• Participate in building a comprehensive compliance program, ensuring Airbnb meets requirements for compliance frameworks such as PCI. • Address security posture-related questionnaires to support ongoing compliance initiatives. • Collaborate with external and internal auditors to assist with the Test of Design and Test of Effectiveness processes. • Collaborate with stakeholders to understand operational needs and deliver realistic, risk-based recommendations for remediation. • Monitor remediation activities and build metrics and reports on testing/remediation results

• Establish and lead Bank’s information security and cybersecurity programs • Design and implement an enterprise-wide security framework • Develop information security governance, technical controls, and third-party risk oversight • Collaborate closely with technology, risk, and operations teams to integrate security into operations • Lead the development and testing of Business Continuity and Disaster Recovery (BC/DR) plans • Serve as the Bank’s senior advocate for cybersecurity and data protection

• Effective business acumen and an understanding of the cyber security challenges faced by client, with the ability to interact with senior stakeholders across departments • Experience of identifying and applying security risk and familiarity with common control frameworks • Managing, delivering and leading cyber security and cyber risk assignments, including producing documentation, reports, recommendations and quality assuring the work produced by team members. • Working as a subject matter expert in your particular field to support a team and managing a larger team in delivering engagements at scale, with the appropriate reach and influence a across the teams and communities. • Maintaining awareness of key business and industry trends and understanding how they impact responses to cyber risk. • Ability to research, articulate and pitch complex and innovative architecture and security advice, at both business and technical levels, for new or existing problems and be able to justify and communicate design decisions directly to key customer stakeholders including senior management • Working in a particular field as subject matter expert, to support a team in delivering engagements at scale, which may require subtle security needs • Develop vision, principles and strategy for security architects for one project or technology • Providing our clients with trusted advice, rooted in a pragmatic and agnostic understanding of their business situation and objectives, to help them navigate complex, risk-driven Cyber decisions. • Able to understand and comprehend the impact of decisions, balancing requirements and deciding between approaches • Investigating major breaches of security and recommending appropriate control improvements. • Contributing to development of information security policy, standards, procedures and guidelines. • Be the point of escalation for architects in lower grade roles, with the ability to lead the technical design of systems and services

• Develop and maintain robust corporate security architecture • Creating and maintaining information security policies and procedures • Selecting and implementing new information security technologies • Creating information security training programs • Collaborate with software development teams to ensure the latest security issues are proactively addressed • Responsible for network design and security processes • Highest tier of escalation if particularly difficult information security issues emerge. • Directs and oversees project engineering staff • Creates and manages security documentation. • Improve processes for assessing and managing security risks • Collaborates with business leaders to ensure the effective and efficient operation of the IT Security processes • Ensures timely completion of project tasks under their purview