Jobs via Dice
Director Cyber and Information Security
Jobs via Dice, Winston Salem, North Carolina, United States, 27104
Truliant's mission is to improve lives by putting our members first, providing great service and straightforward financial solutions. Our core values of Member Focus, Service, Guidance, Relationships, and Community define how we interact with members to fulfill our mission of improving lives and providing a foundation on which we conduct ourselves.
Our Promise to Our Teammates: Truliant strives to provide all teammates with an enjoyable place to work where they feel valued, empowered and rewarded for all that they do.
Purpose of the Job The Director of Cyber and Information Security is responsible for developing, implementing, and overseeing comprehensive cybersecurity strategies, policies, and procedures to mitigate risks and protect against cyber threats. The leader plays a pivotal role in safeguarding our organization's digital assets and ensuring the integrity, confidentiality, and availability of sensitive information. The Director leads IT Security and IT Security Incident Response for the Credit Union and possesses a deep technical understanding of information security engineering.
This role collaborates with business stakeholders to define solution strategies and implement effective security controls that minimize risk while maintaining user productivity, fostering a culture of security awareness and resilience. The Director collaborates with senior leaders and line-of-business managers to determine acceptable residual IT risk, lead a best-in-class IT risk management team, and manage third‑party security contracts.
Essential Functions And Responsibilities
Develop and oversee the implementation of a comprehensive security architecture that aligns with organizational goals and industry best practices.
Ensure security measures are integrated into all technology deployments, including cloud services, on‑premises infrastructure, and third‑party applications.
Conduct regular security assessments and audits to identify weaknesses and recommend improvements.
Stay abreast of emerging technologies (e.g., AI, IoT) and evaluate their security implications.
Work closely with IT, application development, and network teams to ensure a unified security approach across all platforms.
Collaborate with executive leadership and key stakeholders to advocate for security initiatives and secure resources.
Define and monitor key performance indicators (KPIs) to measure the effectiveness of security programs and initiatives.
Foster continuous improvement by reviewing and updating security programs based on industry trends, emerging threats, and organizational changes.
Implement and manage access control measures to safeguard data, ensuring that only authorized personnel can access sensitive information.
Oversee compliance with data‑related regulations (NCUA, FFIEC, GLBA, PCI, etc.) and ensure legal and ethical standards are met.
Deploy and manage security information and event management (SIEM) systems and other monitoring tools.
Ensure real‑time detection and alerting of potential security incidents, conducting regular reviews of logs and alerts.
Establish and maintain an incident response plan, including protocols for containment, eradication, recovery, and lessons learned.
Lead the incident response team during security breaches, ensuring timely and effective incident response.
Conduct post‑incident reviews to analyze incidents, document findings, and implement improvements.
Regularly assess the organization’s systems and networks for vulnerabilities and recommend remediation actions.
Conduct risk assessments to evaluate the potential impact of identified threats on business operations.
Maintain detailed documentation of security policies, procedures, and incidents for accountability and compliance.
Develop and implement organization‑wide security awareness training programs for all employees.
Other Duties And Responsibilities
Departmental financial management, budgeting, and reporting.
Team development, management, and performance.
Assists with other tasks and projects as assigned.
Knowledge, Skills, And Abilities
Advanced problem‑solving and analytical skills, with the ability to assess complex security issues and develop innovative solutions.
Excellent leadership and communication skills across all levels of staff, including executives, auditors, finance, legal, IT staff, and third parties.
In‑depth knowledge of cybersecurity principles, technologies, and methodologies, and a strong understanding of regulatory requirements such as GLBA, SOX, and PCI DSS.
Deep understanding of cybersecurity frameworks (NIST, ISO, etc.).
Knowledge of regulatory agencies’ policies, procedures, and laws governing data security for financial institutions.
Strong decision‑making ability, independence, and team guidance capacity.
Strategic thinking, analytical skills, and strong leadership abilities.
Deep technical understanding of information security engineering and infrastructure operations.
Physical Requirements
Occasional standing, walking, bending, and stooping required.
Must be able to sit at a desk for long periods of time and use a computer.
Must be able to moderately lift or move up to 5 pounds and occasionally lift or move up to 10 pounds.
Education and Background
Bachelor's degree in computer science, cybersecurity, or a related field, or equivalent work‑related experience; Master’s degree preferred.
Professional security management certification (e.g., CISSP, CISM, CCSP).
Minimum of 10 years of experience in information security or a related field.
Minimum of 5 years in a leadership role managing security teams and initiatives.
Proven experience developing security strategies, risk management, and compliance.
Minimum of 10 years of demonstrated success in leadership roles in compliance, risk management, information security, IT, and OT security.
Minimum of 5 years supervising large‑scale complex projects and programs that meet excellence objectives.
Minimum of 5 years experience in extensive contract negotiations and management of third‑party IT services.
Minimum of 15 years of management experience in a technical capacity, interfacing with senior leadership, IT leaders, and external constituents.
Experience in cross‑functional collaboration and budget management.
Benefits
No‑cost employee medical, dental, and vision coverage.
Prescription benefits (including mail order).
Paid holidays and paid time off (PTO).
401(k) plan with contribution matching.
Paid community involvement volunteer hours.
Paid group life insurance.
Teammate loan discounts.
Tuition reimbursement.
Short and long‑term disability coverage.
Health & wellness program.
Teledoc (physician video conferencing).
Onsite fitness facilities or health club reimbursement.
Employee assistance program (EAP).
Medical flexible spending account.
Dependent care flexible spending account.
#J-18808-Ljbffr
Our Promise to Our Teammates: Truliant strives to provide all teammates with an enjoyable place to work where they feel valued, empowered and rewarded for all that they do.
Purpose of the Job The Director of Cyber and Information Security is responsible for developing, implementing, and overseeing comprehensive cybersecurity strategies, policies, and procedures to mitigate risks and protect against cyber threats. The leader plays a pivotal role in safeguarding our organization's digital assets and ensuring the integrity, confidentiality, and availability of sensitive information. The Director leads IT Security and IT Security Incident Response for the Credit Union and possesses a deep technical understanding of information security engineering.
This role collaborates with business stakeholders to define solution strategies and implement effective security controls that minimize risk while maintaining user productivity, fostering a culture of security awareness and resilience. The Director collaborates with senior leaders and line-of-business managers to determine acceptable residual IT risk, lead a best-in-class IT risk management team, and manage third‑party security contracts.
Essential Functions And Responsibilities
Develop and oversee the implementation of a comprehensive security architecture that aligns with organizational goals and industry best practices.
Ensure security measures are integrated into all technology deployments, including cloud services, on‑premises infrastructure, and third‑party applications.
Conduct regular security assessments and audits to identify weaknesses and recommend improvements.
Stay abreast of emerging technologies (e.g., AI, IoT) and evaluate their security implications.
Work closely with IT, application development, and network teams to ensure a unified security approach across all platforms.
Collaborate with executive leadership and key stakeholders to advocate for security initiatives and secure resources.
Define and monitor key performance indicators (KPIs) to measure the effectiveness of security programs and initiatives.
Foster continuous improvement by reviewing and updating security programs based on industry trends, emerging threats, and organizational changes.
Implement and manage access control measures to safeguard data, ensuring that only authorized personnel can access sensitive information.
Oversee compliance with data‑related regulations (NCUA, FFIEC, GLBA, PCI, etc.) and ensure legal and ethical standards are met.
Deploy and manage security information and event management (SIEM) systems and other monitoring tools.
Ensure real‑time detection and alerting of potential security incidents, conducting regular reviews of logs and alerts.
Establish and maintain an incident response plan, including protocols for containment, eradication, recovery, and lessons learned.
Lead the incident response team during security breaches, ensuring timely and effective incident response.
Conduct post‑incident reviews to analyze incidents, document findings, and implement improvements.
Regularly assess the organization’s systems and networks for vulnerabilities and recommend remediation actions.
Conduct risk assessments to evaluate the potential impact of identified threats on business operations.
Maintain detailed documentation of security policies, procedures, and incidents for accountability and compliance.
Develop and implement organization‑wide security awareness training programs for all employees.
Other Duties And Responsibilities
Departmental financial management, budgeting, and reporting.
Team development, management, and performance.
Assists with other tasks and projects as assigned.
Knowledge, Skills, And Abilities
Advanced problem‑solving and analytical skills, with the ability to assess complex security issues and develop innovative solutions.
Excellent leadership and communication skills across all levels of staff, including executives, auditors, finance, legal, IT staff, and third parties.
In‑depth knowledge of cybersecurity principles, technologies, and methodologies, and a strong understanding of regulatory requirements such as GLBA, SOX, and PCI DSS.
Deep understanding of cybersecurity frameworks (NIST, ISO, etc.).
Knowledge of regulatory agencies’ policies, procedures, and laws governing data security for financial institutions.
Strong decision‑making ability, independence, and team guidance capacity.
Strategic thinking, analytical skills, and strong leadership abilities.
Deep technical understanding of information security engineering and infrastructure operations.
Physical Requirements
Occasional standing, walking, bending, and stooping required.
Must be able to sit at a desk for long periods of time and use a computer.
Must be able to moderately lift or move up to 5 pounds and occasionally lift or move up to 10 pounds.
Education and Background
Bachelor's degree in computer science, cybersecurity, or a related field, or equivalent work‑related experience; Master’s degree preferred.
Professional security management certification (e.g., CISSP, CISM, CCSP).
Minimum of 10 years of experience in information security or a related field.
Minimum of 5 years in a leadership role managing security teams and initiatives.
Proven experience developing security strategies, risk management, and compliance.
Minimum of 10 years of demonstrated success in leadership roles in compliance, risk management, information security, IT, and OT security.
Minimum of 5 years supervising large‑scale complex projects and programs that meet excellence objectives.
Minimum of 5 years experience in extensive contract negotiations and management of third‑party IT services.
Minimum of 15 years of management experience in a technical capacity, interfacing with senior leadership, IT leaders, and external constituents.
Experience in cross‑functional collaboration and budget management.
Benefits
No‑cost employee medical, dental, and vision coverage.
Prescription benefits (including mail order).
Paid holidays and paid time off (PTO).
401(k) plan with contribution matching.
Paid community involvement volunteer hours.
Paid group life insurance.
Teammate loan discounts.
Tuition reimbursement.
Short and long‑term disability coverage.
Health & wellness program.
Teledoc (physician video conferencing).
Onsite fitness facilities or health club reimbursement.
Employee assistance program (EAP).
Medical flexible spending account.
Dependent care flexible spending account.
#J-18808-Ljbffr