Everwise Credit Union - South Bend, IN
posted 20 days ago
Full-time - Senior
South Bend, IN
About the position
The Vice President of Information Security is a strategic leadership role responsible for developing, implementing, and overseeing the information security and cyber risk management programs at Everwise Credit Union. This position focuses on establishing a robust security posture that aligns with the organization's objectives and regulatory requirements, ensuring the safety and trust of members while protecting digital assets.
Responsibilities
- Define, execute, and sustain a forward-looking information security strategy that aligns with the credit union's vision and business objectives.
- Establish security roadmaps, budget requirements, and risk management protocols that reflect emerging threats and industry best practices.
- Oversee the assessment of information security risks and implement programs to manage and mitigate these risks proactively.
- Advise senior leadership on risk prioritization, mitigation strategies, and resource allocation for cybersecurity initiatives.
- Mentor and lead a high-performing security team, providing clear objectives, development opportunities, and alignment with organizational goals.
- Empower the team to foster a proactive security culture, instilling accountability and ownership of security practices across all levels.
- Lead the establishment of information security governance frameworks and ensure continuous adherence to regulatory requirements (SSAE16, PCI, GLBA, FFIEC).
- Collaborate with Legal, IT, HR, and other departments to develop compliance and remediation strategies.
- Develop, implement, and continuously improve business continuity and disaster recovery plans to ensure organizational resilience.
- Direct incident response planning, including team coordination, investigation methodologies, and timely reporting for internal and external stakeholders.
- Oversee deployment and management of security technologies, such as SIEM, IDPS, and EDR.
- Ensure that information security operations are optimized for effective threat detection, monitoring, and response.
- Serve as the primary advisor to the executive team, communicating risks and security initiatives in a business-centric, non-technical manner.
- Promote security awareness across the organization through training programs and frequent communication to build a security-conscious culture.
- Stay updated on emerging security trends, technologies, and regulatory changes, continuously improving security practices and adapting strategies as necessary.
- Lead initiatives that leverage new technology and innovative practices to enhance the credit union's security posture.
Requirements
- Bachelor's degree in Computer Science, Information Security, or a related field required; Master's degree preferred.
- Advanced security certification(s) (e.g., CISSP, CISM, CISA) required; additional certifications in cloud security or risk management are a plus.
- 10+ years of successful progressive experience with information security, network architecture, as well as business continuity concepts, tools, and technologies.
- 5+ years of experience with root cause analysis, risk mitigation, security assessments, analysis of security threats, trends and architecture preferred.
- 8+ years of experience leading and managing an enterprise information security program, including business system continuity planning, auditing and risk management (for information security).
- 5+ years of experience devising and implementing information security policies, procedures and methodologies to improve information security practices and business continuity capabilities throughout the organization required.
- Demonstrated experience leading and managing an Incident Response Team in the course of a rapidly evolving security incident.
- Solid understanding of regulatory compliance for SSAE16/PCI/GLBA/FFIEC through experience at a financial institution preferred.
Nice-to-haves
- Experience in cloud security or risk management certifications.
