Assistant Vice President Cybersecurity

Leave a Comment / 6 minutes of reading

Job title: Assistant Vice President Cybersecurity

Company: Connex Credit Union

Job description: This website uses cookies to customize and improve your experience. If you are a California resident, you may be entitled to certain rights regarding your personal information. Additional information about our data collection practices and location specific notices is available on our privacy policy.

X

Accept Cookies

This website uses cookies to customize and improve your experience. If you are a California resident, you may be entitled to certain rights regarding your personal information. Additional information about our data collection practices and location specific notices is available on our privacy policy.

X

Accept Cookies

Assistant Vice President Cybersecurity

Job Details

Job Location

North Haven HQ2 – North Haven, CT

Salary Range

$113,948.82 – $142,436.03 Salary/year

Description

Are you looking to have a positive impact on people in your community? Connex Credit Union is looking for diverse talent who are motivated to improve the financial well-being of others. We’re a company with a long and successful history where trust is important and exceptional customer service is the standard. We are committed to our employees, our members and the communities we serve. If you want to make a difference and be part of a growing, inclusive organization, join us in our mission.

Benefits:

  • Competitive compensation.
  • Medical, Dental and Vision coverage.
  • Paid time off.
  • 401K contributory plan with company match.
  • The opportunity to become involved in community outreach.

Qualifications

The Assistant Vice President of Cybersecurity is a hands-on leadership role that is responsible for the design, performance, planning, budgeting, securing, monitoring, and integration of Cybersecurity initiatives across Connex. You will play a crucial role in refining and creating processes related to the Risk Management Framework (RMF), threat/vulnerability analysis, penetration testing, and reporting exercises. Your primary objective is to enhance Connex’s cybersecurity capabilities and incident threat response processes to ensure they meet company requirements and industry standards.

As the AVP of Cybersecurity, you will be responsible for safeguarding the organization’s information systems and data assets. You will play a key role in implementing and maintaining security measures to protect against cyber threats, ensuring the confidentiality, integrity, and availability of their systems.

Essential Functions and Responsibilities: Includes the following and other duties may be assigned.

  • Deliver on cybersecurity initiatives at the credit union. Coordinates with internal teams and external vendors to ensure the cybersecurity resilience of the credit union is tested frequently.
  • Oversees audits and evaluations of the cybersecurity environment. Manages the planning, documentation, testing, integration, and execution of cybersecurity projects including annual budgeting and coordination of vendor responsibilities.
  • Stays informed about the latest security threats, technologies, trends and best practices.
  • Security Policies: Establish and enforce security policies, procedures, and guidelines to protect digital assets, sensitive trade data, and intellectual property. Design and implement security controls for networks, systems, and applications.
  • Risk Management: Assist in the development and maintenance of our Risk Management Framework (RMF) processes and documentation. Conduct regular risk assessments, vulnerability assessments and scans, and penetration tests on our infrastructure, applications, and networks to identify and address potential risks and develop risk mitigation plans to safeguard the organization against cyber threats and vulnerabilities. Be responsible for the business fraud investigation and mitigation. Analyze security controls and provide recommendations for improvements.
  • Incident Response: Proactively search for threats and vulnerabilities within our environment. Conduct incident handling and coordination, ensuring a rapid and effective response to security events. Create and maintain an effective incident response plan, ensuring timely and efficient recovery from security breaches and disruptions. Monitor security logs and respond to security incidents in a timely manner and defend our systems against cyber threats.
  • Incident Investigation and Forensics: Carry out thorough research and investigation on security incidents. Work with internal teams and external vendors to conduct research and forensics. Provide incident detection, analysis, and response, helping to improve our overall security posture.
  • Regulatory Compliance: Ensure compliance with all related regulatory bodies. Ensure that all cybersecurity activities are conducted in accordance and compliance with all regulatory and government policies, standards, and requirements.
  • Security Awareness: Develop and oversee a security awareness program to educate employees, members, and stakeholders about security awareness and best practices in cybersecurity.
  • Vendor Security: Evaluate and monitor the security practices of third-party vendors, partners, and service providers. Collaborate with the internal teams and external vendors to assess, document, and authorize information systems using the RMF.
  • Stakeholder Collaboration: Collaborate with internal and external stakeholders, such as customs authorities, shipping partners, and regulatory bodies, to ensure security standards and trade compliance. Collaborate with IT and development teams to integrate security measures into the design and implementation of systems.
  • Reporting: Provide regular reports and updates to executive management and the board of directors on the state of cybersecurity and compliance. Maintain accurate records of all activities, including findings, actions taken, and recommendations for improvement. Develop reports and documentation related to cybersecurity exercises and events.

Performance Measurements (if applicable): * Establish reasonable timeframes for completion of all projects and tasks and completes projects and tasks within that timeframe.

  • Ensure clean audits or audit resolutions within departmental service metrics.
  • Maintains service desk response(s) to departmental service metrics.
  • Ensures clean annual disaster recovery testing and responds to disasters according to departmental service metrics.
  • Oversees day to day monitoring and management of cybersecurity projects, tools, technologies and vendors and responds to incidents and issues in a timely and thorough fashion.
  • Anticipates system and network risks and assures adequate safeguards.
  • Works collaboratively and effectively with other teams and departments.

Qualifications and Requirements:

  • Bachelor’s or Master’s degree in Information Security, Computer Science, or equivalent and appropriate work experience.
  • Industry-recognized certifications, such as CISSP, CISM, or CISA.
  • Knowledge of threat/vulnerability analysis, penetration testing, and red-team/blue-team exercises.
  • Excellent communication and teamwork skills.
  • Ability to learn quickly and adapt to new technologies and methodologies.
  • Exceptional attention to detail and the ability to work accurately.
  • A collaborative mindset and willingness to work with colleagues to achieve shared goals.
  • Proven experience as an Information Security Engineer or similar role.
  • Strong knowledge of information security principles and best practices.
  • Experience with security technologies, including firewalls, IDS/IPS, antivirus, and encryption.
  • Familiarity with security frameworks and compliance standards (e.g., ISO 27001, NIST, GDPR).
  • Hands-on experience with security tools and technologies.
  • Proven experience in a leadership role in information security, with at least 5-8 years of relevant experience.
  • Strong understanding of banking/credit union operations, regulatory requirements, and financial procedures.
  • In-depth knowledge of cybersecurity technologies, tools, and best practices.
  • Exceptional communication and leadership skills.
  • Ability to adapt to a dynamic environment and make critical decisions under pressure.
  • Experience with artificial intelligence (AI) and machine learning (ML) security.
  • Experience with DevOps and security automation.
  • Experience with security awareness training and education.
  • Experience evaluating and managing cyber risk and working within industry-standard frameworks (e.g. NIST Cybersecurity Framework, CIS Top 20, NIST 800-XX, etc.)
  • Knowledgeable of methodologies such as Cyber Kill Chain and Diamond Model of Intrusion Analysis models.
  • Experience with cloud computing, networks, servers, operating systems and PCs is mandatory.
  • Experience with ATM/ITM networks is preferred.
  • Ability to solve complex analytical and/or project related problems.
  • Lifting boxes up to 50 lbs.
  • On call after hours.

Expected salary: $113948.82 – 142436.03 per year

Location: North Haven, CT

Job date: Thu, 07 Mar 2024 05:10:22 GMT

Apply for the job now!

Leave a Comment

Related Posts

Scroll to Top