Centra Credit Union
Overview
Centra has an exciting opportunity for a Vice President (VP) Information Security Officer in Columbus, Indiana. This position is responsible for the strategic planning, execution, and oversight of the Credit Union’s information security and cyber risk program. Responsible for building and sustaining a comprehensive information security program that supports the Credit Union’s strategic goals, aligns with regulatory requirements, and is within the Credit Union’s risk tolerance. Key responsibilities include assessing cyber risk, overseeing threat intelligence programs, incident response processes, and promoting a culture of cybersecurity awareness across the Credit Union. This position has the critical responsibility of safeguarding sensitive information and ensuring the integrity, security, and resilience of the Credit Union’s information systems and digital assets.
Spanish/English interpreters may be eligible for an interpreting differential.
Essential Functions
Leads the development, implementation, and maintenance of the organization’s information security program, ensuring adherence to federal and state regulations (NIST, PCI, GLBA, FFIEC).
Defines, leads and sustains a forward-looking information security strategy that aligns with the Credit Union’s vision and business strategy. Establish security roadmaps, budget requirements, and risk management protocols that reflect emerging threats and ensure industry best practices. Administers and manages information security policies and procedures including regular, routine audits and assessments.
Utilizes vendors for audits, engagements and monitoring, penetration and vulnerability testing needs. Oversee third-party providers to ensure the implementation of appropriate security measures. Review and evaluate partner connections, independent audit reports, vulnerability assessments, and security programs to ensure compliance with internal standards.
Assesses information security risks and implements programs to manage and mitigate these risks proactively. Conducts risk assessments, communicates trends in information security risks to senior management, and provides actionable insights to mitigate risks and improve the organization's information security posture. Serves as subject matter expert and advisor for risk prioritization, mitigation strategies, and resource allocation for cybersecurity initiatives. Communicates risks and information security initiatives in a business-centric, non-technical manner.
Promotes information security risk and threat awareness across the credit union through training programs and frequent communication to build an information security-conscious culture and collaborates to ensure lines of businesses, projects, and products to create secure business practices.
Leads incident response planning, including team coordination, investigation methodologies, testing, and timely reporting for internal and external stakeholders. Leads and collaborates with Incident Response Team during a rapidly evolving incident where crisis management is required. Responsible for investigation of information security incidents, identifying root cause, triage containment, remediation, recovery and prevention of recurrence.
Provides subject matter expertise and direction to IT department for overseeing deployment and management of information security technologies, such as by working with information security vendors or software. Ensures that information security operations are optimized for effective threat detection, monitoring, and response.
Monitors, researches, and seeks knowledge of IT advancements, information security trends, emerging technologies, and regulatory changes that can impact Centra, Team Members, and Members. Leads initiatives that leverage new technology and improved practices to enhance the credit union’s information security posture, aligning with Centra’s risk appetite and is evergreen to evolving information security needs and practices.
Collaborates with VP Network Infrastructure to ensure strategic information security plans and programs are implemented and working effectively with the enterprise-wide network and systems and determines vulnerabilities. Collaborates with IT, Risk Management, and Compliance to integrate information security into business processes, addressing common security challenges.
Administers and continuously improves business continuity and disaster recovery plans to ensure organizational resilience.
Liaisons with BSA Officer to ensure compliance with BSA requirements.
Demonstrates leadership and impact while continuously demonstrating and cultivating Centra’s Vision, Mission, Culture, and Core Values.
Education & Experience
Bachelor’s Degree in Computer Science, Information Security or a related field.
Five to 8 years of similar or related experience, including preparatory expertise.
Centra is an Equal Opportunity Employer.
#J-18808-Ljbffr
Spanish/English interpreters may be eligible for an interpreting differential.
Essential Functions
Leads the development, implementation, and maintenance of the organization’s information security program, ensuring adherence to federal and state regulations (NIST, PCI, GLBA, FFIEC).
Defines, leads and sustains a forward-looking information security strategy that aligns with the Credit Union’s vision and business strategy. Establish security roadmaps, budget requirements, and risk management protocols that reflect emerging threats and ensure industry best practices. Administers and manages information security policies and procedures including regular, routine audits and assessments.
Utilizes vendors for audits, engagements and monitoring, penetration and vulnerability testing needs. Oversee third-party providers to ensure the implementation of appropriate security measures. Review and evaluate partner connections, independent audit reports, vulnerability assessments, and security programs to ensure compliance with internal standards.
Assesses information security risks and implements programs to manage and mitigate these risks proactively. Conducts risk assessments, communicates trends in information security risks to senior management, and provides actionable insights to mitigate risks and improve the organization's information security posture. Serves as subject matter expert and advisor for risk prioritization, mitigation strategies, and resource allocation for cybersecurity initiatives. Communicates risks and information security initiatives in a business-centric, non-technical manner.
Promotes information security risk and threat awareness across the credit union through training programs and frequent communication to build an information security-conscious culture and collaborates to ensure lines of businesses, projects, and products to create secure business practices.
Leads incident response planning, including team coordination, investigation methodologies, testing, and timely reporting for internal and external stakeholders. Leads and collaborates with Incident Response Team during a rapidly evolving incident where crisis management is required. Responsible for investigation of information security incidents, identifying root cause, triage containment, remediation, recovery and prevention of recurrence.
Provides subject matter expertise and direction to IT department for overseeing deployment and management of information security technologies, such as by working with information security vendors or software. Ensures that information security operations are optimized for effective threat detection, monitoring, and response.
Monitors, researches, and seeks knowledge of IT advancements, information security trends, emerging technologies, and regulatory changes that can impact Centra, Team Members, and Members. Leads initiatives that leverage new technology and improved practices to enhance the credit union’s information security posture, aligning with Centra’s risk appetite and is evergreen to evolving information security needs and practices.
Collaborates with VP Network Infrastructure to ensure strategic information security plans and programs are implemented and working effectively with the enterprise-wide network and systems and determines vulnerabilities. Collaborates with IT, Risk Management, and Compliance to integrate information security into business processes, addressing common security challenges.
Administers and continuously improves business continuity and disaster recovery plans to ensure organizational resilience.
Liaisons with BSA Officer to ensure compliance with BSA requirements.
Demonstrates leadership and impact while continuously demonstrating and cultivating Centra’s Vision, Mission, Culture, and Core Values.
Education & Experience
Bachelor’s Degree in Computer Science, Information Security or a related field.
Five to 8 years of similar or related experience, including preparatory expertise.
Centra is an Equal Opportunity Employer.
#J-18808-Ljbffr