4033 Director Information Security

  • Full-Time
  • Biloxi, MS
  • Keesler Federal Credit Union
  • Posted 3 years ago – Accepting applications
Job Description

Keesler Federal Credit Union team members enjoy competitive salaries and a wide range of benefits, some of which include:

  • Medical, dental, and vision insurance
  • Section 125 Flexible Spending Accounts for Health Care and Dependent Care expenses
  • Employee and Dependent Life Insurance
  • 401(k) Retirement Plan with 100% match on the first 5% contributed by you
  • Paid Leave
  • Tuition Reimbursement
  • Short Term & Long Term Disability Benefits

Position: Director of Information Security

Department: Information Technology

Reports To: Sr. Vice President/Chief Information Officer

FLSA: Exempt

SUMMARY

The Director of Information Security provides the management necessary to ensure the confidentiality, integrity, and availability of electronic information by communicating risk to senior management, creating and maintaining enforceable policies and supporting processes, and ensuring compliance with regulatory requirements. To support these activities, the Director coordinates activities with other departments, including the evaluation, procurement, and deployment of security-related products and develops and coordinates information security awareness and education programs.

Directly collaborates with Information Technology Management for responding to security incidents, establishing security standards, defining controls, managing security technologies, and directing the development and implementation of the enterprise-wide cyber-security program. Works with minimal supervision, manages own time effectively, maintains control over all current projects/responsibilities. Follows up on all relevant issues.

SUPERVISORY RESPONSIBILITIES

Directly supervises and oversees the activities of the Information Security team; including but not limited to interviewing, selecting, and hiring team members; planning, assigning, and directing work; appraising performance; coaching, counseling, rewarding and disciplining team members.

ESSENTIAL FUNCTIONS

  • Creates information security strategies, both short-term and long-range, in support of the credit union’s goals.
  • Directs an ongoing, proactive risk assessment program for all new and existing systems and remains familiar with the credit union’s goals and business processes so effective controls can be put in place for those areas presenting the greatest information security risk.
  • Communicates risks and recommendations to mitigate risks to senior management by communicating in non-technical, cost/benefit terms and in a format relevant to senior managers so decisions can be made to ensure the security of information systems and information entrusted to the credit union.
  • Ensures that disaster recovery and emergency operating procedures are in place and tested on a regular basis. Responsible for the management of the business continuation plan, and all associated activities.
  • Assists with the initiation of proactive and corrective measures when a security incident or vulnerability is identified; ensures security incidents are handled in accordance with established procedures.
  • Ensures effective staff training programs are in place to increase security awareness across Keesler Federal Credit Union.
  • Maintains up-to-date knowledge of the Information Technology security industry including new or improved security processes and industry trends for changes in physical and cybersecurity challenges. Provide guidance and make recommendations to Senior Management with regard to information security related items.
  • Manages the enterprise system logging program, develops controls for system monitoring and alerting, interprets the log activities and develops plans for remediation efforts.
  • Works closely with the Systems Security Engineer, as well System and Network Engineers to ensure the enterprise security architecture is well documented.
  • Manages and performs security access control reviews, policy compliance and regulatory compliance reviews within the IT Department.
  • Responsible for integration of acquired or developed cybersecurity/compliance technology solutions to maximize synergies across all applications.
  • Assists in collecting documentation from IT and business departments in preparation for NCUA and external audit annual examinations.
  • Uses Integrity Coaching skills to routinely and effectively coach staff to meet personal, departmental, and organizational goals, including documenting and tracking progress and results.
  • Responsible for compliance with all Federal regulations including Bank Secrecy Act (BSA) and Office of Foreign Assets Control (OFAC)
  • All other duties and responsibilities assigned.
  • Utilizes The Member Advantage AIDINC system to identify potential member (internal or external) service needs which can be met through the sale of credit union products and services, or adherence to the department’s policy and procedures

KNOWLEDGE AND SKILLS

To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skills and/or abilities required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

Education:

  • Bachelor’s Degree preferred in the field of computer science, information science, management information systems, information security, or engineering.

Experience and Other Requirements:

  • Minimum of Five years of information security related work experience, preferably with a financial institution.
  • One to Three years supervisory experience required.
  • Demonstrate an in-depth knowledge of Information Security risk and industry best practices.
  • Must possess excellent communication skills, verbal and written, where tact, persuasiveness, discretion, accuracy and clarity are essential.
  • If necessary, work flexible hours including evenings and weekends as the job demands and travel as required.
  • Must possess independent judgment and decision-making skills required to analyze complicated factual situations, apply technical principles and develop solutions.
  • Comprehensive knowledge of Credit Union policies and procedures, computer networks, familiar with industry frameworks such as NCUA Part 748, and with network vulnerability testing tools and utilities, FFIEC requirements and best practices.
  • On-going ability to keep abreast of changing regulations, policies and procedures that may affect the Information Technology security program.
  • Technical knowledge in the areas of user access reviews and privileges, audit and logging, and change management.
  • High level of accuracy and attention to detail.
  • Must be able to perform all functions independently, exercise excellent organizational skills and be able to multitask, analyze and make decisions in a fast-paced environment with minimal supervision.

Computer Skills:

  • Extensive use of personal PC, with exceptional knowledge of applicable software programs required.
  • Experience with e-mail software and use of the Internet required.

Interpersonal Skills:

A significant level of trust and diplomacy is required in addition to normal courtesy and tact. Work involves extensive personal contact with others and is usually of a personal or sensitive nature. Work may involve motivating, influencing or training others. Outside contacts become important and fostering sound relationships with other entities (companies and/or individuals) becomes necessary and often requires the ability to influence and/or sell ideas or services to others.

Certificates, Licenses and Registrations:

Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM) or equivalent is preferred.

PHYSICAL DEMANDS

The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

While performing the duties of this job, the employee is regularly required to sit, kneel, stoop, and crouch; use hands to finger, handle or feel; reach with hands and arms; and talk or hear. The employee is frequently required to stand and walk. The employee is required to lift and/or move up to 10 pounds.

WORK ENVIRONMENT

The work environment characteristics described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

Extensive use of desktop computer is required. When working in computer operations area and other secured areas, elevated noise levels are present. Else, the noise level is that of a normal office environment.

DECLARATION

The human resources department retains the sole rights and discretion to make changes to this job description.

Apply to this Job