|Location||San Antonio, TX|
|Preferred GIAC Certifications||GISP, GSLC|
|Contact Name||Callie R.|
The VP of Information Security will focus on the design, promotion and maintenance of the credit union's information security program. The Vice President will participate in risk management activities including the assessment, selection, implementation and monitoring of security controls supporting confidentiality, integrity and resilience of data, systems and business processes.
Essential Functions & Responsibilities:
Maintain a proactive, agile information security program supporting risk awareness, mitigation implementation and compliance requirements.
Formulate a risk aware information security strategy working with other leadership to ensure enterprise information security needs are accounted for in head count and capital expense requests.
Act as the credit union's focal point for cyber risk awareness, providing guidance and relevant input during assessments of proposed changes in operations, products, services and third party relationships.
Ensure the maintenance and testing of the credit union's disaster recovery program.
Report identified control gaps along with proposed resolutions and time lines to the CIO and credit union committees when appropriate.
Provide leadership and direction to assigned staff in the areas of IT security operations and disaster recovery.
All other duties as assigned (note: essential functions and responsibilities may change or new ones may be assigned at any time with or without notice).
5+ years previous hands-on working experience within Information Security.
1-3 years held in a Security Program Management role.
Demonstrable experience planning and executing information security strategy in a regulated industry.
Experience in control evaluation and implementation including technical and non-technical control areas.
Experience supporting security efforts within agile application development teams.
Experience planning, implementing and exercising system and process resiliency.
Extensive comfort level communicating in person, in public, and with various levels of technical and non-technical management and staff.
Strong writing skills necessary for devising corporate policy and procedure.
ISC2 CISSP or similar information security leadership certification.
All qualified applicants will receive consideration for employment without regard to race, color, sex, sexual orientation, gender identity, religion, national origin, disability, veteran status, or other legally protected status