Information Security Analyst
Job Description
Information Security Analyst
Location: United States
Job Type: Full-Time | Non-Exempt | Remote Eligible
Salary Range: $75,000 – $95,000 per year
About Commercial Bank of California
Commercial Bank of California (CBC) is the largest Latino-owned bank in California and a certified Minority Depository Institution (MDI). Headquartered in Irvine and founded in 2003, CBC is one of the largest privately held banks in the state, with over $3.5 billion in assets as of December 2025.
We are a purpose-driven financial institution committed to building long-term relationships and delivering innovative, personalized banking solutions. Our leadership reflects the diverse communities we serve, and our mission is rooted in empowering entrepreneurs, business owners, and community leaders to thrive.
As a certified MDI, CBC is proud to play a vital role in advancing financial inclusion and economic opportunity. We believe in a higher vision for banking—one that prioritizes trust, collaboration, and community impact. Join us and be part of a team that’s redefining what it means to be a community-focused, relationship-driven bank that puts people over profits.
Job Summary
We are looking for a skilled and adaptable Information Security Analyst who is passionate about protecting critical systems and helping strengthen cybersecurity across our organization.
In this dynamic role, you will contribute across multiple security functions, take ownership of key initiatives, and work closely with cross-functional partners to support a resilient and secure banking environment.
You will play an important role in both preventive and detective security efforts, partnering with internal teams and external vendors to enhance the bank’s security posture and support ongoing regulatory compliance.
The ideal candidate is proactive, detail-oriented, and collaborative, with strong technical expertise, sound judgment, and a solid foundation in information security and compliance practices. If you thrive in a fast-paced environment, communicate effectively, and enjoy solving complex challenges, this is an excellent opportunity to make a meaningful impact.
Essential Duties and Responsibilities
- Help protect the organization by monitoring, investigating, and responding to security alerts generated by enterprise security tools in partnership with management and engineering teams.
- Expand your technical expertise by supporting and serving as backup administrator for a wide range of security tools, including data loss prevention, firewalls, intrusion prevention, cloud content filtering, file integrity monitoring, email security, brand and dark web monitoring, security awareness platforms, privileged access management, endpoint and cloud security, SIEM, and AI-driven detection and response solutions.
- Play a key role in strengthening access governance by coordinating annual user access reviews across applications, cloud environments, network infrastructure, hypervisors, and other critical systems.
- Contribute to a strong security culture by helping develop departmental communications, employee awareness content, and training materials.
- Help drive continuous improvement by documenting, tracking, and supporting remediation of identified control gaps through security posture management, self-assessments, and risk assessment activities.
- Support the bank’s vulnerability management efforts by administering scanning tools across networks, hosts, web applications, and APIs, reporting findings, and partnering with IT on remediation.
- Support oversight of privileged and administrative activity across critical systems to help ensure access and changes align with approved requests and security standards.
- Support security awareness initiatives by coordinating quarterly social engineering tests, follow-up training, retesting, and phishing reporting programs.
- Support secure asset handling by sanitizing IT equipment in accordance with Information Security Policy requirements.
- Contribute to the development and maintenance of security procedures, standards, and documentation that support a strong control environment.
- Partner with internal stakeholders to support audit and regulatory requests by gathering information and responding to documentation needs.
- Take on additional projects and responsibilities that support team goals and provide opportunities for growth.
- Occasional travel of up to 5% to corporate locations may be part of this role.
Minimum Qualifications
Education and Experience
- Bachelor’s degree in Information Security, Computer Science, Information Systems, or a related field, or equivalent practical experience.
- Relevant security certifications are preferred, such as CISSP, CISA, CISM, CEH, or Security+.
- At least three years of hands-on or audit experience in IT, information security, or security operations within a regulated environment, including FFIEC, FDIC, NACHA, or PCI frameworks.
- Strong understanding of applicable legal and regulatory requirements, including FFIEC guidance and FDIC and DFPI rules and regulations.
Preferred Qualifications
- Experience with network penetration testing and vulnerability scanning.
- Experience securing and monitoring applications, cloud environments, networks, hypervisors, and enterprise systems.
Skills and Abilities
- Strong analytical, critical thinking, decision-making, and problem-solving skills.
- Ability to prioritize work, manage multiple tasks, and meet deadlines with minimal supervision.
- Ability to respond to escalated support issues with urgency and professionalism.
- Ability to quickly learn new technologies using documentation, research, and available resources.
- Strong written and verbal communication skills, with the ability to work effectively with employees, executives, and external vendors.
Collaborative team player with the ability to work effectively across diverse teams and contribute to a positive, results-driven environment.
Benefits & Perks
- Competitive employer contribution to medical, dental and vision coverage
- 401k plan with employer match
- Flexible Spending Accounts (FSA) and Dependent Care Accounts
- Employee Assistance Program (EAP)
- Employer provided Calm subscription
- Employer provided mental health benefits through Teladoc
- Life, AD&D and disability insurance
- Minimum 15 Days of Vacation, 11 Paid Federal Holidays, Paid Time off to Volunteer
- Online discount program
- Tuition Reimbursement Program
Join Our Team!
- Submit your resume to Apply to Your Position Here
Equal Employment Opportunity & Accommodations
Commercial Bank of California is proud to be an Equal Employment Opportunity employer. We are committed to creating an inclusive environment for all employees and applicants. All qualified individuals will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity or expression, national origin, disability, protected veteran status, or any other legally protected characteristic.
We evaluate applicants fairly and equitably, including those with criminal histories, in accordance with applicable federal, state, and local laws.
Commercial Bank of California is also committed to providing reasonable accommodations to individuals with disabilities. If you require a reasonable accommodation during the application or interview process, please contact us at hr@cbcal.com with the nature of your request and your contact information.
Recruitment Policy
Commercial Bank of California does not accept unsolicited resumes from any source other than directly from a candidate. Any unsolicited resumes sent to CBC, either directly or indirectly, will be considered the property of Commercial Bank of California.
We will not pay a fee for any placement resulting from the receipt of an unsolicited resume. To submit candidates for consideration, recruiting agencies must have a valid, written, and fully executed agreement with Commercial Bank of California. Without such an agreement in place, no agency submissions will be accepted or compensated.
