VP, Information Security

It’s an exciting time to be at Hanscom Federal Credit Union! 

As a member of our Risk Department, you will join a dynamic team of dedicated individuals committed to delivering exceptional service to our members.

Who we are – Hanscom Federal Credit Union

• Members-first – our members are our top priority. We make business decisions with our members at the top of mind.
• Integrity – we’re honest and committed to doing what’s best for our members and our company. What is right isn’t the same as what is easy.
• Teamwork – we are in this together and we all benefit from our success.
• Innovation – we identify new ideas for processes or products that will lead to positive changes and take the initiative to implement the changes
• Empathy – we understand that communication starts by listening, understanding different perspectives, and caring about others’ sustained success.

What we offer

• A full-time, permanent position that will reward you through an annual bonus program.
• Medical, Dental, Vision, FSA, 401(k), Student Loan Paydown, and paid Sick and Vacation time benefits.
• We are committed to fostering career growth and development – when you join our organization it’s not just a job.
• We look to develop your skills aligned to our business needs and help you progress in your career.

Who you are – VP, Information Security  

You are a dynamic, detail oriented, intuitive person with the ability to develop relationships, build rapport and become a trusted team member.  You are able to provide everyone you assist or support with a high level of service, have strong organization and multi-tasking skills, and are searching for a rewarding career where you are valued and respected.

What you'll do

• Manages cyber security risk by analyzing assets, threats, vulnerabilities and exposures, and recommending cost-effective countermeasures to reduce the likelihood and impact of adverse occurrences.
• Monitors cyber security activities and oversees the application of specified security standards and systems. Responds to information security incidents, determining corrective action to be taken, and designing and implementing preventative measures.
• Responsible for maintaining and enforcing the Information Security Program to ensure compliance with regulatory requirements.
• Serves as primary liaison with Information Security team for the implementation of measures and controls to increase our overall security posture and the investigation and remediation of identified information security risks.
• Assesses internal control systems and policies to ensure that appropriate information access levels are maintained and tests the effectiveness of controls.
• Monitors compliance with the organization’s information security program and regulations such as Gramm-Leach-Bliley (GLBA) among employees, contractors, alliances and other third parties, and referring problems to appropriate department managers or administrators and the SVP, Risk Management
• Conducts research on emerging products, services, protocols, and standards in support of security enhancement and modernization.
• Serves as a solution driven internal information security consultant to the organization, monitoring, advising and driving advancements in information security technologies.
• Monitors changes in legislation and accreditation standards that affect information security.
• Initiates, facilitates, and promotes activities to foster information security awareness within the organization.
• Ensures that the Information Security Team adheres to company policy with respect to documentation, incident tracking, service requests, and the IT change control and release management process.
• Manages select information security projects and technical solutions.
• Chairs the Information Security Review Board.
• Performs other tasks or functions as required, requested, necessary or prudent from time to time.

Knowledge/Skills/Experience Required:

• Strong desire to work in a purpose driven organization
• Strong leadership qualities with a big picture and pragmatic approach, leading effectively through setting a vision and coaching, motivational techniques, and conflict management
• 10 to 12 years of experience in information security
• Demonstrated capability and passion for developing talent and a culture of innovation, collaboration, and engagement
• Strong delegation and team building skills with the ability to support a team and the team’s work embracing ownership, accountability, and responsibility
• Ability to establish and maintain effective working relationships at the senior management level and across all levels of the organization
• Excellent analytic, organization, presentation, and facilitation skills; ability to lead multiple tasks under tight deadlines
• Ability to prioritize workload and to work independently
• Strong decision making and problem-solving skills
• Strong written and verbal communication skills

Education/Certifications/Licenses:

• Bachelor’s degree in Computer Science, Information Security, or related field.
• CISM, CISSP, GIAC or other applicable information security certifications.