Who We Are: 

FFB, a dynamic and acclaimed single-branch bank born in the heart of Fresno, CA in 2005, is on a mission to redefine the banking experience. Our commitment to delivering top-notch banking services has propelled us to the forefront of the industry, earning us accolades and recognition. At FFB, we recognize the uniqueness of each individual who walks through our doors, and our dedicated team strives to craft personalized banking solutions that cater to their distinct needs.

What sets FFB apart is not just our Fresno roots but the diverse talents that make up our team, hailing from every corner of the country. We firmly believe that our people are our greatest strength, and we're constantly on the lookout for ambitious and passionate individuals who align with FFB's vision, regardless of their location.

If you're ready to be part of a winning team and contribute to our ongoing success story, we invite you to apply and join the FFB family!

Recent Achievements Speak Louder Than Words:

• 2024 & 2025 - American Banker - #1 Top Performing Publicly Traded Bank with under $2b in assets  
• 2023 - American Banker - "Top 5" Community Bank in the Country #4 
• 2023 - OTCQX - Best 50 Companies #3 
• 2023 - 5-star Rating Bauer Financial 

What You Should Expect While Working at FFB:

• Company ownership through our Employee Stock Ownership Program (ESOP)
• A friendly, close-Knit work culture that encourages growth 
• Opportunities to Participate in Community Networking Events 
• Benefits Package

o Medical/Dental/Vision

o Life Insurance

o Paid Vacation

o 401(k) Retirement Plan

o Training & Development

o Tuition Reimbursement

o Employee Assistance Program

o Internal Job Posting & Referral Program

Ideal Candidate: FFB prides itself on its core values of Teamwork, Relationship, Authenticity, and Commitment (TRAC). We expect that our team members will reflect these values in the workplace in various ways: 

• Teamwork – We collaborate, hold each other accountable, and win together. 
• Relationship – We are trustworthy, transparent, and respectful. 
• Authentic – We are humble, vulnerable, and we speak up. 
• Commitment – We are owners...Be hungry, responsive, and have a sense of urgency.

About the Position: 

The Enterprise Risk Officer II is a senior-level risk professional responsible for leading key components of the Bank’s Enterprise Risk Management framework, with specialized oversight of IT Risk and Information Security. This role exercises independent judgment, serves as a trusted advisor to management, and provides day-to-day ownership of select ERM programs. In addition, the officer performs part-time Information Security Officer duties within ERM under the guidance of the Director of Enterprise Risk Management and in collaboration with the Chief Operations Officer, focusing on governance, risk oversight, and regulatory alignment rather than daily IT operations. The role partners closely with business leaders, Compliance, Audit, IT, and Information Security stakeholders to identify, assess, mitigate, and report technology, cybersecurity, and enterprise risks, while mentoring ERM staff and supporting the ongoing evolution of ERM and Information Security governance frameworks.

Note: This role does not perform day-to-day IT operations and does not replace technical IT security staff. The ISO responsibilities are governance-, oversight-, and risk-focused.
Essential Duties:

• Performs Information Security Officer (ISO) responsibilities as a governance and risk oversight function within ERM, in alignment with FFIEC, GLBA, and regulatory expectations.
• Provides second-line oversight of the Bank’s Information Security Program, ensuring appropriate policies, standards, and controls are established and maintained.
• Partners with the CTO and IT leadership to review cybersecurity risks, security incidents, vulnerability assessments, and remediation activities.
• Supports periodic Information Security Risk Assessments, ensuring results are documented, reported, and incorporated into the enterprise risk profile.
• Assists with preparation of Board- and committee-level Information Security reporting, including risk posture, trends, and material issues.
• Supports regulatory examinations, audits, and inquiries related to Information Security, cybersecurity, and IT risk governance.
• Ensures Information Security risks are appropriately integrated into ERM programs such as RCSA, Third-Party Risk Management, Incident Management, and DR/BCP.
• Owns designated ERM functions, including IT Risk and Information Security risk oversight, as assigned by the Director of ERM.
• Leads the design, execution, and continuous improvement of assigned ERM programs, ensuring technology and cybersecurity risks are appropriately incorporated.
• Evaluates risk exposures and control effectiveness independently, recommending actions to management and escalating material risks as appropriate.
• Acts as ERM’s designated representative for Information Security governance, supporting Board, management committees, audits, and regulatory interactions related to IT and cybersecurity risk.
• Leads enterprise-wide and targeted risk assessments, including inherent risk identification, control evaluation, and residual risk determination.
• Facilitates risk workshops, scenario analyses, and management discussions across business lines and support functions.
• Ensures consistency and quality in risk assessment outputs across the organization.
• Represents ERM in internal governance forums, management committees, and working groups.
• Prepares and presents ERM materials for senior management and Board-level committees, as delegated.
• Serves as a key ERM contact for internal audits, external audits, and regulatory examinations, coordinating responses and remediation tracking.
• Monitors regulatory guidance and industry developments, translating requirements into actionable ERM enhancements.
• Oversees the development of IT and Information Security risk metrics, KRIs, and dashboards, ensuring clear visibility into cybersecurity posture and emerging technology risks.
• Provides forward-looking risk insights, trend analysis, and emerging risk identification to support strategic decision-making.
• Supports risk appetite refinement and alignment with enterprise strategy.
• Mentors ERM Analysts and Risk Officer I staff by providing technical guidance, reviewing work products, and supporting professional development.
• Leads or co-leads ERM-related training sessions, tabletop exercises, and facilitated risk discussions.
• Contributes to succession planning and knowledge transfer within the ERM function.
• Supports the development and periodic review of ERM policies, standards, and governance documentation.
• Identifies opportunities to enhance ERM efficiency, automation, and data quality, including effective use of GRC tools.
• Champions a strong risk culture by promoting accountability, transparency, and proactive risk management practices.
• Embodies the TRAC Values and Critical Behaviors (Teamwork, Relationship, Authenticity, Commitment) as core principles, using them to guide daily interactions and decision-making.
• Completes administrative tasks with a sense of urgency, including required Bank Compliance Training. Responds to internal and external inquiries via email, phone, or messaging platforms in a timely and professional manner. Positively represents the Bank through ethical conduct and community involvement.
• Demonstrates an understanding of and commitment to EEO policies. Fosters a respectful, inclusive workplace by valuing cultural differences, preventing harassment of any kind, and supporting a diverse workforce. 
• Ensures adherence to all Bank policies, procedures, and processes, along with applicable state and federal laws, rules, and regulations, ensuring confidentiality and data privacy while carrying out AML/CFT (Anti-Money Laundering and Countering the Financing of Terrorism) responsibilities specific to the role.
• Performs duties in an office or home office environment, involving tasks such as writing, typing, speaking, lifting moderate weights, and operating office equipment. The position requires physical activities like sitting, walking, and reaching. Reasonable accommodation can be made for individuals with disabilities to perform essential functions.
• Travels up to 10%, including but not limited to attending company meetings, training sessions, and corporate events, with travel typically being regional or local based on business needs.

• To support team collaboration and time zone alignment, candidates must be based on the U.S. West Coast (such as California, Oregon, or Washington).
• Bachelor’s degree from an accredited college or university in a relevant field (e.g., Business, Finance, or related) preferred. Advanced degree or relevant certifications strongly preferred for senior-level roles. 
• Minimum 5–8 years of related Risk Analysis or Banking industry experience required.
• Proficient analytical and problem-solving skills; capable of interpreting complex data and providing meaningful insights.
• Experience, knowledge and training in financial statement and tax return analysis typically resulting from a combination of education in accounting, financial and/or credit analysis or related areas.
• Experience with Governance, Risk, & Control (GRC) Tools preferred. Proficiency with Microsoft Office Suite (Excel, Word, Outlook) required.
• Effective oral, written, and interpersonal communication skills with the ability to apply common sense to carry out instructions, interpret documents, understand procedures, write reports and correspondence, and speak clearly to customers, vendors and employees. 
• Strong organizational and time management abilities with attention to detail.
• Strong teamwork and relationship skills to lead collaborative efforts, foster alignment, and drive results across teams. 
• Ability to take initiative and impact change within the Bank through consensus building and conflict resolution. 
• Willingness to take on special projects and perform other duties as assigned, beyond core responsibilities, to support team and organizational needs.
• Commitment to continuous learning and professional development to stay current with industry standards and best practices. 
• Ability to maintain authenticity and integrity in all professional interactions, ensuring trust and credibility with stakeholders.
• Capable of managing multiple priorities and meeting deadlines in a dynamic environment.
• Ability to work independently with minimal supervision and as part of a team.
• Proven ability to adapt to changing priorities and procedures.
• Current driver’s license and a vehicle with appropriate insurance coverage if required to drive while performing assigned duties and responsibilities.