Job Description

The Senior Information Security Architect is a highly motivated individual with a passion for protecting enterprise information systems. This position will work closely with the CISO and other senior management to understand evolving business and regulatory requirements for Bank systems, work closely with operational teams to understand the processes and technologies meeting those requirements, and assess whether those systems operate in a manner that not only meet security policies and standards but are well protected against the current threat landscape. The Senior Information Security Architect will proactively work with stakeholders to remediate identified system vulnerabilities and act as a consultant to others, both technical and non-technical, needing advice on a broad range of information security topics.

While this role utilizes a high degree of professional oral and written communication skills to communicate with stakeholders and update written policies and standards guides, this individual is also expected to be hands-on (technically) when needed to ensure security controls are working optimally and act as a last line of support when issues with security controls arise. The Sr. Information Security Architect assists the CISO with risk assessment activities via tabletop and penetration test exercises, selecting and implementing security controls, and documenting the results of their activities while executing the Information Security Program. This role may require after-hours support should serious security incidents and major production issues arise.

Essential Duties

• Researches, designs, plans and advocates for the security architecture for IT systems.
• Develops, reviews, and determines installation security requirements for LANs, WANs, VPNs, firewalls, routers, and related network devices.
• Works with IT stakeholders to define baseline security configuration standards for operating systems, network segmentation, and cloud services.
• Determines security protocols by evaluating business strategies and requirements.
• Responds to and investigates security incidents and provides thorough post-event analysis.
• Reviews system security measures, tracks deficiencies, works with stakeholders to remediate and develops the necessary controls to ensure deficiencies are not reintroduced into the system.
• Conduct regular testing and monitoring of network security.
• Serves as primary resource for security Software Development Life Cycle (SDLC) practices.
• Research and provide technical guidance to IT and Bank Security staff as needed, as well as acts in a mentoring role.
• Monitor and perform security operations tasks to ensure security controls work as expected.
• Track information security related corrective actions and approved exceptions.
• Create and maintain information security documentation, such as policies, procedures, standards.
• Cultivate and maintain good working relationships with stakeholders to ensure continued application of, and compliance to security guidelines.
• Updates job knowledge by tracking and understanding emerging security practices and standards, participating in educational opportunities.

On Call Support

When scheduled for on-call duty, this position is responsible for all end-user support after hours and ensuring that response times and service levels are within the guidelines established by management. Bank Security personnel must ensure that cell phones are on and available in the event of end-user support call or outage alert via text message as well as quick access to workstation/laptop. Bank Security personnel may be expected to be available to respond to critical situations, even if not scheduled for on-call duty.

Complies with all State and Federal Banking regulatory requirements, including but not limited to: BSA, Anti-Money Laundering OFAC, CIP, Financial Elder Abuse Reporting, Sexual Harassment, Information Security and privacy requirements. This position will elevate suspicious activity to supervisory staff and/or BSA department. Completes compliance and other technical training workshops as assigned.

Required Knowledge

• Understanding of information security concepts and domains.
• Experience working with vendors to implement security-related projects.
• Strong understanding of Microsoft Active Directory access rights, user access provisioning, SQL access and Operating System security.
• Understanding and/or experience with the following security technologies, firewalls, web application firewalls, IDS/IPS, e-mail encryption gateways, vulnerability scanning tools, forensics tools.
• Experience with log/packet capturing & decoding of various attack signatures, such as recognizing SQL injections, cross-site scripting attacks, etc..
• Ethernet, TCP/IP, DHCP, DNS, Active Directory and enterprise level backup software.
• Experience with SIEM systems such as SumoLogic or Splunk.
• Experience/understanding of security architecture such as TOGAF, DoDAF, etc.
• Understanding security frameworks such NIST CSF and/or standards like ISO27001, PCI-DSS, etc.
• Experience securing cloud computing environments.
• Open Source Software development process.

Basic Knowledge, Skills and Abilities

• Effective verbal and written communications, including documenting activities, writing reports, and presentation skills for findings and recommendations.
• Clear understanding of the English language (spoken and written) .
• Customer service skills
• Time management skills
• Project planning and execution skills
• Detail-oriented
• Critical thinking, judgment and problem-solving skills
• Ability to actively listen and learn
• Ability to work both independently and with others at all levels
• Ability to respectfully communicate with Supervisors and Co-workers
• Ability to effectively deal with unpleasant, angry or discourteous people

Officer Title Eligibility

For qualified positions, the Bank may designate an Officer Title to an employee who seeks and/or meets defined competencies for an eligible position. This position qualifies for the officer title of Vice President.

Equipment Operated

• Operates standard electronic computers and customary office equipment required to perform essential job functions.
• Use of equipment is required, with or without reasonable accommodation, in accordance with the Americans with Disabilities Act (ADA) and the California Fair Employment and Housing Act (FEHA).

Physical Requirements & Work Environment

The physical demands and work environment characteristics described below are representative of those that must be met by an employee to successfully perform the essential functions of this position. Nothing in this description is intended to limit the availability of reasonable accommodation under applicable law.

• Ability to perform repetitive movements associated with office and computer-based work.
• Ability to sit and or stand for extended periods of time to perform essential job functions.
• Ability to lift, carry, or move objects weighing up to 25 pounds, with or without reasonable accommodation.
• Ability to use hands and fingers to handle, manipulate, or feel objects and operate standard office equipment.
• Work is primarily performed in an office environment with a controlled temperature and standard office conditions.

Education and Experience

• Minimum of 10 years of applicable security and system administration experience
• Bachelor’s degree in computer science or related technical discipline or equivalent experience
• Security Certifications preferred from GIAC, ISC2, CompTIA such as CISSP, SSCP, CCSP, GCIH, CEH, etc.
• Preferred experience in Cloud (Azure), Ai (Copilot), and Infrastructure as Code

Minimum Absence Requirement

As part of the Bank’s internal control and risk management framework, certain positions are designated as sensitive positions. Employees in sensitive positions are required to take a minimum of two (2) consecutive weeks of absence from their duties each calendar year.

This position has been classified as a sensitive position. Accordingly, the selected employee will be required to comply with the mandatory consecutive absence requirement annually, in accordance with Bank policy. The required absence will be scheduled in coordination with management and will comply with all applicable federal, state, and local wage and hour and leave laws, including California requirements. Any paid or unpaid status during this absence will be administered in accordance with applicable law and Bank policy.

Disclaimer

This job description is not intended to be all‑inclusive. Employees may be required to perform other reasonably related duties as assigned by their immediate supervisor or management, consistent with business needs and applicable law.

Farmers and Merchants Bank of Long Beach reserve the right to revise or change job duties and responsibilities at any time to meet business needs. This job description is not intended to be all‑inclusive and does not constitute a written or implied contract of employment.

April 2, 2026