Information Security Program Manager
Company: NORTH COUNTRY FEDERAL CREDIT UNION
Location: South Burlington
Posted on: April 10, 2021
|
|
Job Description:
EOE Statement We are an equal employment opportunity employer.
All qualified applicants will receive consideration for employment
without regard to race, color, religion, gender, national origin,
disability status, protected veteran status or any other
characteristic protected by law. Description Data security is our
organization's top strategic priority. As one of Vermont's largest
credit unions, we are responsible for the safekeeping of the
personal and financial information of over 60,000 people who trust
and rely on the integrity of our systems, policies, and
procedures.As a leader in our organization, the ISPM will work with
others on our team to identify and protect against current and
developing threats including security breaches, attacks by
cyber-criminals, and accidental disclosures. They will be
responsible for our Information Security Program, perform security
compliance audits, and provide regular updates to executive
management and the board of directors.In addition to a clear
understanding of the challenges of information security, the ISPM
must have the ability to describe security issues to people
throughout the credit union, and work with our training staff to
promote best practices and a culture of awareness. Qualified
candidates must have at least eight years of related experience and
an appropriate master's degree. A bachelor's degree plus
professional certification may also be considered.Our employees are
the heart of our organization. We provide medical, dental and
vision insurance, paid holidays, paid time off, 401(k) with
employer contribution up to 10%, life and disability insurance,
employee training and wellness program.Role:Support the credit
union's vision of being the community's most loved financial
institution, and its mission to make people's financial dreams come
true. Contribute to a world class experience for all members and
staff, by building rapport, determining needs, and offering
creative solutions to best serve their needs. Demonstrate
professionalism and integrity and represent the credit union's core
values in all interactions.
The Information Security Program Manager (ISPM) has direct
responsibility for ensuring the credit union safeguards the
confidentiality of member information and corporate data from
security breaches, attacks by cyber-criminals, accidental
disclosure, and all other forms of disclosure to non-approved
parties. The ISPM will create and manage the company Information
Security Program which includes the security and data privacy of
NorthCountry FCU's Suite of Cloud products and services, ensure
successful completion of annual security compliance audits and will
provide regular updates on the status of the program to executive
management and the board of directors.Essential Functions &
Responsibilities:1. The development and maintenance of a
comprehensive Information Security Program that fulfills the
requirements specified by the NCUA Rules & Regulations, Part 748,
Appendix A&B.2. Annually, assess the organization's security
measures via a formal Information Security Risk Assessment (ISRA)
with a focus on identifying reasonably foreseeable internal and
external threats that could result in unauthorized disclosure,
misuse, alteration, or destruction of member information. Assess
both the likelihood of occurrence and the sufficiency of policies,
procedures, and systems in place to control the identified risks.3.
Ongoing evaluation of firewalls, anti-virus software, strength of
password controls and encryption, to identify weak points that
might make information systems vulnerable to attack.4. Carry out
simulated attacks (both technical and social) to test the
efficiency of security measures.5. Develop company-wide policies
and procedures that encourage secure working and protection of
data. Work with HR to train and test employees on best practices
for keeping information safe and promote a culture of awareness.6.
Design and advise on security controls including access controls,
access restrictions, encryption, monitoring systems, and procedures
to protect systems and information infrastructure, including
vulnerability scanners, web application scanners, SIEM and endpoint
protection applications.7. Perform ongoing service provider
oversight and periodic review to ensure contractual obligations for
protecting data are defined and are being adhered to. Ensure the
vendors' contracts clearly defines appropriate information security
controls prior to contract signing.8. Work with applicable Senior
and Executive Management to develop and maintain an incident
response plan that defines actions to be taken when the credit
union suspects or detects unauthorized individuals have gained
access to member information. Assist with investigating security
breaches and other cyber security threats and incidents.9. Provide
periodic reports to the board on 1) the status of the Information
Security Program and 2) The status of third-party vendor control
reviews. Provide periodic updates to executive management on 1) new
InfoSec threats 2) status of patch management on credit union
systems and 3) status of third-party audits, penetration tests, and
Information Security Risk Assessment (IRSA) findings.10. Develop an
understanding and working knowledge of the credit union history,
philosophy, organization, bylaws, policies, procedures and
appropriate software systems. Perform all other job-related duties
as assigned. Position Requirements Performance Measurements:1.
Analytical - The ability to observe, evaluate, summarize, and apply
meaningful data in the problem-solving process. The level of
logical reasoning necessary to connect required actions to desired
outcomes. The ability to forecast events based upon current
situations. Demonstrated skill in generating alternative solutions
to problems.2. Attention to Detail - The level at which tasks are
performed carefully, accurately, and in accordance with specific
instructions. Consistency of work quality and compliance with
standards, requirements, and expectations. The tracking of
numerical data and detailed organizational information, and the
careful application of grammar, spelling, and punctuation rules.3.
Policy Compliance - The degree to which the employee has a
knowledge of and complies with organizational policies.4.
Communication - The ability to effectively converse and listen to
others concerning company matters. The use of proper written and
grammatical skills, and the meaningful application of computer
technology [e-mail, Internet, etc.].5. Teamwork & Cooperation - The
degree to which individuals promote a collaborative, cooperative,
and productive working environment. The level of demonstrated
sensitivity, team building, support, and respect. The degree of
synergy promoted.Knowledge and Skills:Experience: Eight to ten
years of similar or related experience.Education: (1) A master's
degree, or (2) a bachelor's degree plus professional certification
(e.g. CPA).Interpersonal Skills: Work frequently involves
exercising advanced conflict resolution, giving material
presentations, and resolving issues impacting multiple departments
or divisions. Role also requires the ability to motivate or
influence others as a material part of the role, with a significant
level of diplomacy and trust. Obtaining cooperation (internally
and/or externally) is an important part of the role and a high
level of interpersonal skills is critical to the success of this
position.Other Skills:------Strong background in information
technology with a clear understanding of the challenges of
information security.
------Within 18 months of beginning the position, certification as
an Information Security Systems Professional (CISSP) or
equivalent.
------Excellent communication skills so as to build awareness and
understanding of security issues with staff, management, and the
board of directors.
------Good team working skills to develop security solutions in
collaboration with other information technology professional.
Full-Time/Part-Time Full-Time Position Information Security Program
Manager Close Date Number of Openings 1 Location South Burlington
About the Organization NorthCountry is Vermont's community credit
union for the Champlain Valley, Central Vermont, and the Northeast
Kingdom. We are proud to have been recognized as one of Vermont's
2021 "Best Places to Work", as well as having Gallup rank our
employee engagement rate at among the top 3% of businesses
worldwide! We are humbled to achieve this recognition for our
organization both locally and globally. Our vision is: To be the
community's most loved financial institution. We hold ourselves to
a very high standard to do so, by striving to offer "world class
service" in every interaction we have. NorthCountry also
contributes to the communities we serve by sponsoring local events
and offering financial donations to a variety of non-profit
organizations. Each quarter, NorthCountry also has a "Twice as
Nice" campaign where we highlight a non-profit and offer to match
the donations made by our members to that particular organization.
Our employees are encouraged to serve their communities through
volunteer work for a non-profit of their choice. This volunteer
time can happen during business hours, and up to 8 hours per year
is paid. NorthCountry's mission is: To make dreams come true for
all by offering personalized financial solutions. As a cooperative,
we are inspired and empowered to do the right thing for our members
and employees. We aspire to make these dreams come true by
encouraging all of our employees to live our core values. Our core
values being the 3 C's: Confident, Caring, and Creative. We believe
that when our staff truly embody these 3 C's, we are able to make a
tremendous difference in the lives of our members as well as our
own. This positive impact in communities close to home, as well as
those afar, is what inspires each of us to come to work each day.
This position is currently accepting applications. Member Advocate
2 (Call Center Rep) in South Burlington, VT
Posted on: 3/3/2021
[Apply Now]
Keywords: NORTH COUNTRY FEDERAL CREDIT UNION, New England , Information Security Program Manager, Executive , South Burlington, Northeast
Click
here to apply!
|
Didn't find what you're looking for? Search again!
Other Executive JobsFacilities Technician Description: bull Maintain parts cleaning production equipment and facilities equipment in accordance with maintenance schedules, maintenance and repair manuals and production planning. br Company: Location: Scarborough Posted on: 04/22/2021 Assistant Store Manager Description: DescriptionStaples is focused on our customer and our community. As a Retail Sales Manager aka Assistant Store Manager , you will make an impact driving sales in Staples retail, technical services portfolio (more...) Company: Staples Location: Bennington Posted on: 04/22/2021 Entrepreneurial CFO Description: Tired of looking for another CFO job Increase your happiness, income flexibility here. Apply to become a B2B CFO Partner and get the support to reach your goals B2B CFO helps experienced financial (more...) Company: B2B CFO Location: South Portland Posted on: 04/22/2021 Director, Medical Safety, Therapeutic Area Oncology Description: Description: We at Boehringer Ingelheim Medicine share one vision : to turn patient-focused innovations into life-changing treatments. We focus on driving medical innovation, combining scientific and (more...) Company: Boehringer Ingelheim Location: Ridgefield Posted on: 04/22/2021 Urgent Care Practice Manager Description: ClearChoiceMD is searching for a Practice Manager for our growing Berlin, VT location. The Practice Manager is a clinical member of the team first and foremost, all candidates MUST have clinical experience (more...) Company: ClearChoiceMD Urgent Care Location: Brattleboro Posted on: 04/22/2021 QUALITY Description: QUALITY br br Adecco is currently assisting our local clients seeking an experienced with QUALITY for a small but rapidly growing company in the Newtown, CT, area. Quality candidates will be responsible (more...) Company: Location: Newtown Posted on: 04/22/2021 Behavioral Health Medical Director Needed Near Bloomfield, CT Description: Physician/MD qualifications required A regional community health center covering a thirty seven town rural region in eastern Connecticut is looking Company: Hayman Daugherty Assoc Location: Bloomfield Posted on: 04/22/2021 Senior Project Manager- Wealth management technologies Description: Job Description - Senior Project Manager- Wealth management technologiesOur client is a boutique financial services firm that s upports the performance-reporting requirements of Family Offices, Wealth (more...) Company: Infinity Consulting Solutions Location: Darien Posted on: 04/22/2021 Assistant Store Manager Description: DescriptionStaples is focused on our customer and our community. As a Retail Sales Manager aka Assistant Store Manager , you will make an impact driving sales in Staples retail, technical services portfolio (more...) Company: Staples Location: Williston Posted on: 04/22/2021 Project Manager Description: Years of experience 8-14 years Overview of Job Opportunity Good to have AD skills AD domain migration experience and good Project, Client and Resource Management skills Overall Governance Service Management, (more...) Company: Microland Limited Location: Farmington Posted on: 04/22/2021 |