Chief Information Security Officer

Remote Full-time
EP Wealth Advisors (EPWA) is a wealth management advisory firm with over $42.2 billion as of December 31, 2025, serving predominately high net worth individuals. EPWA fosters an inclusive environment that offers opportunities for our associates to learn, grow and enhance their skills to take on new challenges to progress in their professional careers.

Job Summary:

The Chief Information Security Officer (CISO) is the senior leader accountable for EP Wealth’s enterprise Information Security program, responsible for setting strategy, building and operating a risk-based security function, and ensuring protection of EP’s clients, advisors, and associates.

We are seeking a hands-on, cloud-native Chief Information Security Officer to lead EP’s enterprise information security program as the firm scales. This player-coach will both set security strategy and risk appetite at the Executive/Board level and roll up their sleeves to design and deliver technical controls, processes and measurable outcomes - strengthening identity and access management, endpoint and cloud security, detection & response, data protection, third-party/custodial risk management, and security governance. With a relentless focus on client trust and operational resilience, the CISO will partner closely with Technology, Legal, Compliance, Risk and Business leadership to enable growth while protecting clients and staff, meeting regulatory obligations, modernizing controls and tooling, and ensuring production readiness for cloud, SaaS and data platforms (e.g., Snowflake, Salesforce, Agentforce) and AI initiatives.



Key Responsibilities:

Strategy, Governance, and Risk Leadership


Define and execute a multi-year Information Security strategy and roadmap aligned with EP’s business priorities, regulatory requirements, and risk appetite.
Mature security governance: policies, standards, exception management, risk decision frameworks and formal production gates.
Lead enterprise risk assessments, threat modeling, remediation prioritization, and executive/Board reporting on security posture and program progress.
Translate security risk into business terms and recommend prioritized investments.




Cloud-Native Security & Architecture


Lead security architecture and engineering decisions across our cloud environment, with a strong emphasis on:


Zero Trust principles
Strong Authentication / MFA, privileged access management (PAM)
Device trust and conditional access


Partner with Product & Technology leadership to embed security into architecture reviews, platform selection, and modernization initiatives
Implement CSPM, runtime protection, IaC scanning, network segmentation, and automated compliance checks for cloud workloads.




Security Operations, Monitoring, and Incident Response


Oversee security operations including threat intelligence, monitoring, detection, investigation, and response (internal team and/or managed partners)
Maintain and regularly exercise an Incident Response (IR) program, including playbooks, tabletop exercises, executive communications, and coordination with Legal and external counsel
Ensure high-confidence processes for evidence handling, third-party coordination, and post-incident lessons learned




Securing Agentic AI & Data


Lead the security aspects of data protection: classification, encryption, DLP, secure sharing, retention, and data loss prevention controls.
Define security guardrails for agentic workers and production AI: data minimization, secure feature stores, model access controls, inference governance, model explainability and drift detection.
Partner with Data & Engineering to secure MLOps pipelines, model registries, and production inference. Ensure safe prompt/data handling and auditability for agents.




Security Culture, Awareness, and Training


Drive an enterprise security awareness program tailored to EP’s environment (advisor-facing, client-facing, corporate staff).
Promote a culture of “secure by default,” emphasizing practical behaviors that reduce social engineering risk.




Third-Party and Vendor Risk Management


Transform and direct program to evaluate and monitor third parties (SaaS, vendors, custodians, and key partners) including:


Security questionnaires, attestations (SOC 2/ISO), and contract security requirements
Ongoing monitoring and periodic reassessments






Secure Development and Technology Enablement


Partner with Engineering/IT to mature secure engineering practices, such as:


Security requirements in the SDLC
Vulnerability management and remediation SLAs
Configuration baselines, hardening standards, and security testing






Team Leadership and Program Operations


Build, lead, and mentor a high-performing security team and partner ecosystem
Establish KPIs and program metrics that drive measurable improvement (e.g., phishing resilience, MFA coverage, patch SLAs, EDR coverage)
Manage budget and vendor relationships to ensure efficient, effective security coverage


Apply Now

Apply Now →

Similar Jobs

Experienced Registered Behavior Technician for In-Home ABA Therapy - Atlanta, GA

Remote

Immediate Hiring: Experienced Registered Behavioral Technician (RBT) for Clinic-Based ABA Therapy Services

Remote

Experienced Registered Behavioral Technician (RBT) - ABA Therapy for Children with Autism Spectrum Disorder

Remote

Experienced Registered Nurse - Telehealth: Providing Remote Care Coordination and Patient Support

Remote

Experienced Substitute Teacher for Riverside County Schools - Join Scoot Education's Innovative Team

Remote

Experienced Substitute Teacher for San Bernardino County - Flexible Schedules & Competitive Pay

Remote

Experienced School Year Instructional Coach for High-Dosage Tutoring Programs in Edgewater Park, NJ

Remote

Experienced School Year Tutor for K-8 Students in Math and Literacy - Mickleton, NJ

Remote

Experienced Secondary Social Studies Teacher for Kansas - Flexible Hybrid Remote Arrangement

Remote

USPS Office Helper

Remote

Experienced Remote Chat Moderator – Online Community Management and Support Specialist – Earn $25-$35/hr Working from Home

Remote

Looking for Adjunct Instructor - Jail Academy (non-credit) in Sparta, WI

Remote

VIP Technical Support Specialist – Hospitality Industry (New York Metro Area)

Remote

Hiring Now: Work From Home/ Customer Experience Agent

Remote

Experienced Full Stack Customer Service Specialist – Remote Support for careerzynith

Remote

California Remote Therapist, W2 Part Time (CA Residents)

Remote

Experienced Customer Care Officer for Remote Work Opportunities – Delivering Exceptional Support and Ensuring Customer Satisfaction

Remote

Immediate Hiring: Technology Project Manager: Career Site UAT

Remote

Experienced Virtual Assistant - Data Entry and Administrative Support Specialist for Entertainment and Hospitality Industry Career Opportunities at arenaflex

Remote

Program Manager, ESG Reporting

Remote
← Back