The Information Security Manager is responsible for leading the
Information Security Program for Premier Members Credit Union (PMCU).
This position will assist in the development and execution of the
strategic vision for the Information Security program and roadmap.
This role will report directly to the VP of Information Technology.
The Information Security Manager will work closely with the Risk and
Compliance departments in ensuring PMCU is meeting regulatory
requirements and organizational risk tolerance. This position
maintains the role of the Information Security Officer responsible for
incident response and annual security reporting to the Board of
Directors. This position is also responsible for maintaining all
operational tasks within the Information Security portfolio including
security training, vulnerability scanning, remediation, logging,
auditing and all other security related functions.
- Assist in the establishment and implementation of the Information
Security Roadmap for PMCU.
- Leads the annual IT Risk assessment, penetration test,
vulnerability scans, and social engineering tests, synthesizes
results, and implements action plans for issue resolution.
- Educates executive management and the business on cyber risk
through reporting and presentations.
- Monitors Information Security industry trends and educates the
organization of critical information.
- Manages the Information Security Program to include policies,
procedures, and standards.
- Manages security awareness training, and new hire orientation to
ensure all levels of staff and management are well-educated
regarding Information Security practices.
- Leads the project initiatives to research, validate, and manage
Information Security vendors and products to ensure robust
detection, prevention, and monitoring tools are in place.
- Audits internal assets and systems to ensure compliance with
Information Security standards.
- Defines the Information Security plan to resolve gaps identified
from audits, risk assessments or vulnerability scans.
- Leads the day to day operations for the Information Security department.
- Leads cyber security investigations providing summaries and
recommendations to resolve incidents. Works closely with IT,
business units, and project teams to ensure that new projects meet
or exceed Information Security standards and requirements.
- Protects information assets by developing security strategies,
system access controls, monitoring, and response.
- Implements regulatory requirements, industry standards, and best
practices such as NCUA, FFIEC, GLBA, PCI DSS, NIST 800-53, and ISO
27001 ensuring the Information Security Program is held to the
- Advises executive management team on critical security issues and
recommends risk reduction solutions.
- Familiarity with secure coding best practices including DevOps and SDLC.
- Develop a team (direct or indirect reports) that is nimble enough
to build and execute Information Security solutions to support the
Organization’s strategic initiatives.
- Provide strong leadership and direction to direct
reports. Recruits and hires talented individuals to join the team
and continues to develop them to their full potential.
- Build strong relationships across business groups and with
vendors. Develop a detailed understanding of their issues,
challenges and opportunities. Ensure transparency and collaboration
between key stakeholders.
- Foster a culture of innovation, transparency and accountability.
- Manage operating budget for Information Security roadmap and initiatives.
EDUCATION AND EXPERIENCE
- Bachelor's Degree Computer Science, Network, Cyber Security or
relevant field is preferred.
- Advanced Degree/Certifications such as CISSP, CISM, CEH, and CCSP
- Banking/Credit Union experience is preferred.
- 2+ Years Leadership experience is preferred.
- Ability to maintain a high level of confidentiality.
- Working knowledge of financial service institutions and its
operations and procedures are preferred.
- Excellent management skills and the ability to prioritize multiple
initiatives and projects.
- Ability to establish strategic direction for the department and
provide the roadmap of initiatives and priorities in support of that vision.
- Experience with Cloud solutions such as AWS, GCS, or Azure.
- Ability to operate at all levels of the organization, and to both
motivate and influence others that are often in a more senior position.
- Excellent oral and written communications skills.
- Ability to manage change within the organization.
- Technically proficient in IT infrastructure and Information
Security controls and concepts.
- Demonstrate flexibility and the ability to work in a team environment.
- Demonstrated business and technical acumen, including the ability
to read, analyze and interpret reports and documentation.
- Strong interpersonal, presentation and negotiating skills.
- Exceptional people and organizational leadership, with a track
record of leading high performing teams
- Strategic thinker with strong operational and analytical skills.
- Passion for solving problems that have large impact to the
organization and our members.
- Ability to define problems, collect data, establish facts, and
draw valid conclusions.
- Works collaboratively with other teams to improve performance,
efficiency, effectiveness and growth opportunities throughout the organization
- Standard office conditions
- Low to moderate noise
- Limited lifting up to 50 lbs.
This description has been reviewed to ensure that only essential
functions and basic duties have been included. Peripheral tasks,
only incidentally related to each position, have been excluded.
Essential functions, requirements, skills, and abilities included
have been determined to be the minimal standards required to
successfully perform the positions. In no instance, however, should
the duties, responsibilities, and requirements delineated be
interpreted as all-inclusive. Additional functions and requirements
may be assigned by supervisors as deemed appropriate.
In accordance with the Americans with Disabilities Act, it is
possible that requirements may be modified to reasonably accommodate
disabled individuals. However, no accommodations will be made which
may pose serious health or safety risks to the employee or others or
which impose undue hardships on the organization.
The Credit Union believes that each employee makes a
significant contribution to our success. That contribution should
not be limited by the assigned responsibilities. Therefore, this
job description is designed to outline primary duties,
qualifications, and job scope, but not limit the incumbent. It is
our expectation that each employee will offer his/her services
wherever and whenever necessary to ensure the success of our
Job descriptions are not intended as and do not create employment
contracts. The organization maintains its status as an at-will
employer. Employees can be terminated for any reason not prohibited