, ERM, Legal, and Compliance to ensure technology and information security risk is integrated into enterprise risk programs, cross-functional risk assessments, and the bank's overall 2LOD reporting and governance structure
Minimum Qualifications
Bachelor's degree or equivalent practical experience in information technology, cybersecurity, or a related field
8+ years of experience in technology risk, information security risk management, IT audit, or GRC in a banking or financial services environment
3+ years of direct people management experience leading technology risk, information security governance, risk, and compliance, or information technology audit professionals
Demonstrated experience applying FFIEC IT Examination Handbook standards and OCC guidance on technology risk and information security in a bank or federally regulated institution
Experience engaging banking regulators (OCC, FDIC, or Federal Reserve) on technology risk, cybersecurity, or IT controls examination matters
Preferred Qualifications
Experience building or significantly enhancing a technology risk or information security GRC program in a de novo bank, early-stage bank, or similar environment where the program required meaningful design and build-out
Knowledge of cloud risk management and OCC/FFIEC guidance on cloud computing (OCC Bulletin 2020-46), particularly in cloud-native or fintech-adjacent technology environments
Familiarity with affiliate technology risk oversight, including independent oversight of bank-affiliate technology service arrangements, associated data segregation requirements, and Regulation W implications
Experience with GRC tool implementation or administration in a bank regulatory context
Current professional certification in information security or technology risk management (CISSP, CISA, CRISC, CISM, or comparable)
Knowledge of AI/ML technology risk and related governance considerations in a fintech, lending, or model-intensive operating environment
Compensation & Benefits
Competitive compensation, including base pay, bonus opportunities, and annual equity grants that vest quarterly
Retirement benefits including a 401(k) or Group Retirement Savings Plan with a company match of $2 for every $1 contributed
Architect endpoint security posture for macOS, Windows, and mobile fleets at Ramp. Build MDM policies as code with Terraform/GitOps, automate patching and software distribution, mine telemetry for detections, and shape security for an agentic AI future. Requires deep macOS/MDM experience and strong IaC skills.
172k – 236k/yr
Hybrid5+ YOESecurity Engineering
Senior Security Architect, Applied Field Engineering (AFE)
SnowflakeMenlo Park, CA +2
Drives strategic customer engagements to architect secure AI and data platforms on Snowflake, transitioning from legacy security to unified architectures with AI governance, IAM, and compliance. Requires 5+ years in security, data, or AI engineering with strong customer-facing skills.
172k – 226k/yr
On-site5+ YOESecurity Engineering
Senior Security Architect, Applied Field Engineering (AFE)
SnowflakeNew York, NY +1
Drives strategic customer engagements to architect secure data platforms on Snowflake, focusing on AI security, identity management, and modern SecOps. Partners with sales and engineering to transition customers to unified security architectures with 5+ years experience in security or data engineering.
172k – 226k/yr
Hybrid5+ YOESecurity Engineering
GRC Automation & Assurance Lead
RoktNew York, NY
Lead GRC audit, assurance, and compliance programs while architecting and shipping AI agents to automate evidence collection, control testing, questionnaires, and audit prep for ISO 27001 and SOC 2.
174k – 215k/yr
On-site4+ YOESecurity Engineering
Sr. Threat Researcher
IllumioSunnyvale, CA
Senior Threat Researcher analyzes large-scale security datasets to identify attacker TTPs, maps threats to MITRE ATT&CK, and collaborates with product teams to enhance detection, risk insights, and segmentation strategies at a cybersecurity firm. Requires 5+ years in threat research or related fields.