Sign up to access all features of our service.
  • Job search
  • Favorites
  • Create a CV
    New
  • Salaries
  • Subscriptions

Deputy Chief Information Security Officer - Bank

$269.7k - $353.95k

Mercury

Deputy Chief Information Security Officer - Bank

San Francisco, CA, New York, NY, Portland, OR, or Remote within United States

The Role:

You will be the operating second to the CISO and own the bank-entity scope of Mercury's 2LOD Information Security program. You'll be the person who keeps the program examiner-ready by default: coherent policy architecture, evidenced controls, a credible gap-remediation track record, and a tested incident response program with documented exercise history.

This is not a research or strategy role. It is a build-and-defend role. You will sit across the table from OCC examiners, FFIEC IT audit teams, our Chief Risk Officer, and the board's risk committee, and you will be expected to answer for every line in our policies and every status in our control inventory.

*Mercury is a fintech company, not an FDIC-insured bank. Banking services provided through Choice Financial Group and Column N.A., Members FDIC

What You'll Own:

  • Bank-entity 2LOD InfoSec program. Governance, policy, risk, and oversight scoped to the chartered bank.
  • Examiner posture. OCC, FFIEC, FDIC and FRB examiner inquiries; ownership of the examiner-ready narrative; coordination of the evidence.
  • FFIEC control remediation. Lead remediation of identified FFIEC IT control deficiencies to charter readiness ahead of the OCC pre-opening examination
  • Policy architecture. Carry the bank-scoped policy stack (Policy / Standard / Procedure), including ratification cycles, MRCC memos, and board approvals.
  • BC/DR. Partner with the Chief Risk Officer on bank continuity, resilience, and recovery, including tabletop exercises and full-scale drills.
  • Audit and assurance. Manage relationships with internal audit (3LOD) and external assessors (SOC 2, FFIEC CAT, regulator-led IT examinations).
  • Third-party risk. Ensure TPRM evidence holds up to bank-grade scrutiny for critical service providers and material outsourcing arrangements.
  • Team development. Coach and grow the GRC sub-team; run a recurring training cadence; build the bench depth a national bank requires.

What We Need:

  • 8+ years in Information Security , with 3+ years inside a regulated bank, trust bank, or de novo bank charter effort. Mercury is a startup chartering a national bank — this experience is non-negotiable.
  • Deep FFIEC and OCC fluency. You have deep working knowledge of the FFIEC CAT, the FFIEC IT Examination Handbook, BSA/AML IT supervisory expectations, and the OCC Heightened Standards.
  • Direct examiner-facing experience. You have defended a control to an OCC, FDIC, or Federal Reserve examiner. You know what good evidence looks like before it gets challenged.
  • Policy and standards craft. You can draft a board-ratifiable policy and the supporting standards stack that operationalizes intent, not just satisfies a checklist.
  • Operating discipline. You run cadences, write status that survives executive review, and maintain currency of controls, evidence, and risk registers.
  • 2LOD instinct. You understand the three-lines-of-defense model and have served in the oversight role.

What We'd Love:

  • Prior Deputy CISO or equivalent senior 2LOD role at a national bank, trust bank, or large credit union.
  • Charter or de novo bank experience — if you've stood one up before, that is a meaningful advantage here.
  • Strong technical baseline, you don't need to be an engineer, but you should be able to challenge an architecture review and read an incident timeline credibly.
  • CISSP, CISM, or CRISC

What Success Looks Like:

  • At 30 days - You have developed working knowledge of Mercury's FFIEC IT control inventory and roadmap, every in-flight policy draft, and met one-on-one with the GRC team. You can speak to the top ten risks in the bank-entity program by name.
  • At 90 days - You are running the weekly bank charter status cadence, leading examiner-readiness reviews, and personally accountable for at least three priority program tracks. The CISO is briefing the board and the MRCC with material you authored.
  • At one year - The charter timeline is on track. The bank-entity Information Security program sustains supervisory-grade standards as a standing posture. You are the executive other functions consult to determine whether a security risk is material.

Why This Role:

We are building a security program designed to protect Mercury and enable the business. Chartering a national bank does not change that philosophy. It does mean we need a Deputy who can hold the bar to OCC standards without losing the operating tempo that has defined Mercury since inception.

If you've been waiting for a chance to build the bank-side security program you wish you'd inherited, this is it.

Compensation:

The total rewards package at Mercury includes base salary, equity (stock options), and benefits.

Our salary and equity ranges are highly competitive within the SaaS and fintech industry and are updated regularly using the most reliable compensation survey data for our industry. New hire offers are made based on a candidate's experience, expertise, geographic location, and internal pay equity relative to peers.

Our target new hire base salary ranges for this role are the following:

  • US employees in New York City, Los Angeles, Seattle, or the San Francisco Bay Area: $269,700 - 353,950
  • US employees outside of the New York City, Los Angeles, Seattle or the San Francisco Bay Area: $242,700 - 318,550

Mercury values diversity & belonging and is proud to be an Equal Employment Opportunity employer. All individuals seeking employment at Mercury are considered without regard to race, color, religion, national origin, age, sex, marital status, ancestry, physical or mental disability, veteran status, gender identity, sexual orientation, or any other legally protected characteristic. We are committed to providing reasonable accommodations throughout the recruitment process for applicants with disabilities or special needs. If you need assistance, or an accommodation, please let your recruiter know once you are contacted about a role.

Vacancy posted 1 day ago
Similar jobs that could be interesting for youBased on the Deputy Chief Information Security Officer - Bank in United States vacancy
  •  ...Deputy Chief Information Security Officer About the Company Successful financial services provider & global investment bank Industry Banking Type Public Company Founded 1832 Employees 10,001+ Categories Finance... 
    Suggested

    Confidential

    Dallas, TX
    4 days ago
  • $235k - $270k

     ...and AI to stop fraud before it happens. Today, over 300 banks, retailers, and fintechs worldwide use Sardine to stop...  ...international travel About the Role Sardine is hiring a Deputy Chief Information Security Officer to partner closely with our CISO and help scale our... 
    Suggested
    Remote job
    Full time
    Worldwide
    Home office
    Flexible hours

    Sardine

    United States
    a month ago
  • $275k - $305k

     ...Chief Information Security Officer (CISO) Full-time Hybrid work location Achieve is a leading digital personal finance company. We help everyday people...  ...$11B in personal and home loans originations via our banking-as-a-service partner. The Chief Information Security... 
    Suggested
    Full time
    Shift work

    ACHIEVE

    Tempe, AZ
    3 days ago
  •  ...smarter, faster, and more secure financial future by revolutionizing...  ...a global leader in Open Banking Payments, we are...  ...About the team The Security & Information Technology organization is...  ...to the Global CTO, the Chief Information Security Officer (CISO) & Head of Information... 
    Suggested
    Full time
    Contract work
    Temporary work
    Work at office
    Worldwide
    Home office
    Flexible hours

    Trustly

    San Francisco, CA
    2 days ago
  • $270k - $320k

     ...them to engage and transact with leading asset managers and bank issuers on a massive scale through a wide variety of...  ...6 trillion in network assets. CAIS is seeking a Chief Information Security Officer (CISO) who pairs deep technical expertise with strategic... 
    Suggested
    Work at office
    Flexible hours
    3 days per week

    CAIS

    New York, NY
    1 day ago
  •  ...Chief Information Security Officer (CISO) Organization: Nymbus Location: Fully remote; occasional travel may be required for client meetings and team...  ...modern fintech company delivering technology solutions to banks and credit unions. We operate in a highly regulated... 
    Contract work
    Remote work
    Night shift

    The Security Executive Council

    Jacksonville, FL
    1 day ago
  •  ...Position Summary Ensuring the security of millions of card members is our most...  ...leaders. The CISO is responsible for the Bank’s Information Security Management Program including Governance...  ...~ Excellent understanding of the Office of the Comptroller of the Currency (OCC... 
    Contract work
    For contractors
    Work at office

    Credit One Bank

    Las Vegas, NV
    3 days ago
  • $225k - $270k

     ...Deputy Chief Information Security Officer Job Location(s) US-CA-Los Angeles Job ID 2026-2261 Category Information Technology Department Engineering Solutions Type Regular Full-Time Position Summary Overview... 
    Full time
    Work at office
    Remote work

    The TCW Group

    Los Angeles, CA
    5 days ago
  • $150k

     ...Overview Our top-notch Information Security team quickly finds and responds to real time threats. These critical thinkers...  ...data in this growing and ever-changing field. The Deputy Chief Information Security Officer (Deputy CISO) serves as the principal lead to the CISO... 
    Full time
    Temporary work
    Apprenticeship
    Work at office
    Local area
    Immediate start
    Remote work
    Flexible hours
    Shift work

    Touro University

    New York, NY
    4 days ago
  •  ...Deputy Chief Information Security Officer (CISO) About the Company Pioneering producer of bauxite, alumina & aluminum products with a global presence Industry Mining & Metals Type Public Company Founded 1888 Employees 10,001+... 

    Confidential

    Pittsburgh, PA
    3 days ago
  •  ...Chief Information Officer (CIO) and Chief Technology Officer (CTO) About the Company Expanding company in the payments & neo banking sectors Industry Banking Type Privately...  ...development and maintenance of secure, scalable, and efficient payment... 
    Remote work

    Confidential

    Fort Worth, TX
    5 days ago
  •  ...Information Systems Security Officer Ranking #9 in the American Banker's 2025 Best Banks to Work For, TIB is committed to serving as Trusted Partners for community banks and our employees. We take great care to maintain a commitment to excellence and personalized service... 

    TIB, N.A.

    Farmers Branch, TX
    1 day ago
  •  ...City First Bank N.A. is a mission-driven Community Development Financial Institution (CDFI) principally focused on a transformative...  ...DC and Los Angeles/Inglewood, CA. ROLE SUMMARY The Information Security Officer is responsible for monitoring, analyzing, and maintaining the... 
    Work at office

    City First Bank

    Washington DC
    3 days ago
  •  ...Job Title: Information Security Officer Summary The Information Security Officer (ISO) at German American Bank is responsible for establishing and coordinating information security efforts, privacy efforts and business resumption planning across the company. The role is... 
    Temporary work
    Work experience placement

    German American

    Owensboro, KY
    4 days ago
  •  ...A financial technology company is seeking a Chief Information Security Officer (CISO) to lead the establishment of its information security programs...  ...will develop and oversee cybersecurity governance as the bank prepares to launch. This role requires substantial experience... 
    Remote work

    Affirm

    New York, NY
    1 day ago
  •  ...address the needs of a broad range of customers and industries. Job Category Information Technology Position Summary The Executive Director, Deputy Chief Information Security Officer (Deputy CISO) is a senior cybersecurity leader responsible for partnering with... 
    Temporary work
    Local area

    Bridgestone Americas

    Nashville, TN
    6 days ago
  •  ...responsible for protecting the bank's sensitive data, ensuring...  ...will foster a culture of security awareness while...  ...implement, and maintain the bank's information security policies, procedures...  ...Structure Reports to the SVP, Chief Information Officer. Office Requirements This... 
    Work at office

    Fortis Bank

    Denver, CO
    2 days ago
  • $76 - $76.9 per hour

     ...Immediate need for a talented Cyber Security Analyst - Lead. This is a 04 months contract opportunity with long-term potential and...  ...GWAPT, or API Security Specialist. Our client is a leading Banking Industry, and we are currently interviewing to fill this and... 
    Contract work
    Local area
    Immediate start
    Remote work

    Pyramid Consulting

    United States
    1 day ago
  •  ...Architecture at JPMorganChase  within the Chief Technology Office (CTO) Line of Business, you are an...  ...today we are a leader in investment banking, consumer and small business banking,...  ...needs. Visit our FAQs for more information about requesting an accommodation.... 
    Work at office

    J.P. Morgan

    Jersey City, NJ
    5 days ago
  • $150k - $160k

    Bank of Hope is seeking a Lead Technical Analyst in Gardena, California. You will translate business needs into effective tech solutions, ensuring requirements are clear. The ideal candidate has 8-10 years in Business Analysis, strong analytical skills, and experience... 
    Full time

    Bank-of-Hop

    Gardena, CA
    1 day ago
  • Support the NY Head of Information Security in maintaining the branch’s information and cyber security posture. Assist in implementing and maintaining...  ...and compliance requirements. Ability to manage multiple tasks with supervision. #J-18808-Ljbffr National Bank of Kuwait
    For contractors
    Local area

    National Bank of Kuwait

    New York, NY
    4 days ago
  • At Open Bank, we pride ourselves on being different and OPEN to new ideas and opportunities...  ...Achieves More. Job Title: FVP & Information Security Officer Department: Risk & Compliance Hybrid...  ...procedures. Work with MIS Manager and Chief Risk Officer ("CRO") or Sr. Risk... 
    Full time
    Work at office
    Immediate start
    Remote work
    Flexible hours

    Open Bank

    Los Angeles, CA
    4 days ago
  • City First Bank is hiring an Information Security Officer to oversee and enhance the bank's security controls and compliance with industry regulations. The role includes monitoring day-to-day operations of security tools and managing user access within bank systems. The... 

    City First Bank

    Washington DC
    4 days ago
  •  ...Cybersecurity Assessments And Exercises Vice President Drive the security of critical banking applications and platforms through hands-on offensive testing. As an Assessments & Exercises Vice President in the Cybersecurity and Technology Controls organization, you... 

    Chase

    Washington DC
    3 days ago
  • $160k - $205k

     ...Job Description At Bank of America, we are guided by a common...  ...America is committed to an in-office culture with specific requirements...  ...the Application Development Security Framework Program within Bank...  ...and external threats on information systems and predict future threat... 
    Work at office
    Shift work
    Day shift

    Bank of America

    Jersey City, NJ
    1 day ago
  •  ...architecture: infrastructure, backend, frontend, smart contracts, and security ~Hire, mentor, and retain a world-class engineering team...  ...in at least one of: fintech infrastructure (payments, lending, banking-as-a-service), blockchain/smart contract development (Solidity,... 
    Full time
    Contract work

    Index Industries

    Remote
    4 days ago
  • $187k - $308k

    WHAT IS THE OPPORTUNITY? Reporting directly to the CNB Chief Auditor, the Deputy Chief Audit Executive, for CNB will assist in the oversight of...  ...the responsibility for developing the risk ratings for the banking and operations auditable entities and developing a detailed... 
    Remote work
    Flexible hours

    City National Bank

    Los Angeles, CA
    2 days ago
  •  ...for the management of the overall Information Systems & Technology solution for Orange Bank & Trust Company as well as its...  ...not limited to, governance and security. Manage and build out IT Helpdesk...  ..., telephone and other standard office equipment. Occasionally travel... 
    Work at office
    Local area

    Orange Bank & Trust Company

    Middletown, NJ
    4 days ago
  • $180k - $200k

     ...systems, ERP platforms, reporting tools, banking systems, and third-party applications....  ...Serve as the company's technology security lead and oversee enterprise cybersecurity...  ...incident response protocols. Manage information security governance, risk mitigation, and... 
    Contract work

    Solomon Page

    New York, NY
    3 days ago
  •  ...Date Revised: 05/2026 Reports to: Chief Financial Officer FLSA Classification: E8...  ...Technology is responsible for overseeing the Bank's Information Technology operations,...  ...initiatives to ensure systems operate securely, efficiently, and effectively. This... 
    For contractors
    Work at office
    Flexible hours

    Claremont Savings Bank

    Claremont, NH
    3 days ago

Do you want to receive more vacancies?

Subscribe and receive similar vacancies to Deputy Chief Information Security Officer - Bank. Be the first to apply!