Apply on Employer Site

Centra Credit Union · 2 months ago

VP Information Security Officer

Columbus, Indiana, United States

Full-time

Onsite

Mid, Senior Level

5+ years exp

Centra Credit Union is ranked among the top five largest credit unions in Indiana and is seeking a Vice President (VP) Information Security Officer. This role is responsible for the strategic planning, execution, and oversight of the Credit Union’s information security and cyber risk program, ensuring the integrity and security of sensitive information.

BankingFinanceFinancial Services

Culture & Values

Responsibilities

Leads the development, implementation, and maintenance of the organization’s information security program, ensuring adherence to federal and state regulations (NIST, PCI, GLBA, FFIEC)

Defines, leads and sustains a forward-looking information security strategy that aligns with the Credit Union’s vision and business strategy. Establish security roadmaps, budget requirements, and risk management protocols that reflect emerging threats and ensure industry best practices. Administers and manages information security policies and procedures including regular, routine audits and assessments

Utilizes vendors for audits, engagements and monitoring, penetration and vulnerability testing needs. Oversee third-party providers to ensure the implementation of appropriate security measures. Review and evaluate partner connections, independent audit reports, vulnerability assessments, and security programs to ensure compliance with internal standards

Assesses information security risks and implements programs to manage and mitigate these risks proactively. Conducts risk assessments, communicates trends in information security risks to senior management, and provides actionable insights to mitigate risks and improve the organization's information security posture. Serves as subject matter expert and advisor for risk prioritization, mitigation strategies, and resource allocation for cybersecurity initiatives. Communicates risks and information security initiatives in a business-centric, non-technical manner

Promotes information security risk and threat awareness across the credit union through training programs and frequent communication to build an information security-conscious culture and collaborates to ensure lines of businesses, projects, and products to create secure business practices

Leads incident response planning, including team coordination, investigation methodologies, testing, and timely reporting for internal and external stakeholders. Leads and collaborates with Incident Response Team during a rapidly evolving incident where crisis management is required. Responsible for investigation of information security incidents, identifying root cause, triage containment, remediation, recovery and prevention of recurrence

Provides subject matter expertise and direction to IT department for overseeing deployment and management of information security technologies, such as by working with information security vendors or software. Ensures that information security operations are optimized for effective threat detection, monitoring, and response

Monitors, researches, and seeks knowledge of IT advancements, information security trends, emerging technologies, and regulatory changes that can impact Centra, Team Members, and Members. Leads initiatives that leverage new technology and improved practices to enhance the credit union’s information security posture, aligning with Centra’s risk appetite and is evergreen to evolving information security needs and practices

Collaborates with VP Network Infrastructure to ensure strategic information security plans and programs are implemented and working effectively with the enterprise-wide network and systems and determines vulnerabilities. Collaborates with IT, Risk Management, and Compliance to integrate information security into business processes, addressing common security challenges

Administers and continuously improves business continuity and disaster recovery plans to ensure organizational resilience

Liaisons with BSA Officer to ensure compliance with BSA requirements

Demonstrates leadership and impact while continuously demonstrating and cultivating Centra’s Vision, Mission, Culture, and Core Values

Qualification

Information Security ProgramCyber Risk ManagementIncident Response PlanningRisk AssessmentNIST CompliancePCI ComplianceGLBA ComplianceFFIEC ComplianceTraining DevelopmentLeadershipCommunication SkillsTeam Collaboration