Share this Job
Apply now »

Manager, Cyber Security Risk & Compliance

Tulsa, OK, US

Req ID: 69583 

Job Location: Tulsa Tulsa OK 

Areas of Interest: Information Security 

BOK Financial (BOKF), Headquartered in Tulsa, Oklahoma, BOK Financial Corporation (NASDAQ: BOKF) is a top 25 U.S.-based financial services holding company with operations in ten states – Oklahoma, Texas, Arkansas, Arizona, Colorado, Kansas/Missouri, New Mexico, Nebraska and Wisconsin. The company began more than 100 years ago in Tulsa and has successfully diversified into a variety of industries, businesses and geographies.                  .

Bonus Type



If you are looking for a career that combines a passion for innovation, an opportunity for growth, and a culture of teamwork, then you've come to the right place.  We have an exciting leadership opportunity awaiting someone like you!

About the Role

This highly visible role will lead a group of security consultants/analysts in the delivery of the Security Risk Management services and products for the Bank.

You will manage complex processes related to the assessment of information security and cyber threat risks to BOK Financial technology-based information, systems, applications and computing infrastructure. 

You will serve as the Subject Matter Expert on risk assessment methodology, assessment facilitation with risk owners and information security regulatory requirements.  You will also possess knowledge of cyber threat risk mitigation controls and protection practices within BOK Financial and the financial services industry sector.

You will ensure the Security Risk Management program is effectively integrated into the Information Security Management System and Cyber Security Framework. 

What You Can Expect

Each day will have variety in the fast-paced world of cyber security risk and compliance.  Your expertise in Information Technology, Risk and Compliance combined with the ability to lead a team is key to your success.  You will work closely with lines of business, Information Technology (IT) and other necessary stakeholders to meet our risk and compliance program objectives.  You will be the primary interface with the Vendor Management Office (VMO) to assess and determine information security risks related to the supply chain to include third-party providers.

Your executive presence and storytelling ability will be able to articulate technical issues to a diverse audience including the executive leadership team, line of business leaders, regulators and internal/external auditors.  

Team Culture

You will work in a fast-paced, challenging, and exciting environment.  You will partner with departments across the organization and lead your team members, sharing best practices and collaborating on risk prevention.

How You'll Spend Your Time

  • You will ensure BOK Financial remains in compliance with applicable standards and regulations, including evolving data security privacy principles.
  • You will develop, execute, and manage the processes for risk and control assessment of BOKF’s enterprise-wide SRM program to ensure alignment with policies and standards.
  • You will collaborate with broader IT and IS teams to remediate any identified process gaps.
  • You will oversee the maintenance of metrics and KRIs used to demonstrate relative risk.
  • You will contribute to the Information Security roadmap to ensure that all SRM activities are aligned with the CISO's strategy and supporting programs.
  • You will oversee the development and execution of third party service provider information security risk assessment processes.
  • You will manage the relationships with the internal customers and lines of business.
  • You will formulate action plans for achieving objectives and set realistic and challenging objectives and standards of performance for team members.
  • You will align team members to shared goals and create opportunities for teamwork.
  • You will develop your team by communicating job expectations, coaching, mentoring, and providing professional growth opportunities.
  • You will research evolving cyber security technologies to build upon knowledge base, identify trends and use acquired knowledge to determine and recommend changes.

We'd Like to Talk to You

BUILDING A HIGH PERFORMING TEAM: You’re able to listen, collaborate, respond, coach, and provide constructive feedback; keeping your team engaged is necessary for high achievement.

FORWARD-THINKING: You anticipate the implications and consequences of situations and take appropriate actions, and prepare for possible contingencies.

COLLABORATION: Enjoy working in teams and across departments with a proficiency to follow-up and follow-through.

PROBLEM SOLVER: Because every day is different, you must be a problem solver and self-starter. There are so many pieces of the puzzle to keep track of. The complexity of problems to solve will increase as your experience does.

COMMUNICATION: You will need exceptional verbal and written communication to express yourself clearly and concisely to internal and external clients.

RESULTS ORIENTED: You show initiative as you focus on the desired deliverables, while meeting and exceeding your goals.

TECHNICAL EXPERTISE: Your curiosity will drive you to think deeply, rationally, and creatively. Your tech-savviness will help you learn and navigate multiple systems.

Education & Experience Requirements

The required level of knowledge is normally acquired through a Bachelor’s Degree in Computer Science, Management of Information Systems or related field.  Preferred certifications:  CISSP, CISM, CRISC, GMON (SANS), and GCIH (SANS) or related certification

  • Minimum 2 years of experience leading and managing a team
  • 8 – 10 years of experience within Information Security, Risk and Compliance or Information Technology and a minimum of 2 years managing complex initiatives in areas of risk management and/or regulatory compliance
  • Comprehensive experience with creating and documenting risk methodologies, maintaining risk registers, and initiating and executing risk assessments
  • Strong knowledge of latest information security standards and regulations to ensure compliance both with internal security policies and external compliance requirements
  • Thorough understanding of Information Security frameworks and best practices (e.g., PCI, SOX, ISO, NIST)
  • Thorough understanding of project management methodologies and application
  • Working knowledge of banking systems and business practices
  • Familiarity with applicable legal and regulatory requirements, including, but not limited to, the U.S. Sarbanes-Oxley Act, the U.S. Health Insurance Portability and Accountability Act (HIPAA), Payment Card Industry Data Security Standard (PCI-DSS), and Federal Financial Institutions Examination Council (FFIEC).
  • Strong project management skills and experience in creating and managing project plans, including budgeting and resource allocation

Working Conditions & Physical Requirements

Office - 20 lbs

BOK Financial is a stable and financially strong organization that provides excellent training and development to support building the long term careers of our employees. With passion, skill and partnership you can make an impact on the success of the bank, our customers and your own career!

Apply today and take the first step towards your next career opportunity!
BOK Financial is an equal opportunity employer.  We are committed to providing equal employment opportunities for training, compensation, transfer, promotion and other aspects of employment for all qualified applicants and employees without regard to sex, race, color, religion, national origin, age, disability, sexual orientation, genetic information or veteran status.

Please contact with any questions. 


Investing in our talent and building a great workplace is a top priority for us.

  • Empowered employees
  • Award-winning culture
  • Community commitment

Base salary range explanation:

The base salary range represents an average range for this position. Actual offers to be determined based on the candidate’s qualifications, skills, experience and education. See job details for salary range and bonus type.


BOK Financial offers industry-leading benefits addressing your complete physical, financial and emotional health. Click here to see our benefits.


BOK Financial is an award-winning $46 billion regional financial services company and one of the top 30 banks in the U.S, based in Tulsa, Oklahoma.

We seek to continually foster and support the principles and values of our company by promoting an environment that is inclusive of the diverse values, opinions, experience, culture and needs of our employees, clients and communities.


  • 5,100 employees
  • 28 years of financial profitability
  • $79+ billion assets under management and administration
  • $5.8 million in charitable contributions in 2019 and $86 million since the start of the BOKF Foundation in 1998

Nearest Major Market: Tulsa
Nearest Secondary Market: Oklahoma

Job Segment: Cyber Security, Information Security, Supply Chain Manager, Project Manager, Banking, Security, Technology, Operations, Finance

Apply now »