STEM OPT Information Security Officer Jobs
Information Security Officer roles qualify for STEM OPT because they sit squarely within computer science, engineering, and related CIP-coded degree fields. Your 24-month STEM OPT extension gives you up to 36 months total to work for any employer enrolled in E-Verify, the federal requirement for all STEM OPT positions.
Find STEM OPT Information Security Officer JobsOverview
Showing 5 of 7+ Information Security Officer jobs
Have you applied for this role?
Have you applied for this role?
Have you applied for this role?
Have you applied for this role?
Have you applied for this role?
See all Information Security Officer Jobs
Sign up for free to unlock all listings, filter by visa type, and get alerts for new Information Security Officer roles.
Get Access To All JobsINTRODUCTION
Established in 1912, Bank of China is one of the largest banks in the world, with over $3 trillion in assets and a footprint that spans more than 60 countries and regions. Our long-term outlook, institutional weight and global breadth provide our clients with a stable and reliable financial partner, whether in Corporate or Personal Banking or our Trade Services, Commodities, Financial Institutions and Global Markets lines of business.
ROLE AND RESPONSIBILITIES
This incumbent will provide Security Operation Center services as required to fulfill the Bank's information security program requirements. This incumbent will provide real-time response and analysis to security threats across enterprise systems. In addition, this incumbent will provide support to Security Services & Cyber Defense, Governance, Compliance and Risk Management functions. This position will also manage the SOC associates and lead the team to meet expectations. This position’s schedule will rotate on a planned 8-hour shifts basis, covering 24 hours/day, 7 days/week, including overnight, weekend, and holiday.
Responsibilities
Security Operation Center:
- Execute incident response protocols for responding to and escalating incidents timely.
- Conduct initial incident response including containment, documentation, and communication.
- Conduct post-incident reporting and analysis.
- Maintain detailed and accurate records of security events and actions taken.
- Analyze security alerts and assess potential threats.
- Stay updated on current threat landscape and emerging attack techniques.
Team Management:
- Supervise a team of SOC Associates during assigned shifts, ensuring task coverage and operational readiness.
- Enforce adherence to SOC Policies, Standards and Procedures and escalate deviations or issues as needed.
- Participate in the review and improvement of incident response Policies, Standards and Procedures.
Security Services & Cyber Defense, Governance, Compliance and Risk Assessment:
- Execute Security Policies and Standards.
- Manage assigned security monitoring tools.
- Conduct vulnerability scans, patch management, Identity & Access Management, Penetration Testing, Data Privacy, Phishing and Training, Audit affairs and Risk Assessment as needed.
BASIC QUALIFICATIONS
- Bachelor’s degree in Business, Computer Science, Management Information Systems, Engineering, Mathematics, or related field is required.
- Minimum 4 years of full time work experience.
- Minimum 3 years of work experience in Information security, cybersecurity, vulnerability management, security architecture, network, security tools and computer systems administration.
- Minimum 3 years of experience in risk management.
- Good understanding of regulatory requirements including FFIEC, GLBA, NIST.
- Knowledge of Information security and cyber security best practices.
- Knowledge of systems administration such as Windows Server, Active Directory management, Firewall, UNIX system, network architectures, etc.
- Knowledge of security tools such as SIEM, DLP, XDR, EDR, Web Filter etc.
- Good understanding of protocol behaviors, validity of identified vulnerabilities.
PREFERRED QUALIFICATIONS
- CISSP/CRISC/ or IT related certifications preferred.
COMPENSATION
Actual salary is commensurate with candidate’s relevant years of experience, skillset, education and other qualifications.
USD $65,000.00 - USD $150,000.00 /Yr.
INTRODUCTION
Established in 1912, Bank of China is one of the largest banks in the world, with over $3 trillion in assets and a footprint that spans more than 60 countries and regions. Our long-term outlook, institutional weight and global breadth provide our clients with a stable and reliable financial partner, whether in Corporate or Personal Banking or our Trade Services, Commodities, Financial Institutions and Global Markets lines of business.
ROLE AND RESPONSIBILITIES
This incumbent will provide Security Operation Center services as required to fulfill the Bank's information security program requirements. This incumbent will provide real-time response and analysis to security threats across enterprise systems. In addition, this incumbent will provide support to Security Services & Cyber Defense, Governance, Compliance and Risk Management functions. This position will also manage the SOC associates and lead the team to meet expectations. This position’s schedule will rotate on a planned 8-hour shifts basis, covering 24 hours/day, 7 days/week, including overnight, weekend, and holiday.
Responsibilities
Security Operation Center:
- Execute incident response protocols for responding to and escalating incidents timely.
- Conduct initial incident response including containment, documentation, and communication.
- Conduct post-incident reporting and analysis.
- Maintain detailed and accurate records of security events and actions taken.
- Analyze security alerts and assess potential threats.
- Stay updated on current threat landscape and emerging attack techniques.
Team Management:
- Supervise a team of SOC Associates during assigned shifts, ensuring task coverage and operational readiness.
- Enforce adherence to SOC Policies, Standards and Procedures and escalate deviations or issues as needed.
- Participate in the review and improvement of incident response Policies, Standards and Procedures.
Security Services & Cyber Defense, Governance, Compliance and Risk Assessment:
- Execute Security Policies and Standards.
- Manage assigned security monitoring tools.
- Conduct vulnerability scans, patch management, Identity & Access Management, Penetration Testing, Data Privacy, Phishing and Training, Audit affairs and Risk Assessment as needed.
BASIC QUALIFICATIONS
- Bachelor’s degree in Business, Computer Science, Management Information Systems, Engineering, Mathematics, or related field is required.
- Minimum 4 years of full time work experience.
- Minimum 3 years of work experience in Information security, cybersecurity, vulnerability management, security architecture, network, security tools and computer systems administration.
- Minimum 3 years of experience in risk management.
- Good understanding of regulatory requirements including FFIEC, GLBA, NIST.
- Knowledge of Information security and cyber security best practices.
- Knowledge of systems administration such as Windows Server, Active Directory management, Firewall, UNIX system, network architectures, etc.
- Knowledge of security tools such as SIEM, DLP, XDR, EDR, Web Filter etc.
- Good understanding of protocol behaviors, validity of identified vulnerabilities.
PREFERRED QUALIFICATIONS
- CISSP/CRISC/ or IT related certifications preferred.
COMPENSATION
Actual salary is commensurate with candidate’s relevant years of experience, skillset, education and other qualifications.
USD $65,000.00 - USD $150,000.00 /Yr.
Tips for Finding STEM OPT Authorization in Information Security Officer
Verify your degree's CIP code eligibility
Check your degree's Classification of Instructional Programs code against the official STEM Designated Degree Program List that USCIS maintains. Computer science, cybersecurity, and information assurance degrees typically qualify, but general business IT degrees sometimes don't.
Confirm E-Verify enrollment before applying
Every employer hiring you on STEM OPT must be enrolled in E-Verify before your training plan is submitted. Search the E-Verify employer search tool to confirm enrollment status before investing time in an application or interview process.
Target firms with active security clearance programs
Defense contractors, federal IT consultancies, and financial institutions routinely sponsor STEM OPT holders for Information Security Officer roles because cleared positions have dedicated hiring pipelines. These employers already understand multi-step authorization processes and file I-983 training plans regularly.
Structure your I-983 around measurable security outcomes
Your DSO and employer co-sign the I-983 training plan, which must list specific learning objectives tied to your STEM degree. Frame goals around incident response metrics, vulnerability assessment cycles, or compliance frameworks rather than vague on-the-job learning.
Search Migrate Mate to filter for E-Verify employers
Use Migrate Mate to find Information Security Officer roles at employers already verified for STEM OPT hiring. The platform surfaces DOL Labor Condition Application data so you can identify which companies have active sponsorship history before you apply.
File your STEM OPT extension 90 days before OPT expires
USCIS requires your STEM OPT extension application to be submitted no earlier than 90 days before your initial OPT end date. Missing this window forces a gap in work authorization, so coordinate with your DSO and confirm your employer's I-983 signature well in advance.
Frequently Asked Questions
Does an Information Security Officer role qualify for the STEM OPT extension?
Yes, provided your underlying degree is in a qualifying STEM field such as computer science, cybersecurity, information assurance, or a related CIP-coded program on the USCIS STEM Designated Degree Program List. The role itself must also be directly related to that degree. Your DSO will verify the connection between your degree and the position when approving your I-983 training plan.
What does my employer need to do to hire me on STEM OPT as an Information Security Officer?
Your employer must be enrolled in E-Verify before your STEM OPT extension begins. They also need to co-sign your I-983 training plan, which outlines learning goals tied to your STEM degree, your supervision structure, and how the role advances your training. The employer must report any material changes to your DSO within five business days of those changes occurring.
How does the I-983 training plan apply specifically to an Information Security Officer position?
The I-983 must document how your Information Security Officer duties directly relate to your STEM degree. Effective plans for this role include objectives such as conducting vulnerability assessments, implementing security frameworks like NIST or ISO 27001, or managing incident response protocols. Generic job descriptions don't satisfy USCIS requirements, so your plan needs measurable, degree-specific learning goals that your supervisor can evaluate.
What happens to my STEM OPT authorization if my employer loses E-Verify enrollment?
If your employer's E-Verify enrollment lapses or is terminated, you're no longer authorized to work for them under STEM OPT, even if your EAD is still valid. You must either find a new E-Verify-enrolled employer or stop working immediately. USCIS treats continued employment without a compliant employer as a status violation, so monitor your employer's E-Verify status throughout your extension period.
Where can I find Information Security Officer jobs at employers set up for STEM OPT hiring?
Migrate Mate lists Information Security Officer roles at employers with documented sponsorship history, using DOL Labor Condition Application data to show which companies actively hire international students. Filtering for E-Verify-enrolled employers saves time and helps you focus applications on organizations already familiar with the I-983 training plan process and STEM OPT compliance requirements.