VP, Information Security & Risk Governance Job at Local Government Federal Credit Union, Raleigh, NC

cWxId3RsZlhZaWppam03SDUzVVJEalBx
  • Local Government Federal Credit Union
  • Raleigh, NC

Job Description

CIVIC CULTURE

Our organizations believe we can all do well by doing good. We value the contributions of diverse minds and prioritize the success and well-being of our employees. We also believe every person in our organization plays a role in supporting a healthy environment and helping to achieve our goal of prosperity for all. To this end, we recruit bright, energetic, and talented people to be members of our team. In return, we offer a dynamic workplace that presents opportunities for professional advancement and individual growth. We strive to always display integrity, self-awareness, courage, and respect for one another while continuing to seek opportunities to learn. We really believe that when our employees succeed, our community wins.

ABOUT THE POSITION

The VP, Information Security and Risk Governance will build, implement, and execute the Credit Union's Information Security Program. This role will be responsible for identifying, evaluating, and monitoring the overall security risk profile across the organization by assessing the effectiveness of information security controls and processes. This person will be defining and aligning information security governance and risk strategies for the Information Security Committee and ensuring exposures to cyber risks are identified and managed at an acceptable level. The VP, Information Security and Risk Governance will serve as the Information Security Officer for the organization, driving it to achieve its cyber security objectives through the proactive evaluation and enhancement of the organization's Information Security Program, activities and controls that prevent or mitigate the impact of compliance risk.

NORMAL DAY-TO-DAY WORK

  1. Collaborate with Legal, Risk, Compliance and key business leaders to identify information management and protection laws and regulations; implement actions to ensure compliance.
  2. Identify information security regulatory, legislative, and industry specific compliance requirements.
  3. Establish annual and long-term goals for the proper maintenance and security of information across the organization, defining risk and governance strategies, metrics, and reporting mechanisms.
  4. Develop strategies and action plans to drive security maturity improvement in areas where controls do not adequately mitigate risks.
  5. Develop executive and board-level communications as it relates to the organization's cybersecurity posture.
  6. Develop, document, and assess measures, metrics, and internal controls related to the maturity of the organization's information security program.
  7. Lead the development and implementation of effective and reasonable policies and practices to secure sensitive data and ensure security and compliance with contracts, regulatory requirements, and industry standards.
  8. Develop and manage the organization's cybersecurity risk management strategy, framework and approach.
  9. Integrate cyber security risk reporting and aggregate reporting into the organization's overall enterprise risk framework.
  10. Develop and maintain a Security Risk Management Framework (SRMF) per industry standards and applicability (e.g. NIST CSF), to include but not limited to, performing an annual Security Risk Assessment.
  11. Recommend programs to enhance the overall maturity of the organization's Information Security Program and tracking of its progress.
  12. Evaluate existing information security risk monitoring metrics and tools, develop metrics and insights where appropriate, and seek to enhance the maturity of information security analytics.
  13. Monitor compliance controls and catalog risk assessments utilized by the organization as it pertains to security risk, and then evaluate those assessments for best practices and gaps.
  14. Display integrity, self-awareness, courage, and respect for staff while ensuring learning agility and flexibility communicating and delegating effectively. Work effectively, collaboratively, and creatively in a team-oriented environment both internally and externally.
  15. Take ownership for actions, decisions, and results; openly accept feedback and demonstrate both the willingness and ability to improve.

JOB QUALIFICATIONS

Here are a few skills you MUST have to be qualified for this position.

  1. Minimum 10-12 years of progressive IT, networking, server administration, auditing, investigations, strategic risk management, and/or business/management consulting.
  2. Minimum 4-6 years of experience managing cross-functional, multi-business unit projects reflective of management or leadership role.
  3. Bachelor's degree in Information Security, Information Systems, Information Technology or Computer Science.
  4. Experience building and/or growing an IT Security practice with direct hands-on technology skillsets.
  5. Ability to function in a Consumer business office environment and utilize standard office equipment including but not limited to: PC, copier, telephone, etc.
  6. Ability to lift a minimum of 25 lbs. (file boxes, computer).
  7. Travel required on occasion.

Here are a few qualities we'd LIKE for you to have to make you more suited for this position.

  1. Certified Information Systems Security Professional (CISSP) or equivalent certification.

If you have questions about this position description, please feel welcome to ask. You can reach our HR Department at:

Civic Human Resources

3600 Wake Forest Road, Raleigh, NC 27609

careers@civicfcu.org

PI4e0746dd8736-30492-35880327

Job Tags

Similar Jobs

Kettering Health Network

Medical Lab Scientist (MLS/MT/MLT) - Core Lab - Huber Heights- FT/2nd shift Job at Kettering Health Network

Kettering Health is a not-for-profit system of 13 medical centers and more than 120 outpatient facilities serving southwest Ohio. We are committed to transforming the health care experience with high-quality care for every stage of life. Our service-oriented mission...

Sanford Health

RN - Sheldon Medical Center - Part Time Job at Sanford Health

 ...patients and co-workers like family. You'll work with people who value your advancement...  ...-Great team work environment -Flexible with scheduling -Ability to build...  ...generous time off package to maintain a healthy home-work balance. For more information about... 

Glen Ellyn Park District

Park Maintenance & Forestry Assistant Job at Glen Ellyn Park District

 ...JOB SUMMARY: Under the supervision and direction of the Superintendent of Parks and the Park Forester, the Park Maintenance & Forestry Assistant is responsible for performing a variety of park maintenance duties depending on the time of year. Duties may include, general... 

LaSalle Network

Senior Director, Talent Acquisition Job at LaSalle Network

 ...healthcare technology organization that provides revenue cycle management solutions. Our client is in search of a Senior Director, Talent Acquisition. Reporting to the SVP of Talent Management & Inclusion, this individual will act as a strategic partner for leaders... 

EPITEC

Mechanical Engineer Job at EPITEC

 ...Epitec POSITION: Mechanical Engineer 4 JOB TYPE: W2, on-site, Full-time ongoing contract M-F (Core hours 8:00am-3:00pm MST...  ...thermal design utilizing software and or Excel. Converting Internally Developed Excel tools to WEB-Format Using EASA....