Director, Information Risk Management

Texas Capital is built to help businesses and their leaders. Our depth of knowledge and expertise allows us to bring the best of the big firms at a scale that works for our clients, with highly experienced bankers who truly invest in people’s success — today and tomorrow.  

While we are rooted in core financial products, we are differentiated by our approach. Our bankers are seasoned financial experts who possess deep experience across a multitude of industries. Equally important, they bring commitment — investing the time and resources to understand our clients’ immediate needs, identify market opportunities and meet long-term objectives. At Texas Capital, we do more than build business success. We build long-lasting relationships. 

Texas Capital provides a variety of benefits to colleagues, including health insurance coverage, wellness program, fertility and family building aids, life and disability insurance, retirement savings plans with a generous 401K match, paid leave programs, paid holidays, and paid time off (PTO). 

Headquartered in Dallas with offices in Austin, Fort Worth, Houston, Richardson, Plano and San Antonio, Texas Capital was recently named Best Regional Bank in 2024 by Bankrate and was named to The Dallas Morning News’ Dallas-Fort Worth metroplex Top Workplaces 2023 and GoBankingRate’s 2023 list of Best Regional Banks. For more information about joining our team, please visit us at www.texascapitalbank.com. 

Brief Overview of Position

As the Director of Information Risk Management in the Bank's second line of defense, you will play a pivotal role in safeguarding the organization's information assets. Your duties will encompass elevating information security awareness and training, ensuring robust information governance practices, profiling line of business risk, and conducting comprehensive information risk assessments. Your role will involve interfacing with other directors on the team and various lines of business to ensure that information risk is addressed comprehensively across the enterprise. As the review and challenge function for the first line of defense, you will critically evaluate their risk assessments, ensuring all identified risks are managed effectively and aligned with the Bank's overall risk management framework. This collaborative approach ensures a cohesive strategy for mitigating information security risks throughout the organization.

Responsibilities

• Creation of annual security awareness courses and monthly phishing testing exercises aimed at bolstering the security knowledge and behaviors of employees.
• Collaborate closely with the first line of defense to integrate robust information risk management practices into business processes and operations.
• Regularly update information risk-related policies and programs to reflect the latest regulatory requirements and industry standards set by entities such as FFIEC.
• Oversee the information governance framework based on guidelines provided by entities such as BCBS and FFIEC, establishing clear ownership and accountability for information assets.
• Conduct annual assessments, including GLBA, CRI Profile assessment, Ransomware readiness self-assessment, SWIFT CSP, and PCI.
• Define and execute an assessment calendar to systematically review and mitigate information risks across all business units.
• Develop comprehensive reports and presentations for management, risk committees, and the Board to facilitate informed decision-making.
• Gather necessary information risk management documentation and data to support internal and external audit and regulator requests.
• Review and validate first line of defense ("1LOD") and second line of defense ("2LOD") documentation and data submitted to internal and external audit and regulators for completeness and accuracy.

Qualifications

• Minimum 8 years in financial services, preferably directly in risk management related to Risk Control Self-Assessment (RCSA), Key Risk Indicator (KRI), internal/external losses, scenario analysis, FCC, fair lending, organizational change management, and/or program strategic design and execution
• Risk Compliance and/or Audit experience, with experience reading, interpreting, tracking, and administrating regulatory and general risk requirements
• Prior management experience
• Working knowledge of laws and regulations impacting financial institutions
• High degree of professional ethics and integrity
• Expertise utilizing RSA-Archer Governance Risk Compliance (GRC) system functionality in a large financial services firm
• Strong ability to interact and influence at senior levels of the organization
• Ability to report risks and implement change
• Advanced analytical mindset, focused on results with critical thinking, problem-solving, and decision-making skills
• Ability to self-direct and manage competing priorities on concurrent large, complex projects, initiatives and deliverables
• Ability to articulate regulatory applicability, compliance risk(s) and applicable mitigation strategies effectively to business leadership and compliance leadership
• Demonstrated conceptual thinking and analytical skills
• Ability to perform and lead in a fast-paced, transformative environment
• Strong technical proficiency in the use of MS Office including Visio, PowerPoint, Excel and Word and experience using these tools to analyze data, document workpapers, and present results to management.
• Certifications related to information risk, such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified in Risk and Information Systems Control (CRISC), or Certified Information Systems Auditor (CISA) preferred.

The duties listed above are the essential functions, or fundamental duties within the job classification.  The essential functions of individual positions within the classification may differ. Texas Capital Bank may assign reasonably related additional duties to individual employees consistent with standard departmental policy.Texas Capital is an Equal Opportunity Employer.