Vp, Ciso

Alkami is a leading cloud-based digital banking solutions provider for financial institutions in the United States that helps clients to transform through retail and business banking, digital account opening and loan origination, payment fraud prevention, and data analytics and engagement solutions. Alkami’s Mobile App Platform has been certified by J.D. Power for providing clients with “An Outstanding Mobile Banking Platform Experience.”

Founded in 2009, we continue to be recognized for our intentional culture and tremendous growth (Best Place to Work in Fintech; Best & Brightest to Work For Nationally; and Comparably’s Best Company Culture, Best Career Growth, Best Engineering Team, and Best Places to Work in Dallas, among others). Through our bold investments in technology and people, we empower our clients to grow confidently, adapt quickly, and build thriving digital banking communities through tailored experiences for over 19.5M users.

As a remote-first company, most of our positions can be remote in the US, except for key roles, which will be indicated in the Job Title.

Follow us on Glassdoor and Linkedin!

Alkami Technology is a leading provider of next-generation digital banking that builds financial technology solutions in a SaaS delivery model, the 176th fastest growing company in America on the Inc. 5000 list, and the #1 fastest growing Texas software firm.Alkami is seeking a Chief Information Security Officer (CISO) to develop and execute on information and cyber security strategies to protect Alkami, its employees, its financial institution clients, and their millions of end-users who utilize our hosted online banking solutions.

This executive-level manager will oversee the technology budget for security technologies and services as well as a team of security engineers and analysts who implement them. The CISO of Alkami will report to our Chief Legal Officer and be directly responsible for ensuring our company maintains a high degree of confidentiality, integrity, and availability across across the enterprise.This position requires a tactical and visionary leader with in depth knowledge of business management, the financial services industry, and comprehensive understanding of
information security technologies and threats.

An ideal candidate will be highly knowledgeable, technical, and aggressively pursue continuous improvement of Alkami’s security posture. The CISO will need to regularly educate and report to stakeholders on enterprise security risks and provide solid recommendations to mitigate them. They will be experienced with software engineering security and help steer a secure software development lifecycle. They will also be seasoned in supporting DevOps teams in public cloud
infrastructures (such as AWS or Azure) in meeting availability and flexibility needs in a secure and compliant way, to the satisfaction of Prudential Regulators.

Responsibilities & Duties

1. Mature and execute a comprehensive cybersecurity strategy that satisfies Alkami’s business needs, regulatory requirements, and security industry best practices.
2. Direct and approve the design and application of security systems.
3. Review and approve security policies and administrative, technical, and physical security controls.
4. Refine and extend vulnerability management programs, penetration testing initiatives, and key security indicator (KSI) dashboards for reporting on posture and readiness to executive stakeholders.
5. Collaborate with in-house compliance and legal experts to help maintain an enterprise risk management program.
6. Collaborate with human resources and other business units to develop effective security programs for reducing risk, increasing user awareness, and improving Alkami’s overall security posture.
8. Develop the talents and expertise of the security teams reporting to the CISO.
9. Provide leadership across the company in incident response scenarios as well as technically thorough root cause analysis for internal and external stakeholders.
10. Present to customers (both current and prospective) on the design, effectiveness and status of our security program.
11. Present to the Board of Directors on the status of our security program and highlight emerging risks posed to the business.

Requirements

● 15+ years of demonstrated experience in information security and cybersecurity techniques, processes, and procedures across a variety of domains, including risk management, software engineering, and hosted and public cloud operations.
● 5+ years of experience driving and executing compliance assessments for regulatory requirements and industry standards such as FFIEC, GLBA, PCI, SOC 2 Type II, and CIS, NIST and NCUA guidelines.
● 5+ years of experience managing security engineering teams that deploy security tools such as DDoS, IPRM, WAF, DLP, IDPS, NGAV, 802.1X, and SIEM.
● 5+ years of experience managing security operations teams that develop alerting capabilities, respond to escalations, and triage incidents, especially such as overseeing a Security Operation Center (SOC) for a large, hosted B2C solution.
● 3+ years of experience working with software engineering teams in building secure and pragmatic development practices, including the full integration of SAST and DAST tools into the continuous integration pipeline.
● Bachelor’s degree in management information systems, computer science, information assurance, or cybersecurity, or 5 additional years of relevant experience to compensate.
● Experience regularly presenting to executive management and the board of directors with clear speaking and writing skills to provide effective communications and influence to advance Alkami’s security posture.
● Demonstrated knowledge of advanced security principles, including cryptographic protocols, ciphers, encryption and hashing algorithms, and related technologies.
● Attention to detail, high degree of urgency, a healthy degree of skepticism, a strong passion for excellence in your work, and a pragmatic approach to cooperating with highly-skilled teams.
● Able to successfully pass required criminal background and professional reference checks and drug testing.

Desired Skills

● Strong technical aptitude, with the ability to effectively communicate with a deep level of working knowledge of all areas of security, as well as with other constituents in a workforce consisting of
expert software developers who need to communicate requirements and results.
● Strong technical understanding of the evolving cyber threat environment, including in-depth knowledge of or participation in FS-ISAC and other threat intelligence sharing communities.
● Demonstrated ability to document and diagram processes, procedures, as well as proactively develop guidelines, internal standards, and baselines.
● Active or past certification in any of CISSP, CCSP, SSCP, CSA CCSK, CCFP, CISA, CISM, or other relevant, comprehensive information security, security engineering, or security operations certifications.
● Ability to support an environment and projects that may require irregular or long working hours, such as to support the team through maintenance windows for planned upgrades and project milestones, and handle escalations of security concerns outside of normal working hours to address urgent situations.
● Previous experience supporting and addressing security concerns in a multi-tenant, hosted solution in a cloud-based architecture.
● Previous experience supporting and securing B2C financial technology solutions, such as online banking, payments solutions, and similar use cases susceptible to similar threat actors.

The salary range for this position is: $240,000 - $360,000

Cool Things to Know

Not Just Any Company: Alkami has an awesome diverse and inclusive environment. We have a FUN culture and offer great benefits, including remote-first environment, unlimited paid time off, 401(k) with employer match, and more.

Work Authorization: We cannot offer employment sponsorship at this time. Candidates must be eligible to work in the US for full-time employment.

Recruiters: We are not looking for outside recruiting firms to help us in this search. Thank you for understanding.

Pay Transparency: As of January 1, 2023, new states and locales have enacted pay equity laws that require more pay transparency by employers in the following states: California, Colorado (effective January 1, 2021), Connecticut, Maryland, Nevada, New Jersey, New York, Ohio, Rhode Island and Washington.

The Important Stuff

Alkami Technology is an Equal Opportunity Employer and Prohibits Discrimination and Harassment of Any Kind: Alkami is committed to the principle of equal employment opportunity for all employees and to providing employees with a work environment free of discrimination and harassment. All employment decisions at Alkami are based on business needs, job requirements and individual qualifications, without regard to race, color, religion or belief, national, social or ethnic origin, sex (including pregnancy), age, physical, mental or sensory disability, HIV Status, sexual orientation, gender identity and/or expression, marital, civil union or domestic partnership status, past or present military service, family medical history or genetic information, family or parental status, or any other status protected by the laws or regulations in the locations where we operate. Alkami will not tolerate discrimination or harassment based on any of these characteristics. Alkami encourages applicants of all ages.

#LI-REMOTE

J.D. Power 2024 Mobile App Platform Certification ProgramSM recognition is based on successful completion of an audit and exceeding a customer experience benchmark through a survey of recent servicing interactions. For more information, visit jdpower.com/awards.