Director of Information Security & IT - Branch

Branch is on a mission to help working Americans grow financially. We do this by helping companies accelerate payments and empower working Americans with accessible, fee-free financial services. We’re committed to building and delivering more inclusive and transparent financial products.

Come join our team as we develop new ways to improve the lives of working Americans. Our mission starts with empowering our own employees. Have a great idea? Share it today and it might just get implemented tomorrow. As a team member at Branch, your voice and creativity can directly impact the product and company. We not only attract great talent from across the country, but also build teams to help that talent to thrive. That means valuing a diversity of opinions and working styles, while creating a shared belief in innovation, initiative, and winning together. 

Reporting to the Chief Information Officer, the Director of InfoSec & IT is a dynamic business and technology leader who will provide overall leadership, vision, and direction for our comprehensive Information Security organization. This role is critical to enabling the company to deliver its strategy while protecting the security and integrity of company technology assets and critical information, including customer data, intellectual property, personally identifiable information and to maintain the company’s overall brand in the marketplace. This leader will bring both hands-on and strategic thought leadership regarding security, technology, products, risk management and IT Compliance to create strong partnerships across business units and functional groups to ensure the company’s security and compliance goals are directly in-line with and will facilitate broader business objectives.

The Director will provide direct leadership to the Corporate Information Security team, including global internal employees and third-party contractors. The group is focused on a wide variety of work, including monitoring the security environment, and partnering with other functional groups to drive enterprise security solutions and standards. This includes policy creation, cyber awareness & education, incident prevention, detection and response, risk management, identity and access administration, and maintaining IT compliance to customer and regulatory obligations.

The Director will be comfortable working in a fast-paced, collaborative, environment, strategically identifying, implementing, and achieving value from goals and priorities. The person in this role must be comfortable working with ambiguity, collaborating with senior leaders (e.g., Branch executives, external audit partners, etc.), have a proven track record of hiring, developing and growing talent, strong leadership presence and demonstrate outstanding communication skills – specifically, having the ability to translate technical vision, roadmaps and decisions into a clear, inspiring story that enables the organization to quickly align and drive results. There is a significant stakeholder management responsibility, including our full Executive Team, and Board of Directors.

Responsibilities include, but are not limited to

• Develop and/or execute an enterprise-wide security, risk and compliance strategy and roadmap that mitigates risk through the right balance of controls and operational flexibility.
• Establish/maintain policies, procedures, standards and guidelines that enable the security and IT Compliance strategy.
• Threat Assessment and Scenario Planning – Identify security vulnerabilities and risks associated with the company’s operations, including partnering with business units to build threat assessment into vendor selection, product design and the development processes.
• Identity & Access Management – Drive the strategies, tools and processes are in place to support security, regulatory and compliance requirements.
• Maintain industry leading detection and containment capability to identify and mitigate sophisticated cyber-attacks against the company.
• Continuously improve operational security and compliance procedures for optimal and effective outcomes, including assessing and testing for vulnerabilities.
• Respond to and resolve risk findings, security exposures, incidents and/or control deficiencies.
• Work directly with the business units and operations group to ensure that the right security capabilities are built into the application development process.
• Oversee the evaluation, selection and implementation of vendor services and tools that support information security and compliance
• Participate in the formation and execution of business continuity planning, and drive disaster recovery planning and execution across multiple business and geographic sites.
• Manage internal and external assessments of security, disaster recovery and compliance (certification and accreditation).
• Provide security awareness training, information and education to employees, contractors and partners.
• Participate in the development, implementation and ongoing compliance to information privacy requirements in technology solutions
• Develop and maintain a program that informs business unit and functional group leadership of the top security risks and overall security health of their organizations.

Qualifications: 

• Bachelor’s degree in Computer Science, Information Technology, Business Administration or related field. Master’s degree preferred
• Eight+ (8) years of information technology experience, including 3 years of leadership experience with solid background in information security and data privacy.
• Experience with security and regulatory regulations, business continuity/disaster recovery, IT audits, risk management, vulnerability assessments, incident management and security operations.
• Proven ability to be an effective senior leader to a team of highly trained personnel and consultants, interact effectively with various law enforcement agencies, auditors, consultants, suppliers and business stakeholders.
• Demonstrated experience dealing with the security challenges and issues confronting a large, global diverse organization and work across organizational boundaries to drive change in a fast paced environment.
• Strong oral, written and interpersonal communication skills.
• Experienced in and able to formulate the cost benefit of security initiatives in the context of overall business risk mitigation and the company’s operational objectives. Ability to compare, contrast and prioritize among alternative approaches to meet those objectives.
• Security certification/accreditation, including, CISM, CISSP, GIAC are highly desired.
• Demonstrates sound judgment and an influential approach to provide risk-based security and process leadership to protect the company.
• Viewed as a security and technology expert across the organization and among external security and compliance peers.
• Build a strong team with the right leadership and technical skills to deliver on the strategy. Continue the development of the team as an asset.
• Build a strong information security mindset across the company’s functional, business, and technology organizations.
• Serve as trusted advisor to senior management and the organization in the development, implementation, and administration of information security, regulatory requirements and policies and procedures, the information security infrastructure and on security and privacy related issues. Manage risk through shared vision with the business leaders.

U.S. Person (citizen or permanent resident of the United States is required)

Benefits: 

• Work from anywhere 
• Branch-paid medical, dental, and vision insurance 
• Equity
• 401k
• Flexible time off
• Paid company holidays
• Paid parental leave

Branch is an equal opportunity employer and we value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.

Working at Branch

Headquartered in Minneapolis but with employees located all throughout the US, Branch emphasizes transparency, accountability, and trust to create a collaborative environment where our product, engineering, marketing, customer support, customer success, and sales teams can all thrive together.

Our teamwork has enabled us to become an award-winning fintech company, with Branch’s innovation and workplace recognized across industries. Branch has been honored by the Webby Awards, Benzinga Fintech Awards, Fintech Breakthrough Awards, Top Workplaces USA, and EY Entrepreneur of the Year, Heartland, among others.  

Learn more about our culture, approach, technology, and people here: https://www.branchapp.com/about