CISM - Certified Information Security Manager
We are seeking an Information Security Risk Manager for the Information Security Risk Management Department.
The Information Security Manager is responsible for designing, developing, and directing information security-related programs and activities to ensure excellence in compliance, protection and privacy of member information. It requires the Information Security Risk Manager to identify industry standards/guidelines and then develop and implement various policies and procedures to minimize the risk of compromise sensitive business systems. The job incumbent will continually analyze existing risk mitigation policies and security controls and communicate with management on the efficacy of these measures, suggesting ways and means for improving them. The Information Security Risk Manager will work with all employees in the Credit Union to train and create awareness in information security measures and policies outlined by the organization.
If you have ability to provide good judgment and decision making in overcoming obstacles along with strong analytical and organizational skills, you should apply right away!
Administer and monitor the Information Security Policy and objectives as approved by the Board of Directors, including strategies to monitor and address current and emerging risks
Oversee the design and execution of vulnerability assessments, penetration tests, and security audits
Ensure all Credit Human systems incorporate security best practices in design and function, including cloud and hybrid technologies
Ensure all data types are properly classed, secured and monitored according to established designs and principles
Maintain knowledge of information security tools, techniques and technologies
5+ years of experience in the field of Information Security / Cybersecurity
2-3 years of experience in Information Technology
Experience performing risk and impact assessments, along with program management
Experience developing, administering, monitoring, and testing information security programs, policies, procedures and controls
Ability to create executive-level presentations
Recent experience in financial services industry
2+ years in an audit or risk management role
Vendor management experience
Project management experience
Experience managing CapEx and OpEx budgets
Bachelor’s degree in Computer Science, Cybersecurity, Engineering, Business, Risk Management, or other related field of study
Licenses & Certifications:
CISSP, CISM, or Security+
Skills & Knowledge:
Extensive knowledge of information security and risk management
Knowledge of auditing standards and techniques
Detailed knowledge of security software and tools
Ability to develop policies and procedures which ensure information security integrity
Ability to effectively communicate information security knowledge and expertise to other professionals, regulators and credit union staff
Knowledge of forecasting and managing departmental budgets
Strong written, verbal and interpersonal communication skills
Strong analytical and organizational skills with attention to detail
Ability to prioritize and manage a variety of projects, initiatives and activities
Results oriented with a strong focus on the customer (both internal & external)
Flexibility and willingness to step in where needed to assure the success of projects and other initiatives within the organization
Ability to tailor communication style to different audiences and to exercise good judgment in frequency and nature of communications to different parties.
Ability to rapidly resolve issues and recognize when escalation is necessary
Effective time management and prioritization skills
Strong vendor management, negotiation and resolution skills
Solid technical knowledge in application architecture and design, development environments, database design and normalization, security, networking and infrastructure in general
Travel Requirements: Minimal travel
Level of Work: 3B
Credit Human provides employees with many benefits from insurance coverage to college tuition reimbursement.
Credit Human conducts employment background checks that may be used for decisions related to employment with Credit Human. Standard background checks performed on final candidates include NCUA Administrative and Prohibited Orders, ChexSystems, past employment verification, criminal history check on convictions and outstanding arrest warrants within the past seven years. Degree verifications are conducted if listed on the employment application. Additional background checks relevant to the role may include a motor vehicle registration check, credit check, and/or fingerprint card. Applicants must be currently authorized to work in the United States on a full-time basis.
About Credit Human
The Information Security Manager is accountable for the implementation, maintenance, oversight, and administration of the Information Security Policy for the Credit Human enterprise. The job incumbent will work with all employees in the Credit Union to train and create awareness in information security measures and policies outlined by the organization.