Information Security Officer at Elevations Credit Union
When joining Elevations, you can expect to work for a company that:
- Provides amazing experiences and creates raving fans.
- Strives to provide solutions for a better life and promises employees it will be the best place they have ever worked.
- Wins awards such as “Best Bank”, “Best Companies to Work for in Colorado” and even the “Malcolm Baldrige National Quality Award”, the only Presidential award for quality.
- Has a highly-engaged workforce and emphasizes career growth, empowerment and servant leadership.
What’s in it for you:
- Competitive pay, organization-wide incentive program, 401k matching, mortgage and auto discounts
- 4 weeks min. paid time off, work anniversary paid time off, 11 paid holidays, and 16hrs paid volunteer time off
- Medical, dental, and vision health plans with FSA or HSA options
- Onsite fitness center, Zumba and yoga classes, health fairs with biometrics screening and flu shots
- Employee Assistance Program with a variety of services
- Career development, trainings, career coaching, job shadowing, mentoring program, tuition reimbursement up to $5,000/year, and a recognition system
- Culture of excellence and continuous improvement
- We strive to be the best place you’ve ever worked!
The VP of Information Security is responsible for implementing, maintaining, and overseeing ECU’s information security program, including the governance, management, and advisement of information security efforts and strategic vision across the organization. This is hands-on, working leader role that is accountable for executing and delivering on all Information Security projects.
This position reports to the Chief Information Officer and will lead security risk assessment efforts, oversee the design, implementation and operation of controls to mitigate known risks, drive information security awareness and training programs, and reduce vulnerabilities that could create inappropriate exposure to the business or its members' data.
The candidate will work closely with the CIO, external partners, and business stakeholders to ensure the information security program follows industry best practices, adheres to all federal and state laws and regulations governing and applicable to the Credit Union, including the Bank Secrecy Act, and aligns with company stakeholder needs and expectations.
Essential Functions include:
- Performs risk assessments, sets strategy and operating model, provides program updates, and advises the CIO and CEO Council on all matters pertaining to information security and their potential impact to the business and its stakeholders.
- Responsible for the maintenance, enhancement, and monitoring of a strategic, risk management based, information security program to ensure the integrity and confidentiality of information assets across the company.
- Functions as a thought leader and change agent to the organization and provides recommendations in the analysis and discussion of security policies, standards and practices, and guides the design and acquisition of advanced security controls.
- Responsible for employee information security education and awareness.
- Evaluates security risks and provides recommendations or makes appropriate decisions while considering the business impact.
- Manages the enterprise's information security organization, consisting of direct reports and indirect reports. This includes hiring, training, staff development, performance management and annual performance reviews. Recommend staffing levels, and resources to support best practices and business operations.
- Enhances and maintains information security risk mitigation plans, including leading and coordinating security incident response in prevention, investigation, mitigation and reporting activities.
- Oversees outside consultants for independent security audits, engagements and monitoring, including regular penetration and vulnerability testing.
- Balances information security needs with the organization's strategic business plan, identifies risk factors with evolving business plans and organizational initiatives, and proposes and drives implementation of mitigating solutions.
- Exercises extreme confidentiality as the scope of work will include access to sensitive data and financial perspectives
Chief Information Officer (CIO)
Information Security Analyst(s), Network Security Engineer(s), Information Security Engineer(s)
Required Education and Experience:
- 10+ years of hands on technical experience supporting, administering, or engineering networks / firewalls, intrusion detection and analysis, authentication methods, encryption, and/or industry leading methodologies and tools
- 10+ years of demonstrated leadership experience with policy and program management
- A four year degree in Computer Science, Information Systems Management, Business Administration, Risk Management, or a related field
- Ability to lead and motivate cross-functional, interdisciplinary teams to achieve tactical and strategic goals
- Proven experience building credibility and collaborating with senior business leaders, internally and externally, and the ability to communicate technical concepts to non-technical audiences
- Strong knowledge of regulatory rules, standards and best practices that govern information security in the financial services industry, such as FFIEC/NCUA, BSA and state and federal privacy laws
- Certification as a Certified Information Security Systems Security Professional (CISSP) or Certified Information Security Manager (CISM)
- Relevant experience managing security for companies that leverage modern, industry-leading technologies, Agile methodology, and ITIL
Preferred Education and Experience:
- Experience working in the financial services industry, preferably for a credit union or bank
This job operates in an office setting and routinely uses standard office equipment
Sitting frequently, walking occasionally, use of hands frequently, hearing constantly, talking frequently, exerting up to 10 lbs. of force occasionally to lift, carry, push, pull, or move objects.
Position Type/Expected Hours of Work:
Full time / 40 hours per week
Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities and activities may change at any time with or without notice.
About Us: Elevations Credit Union is a member-owned not-for-profit financial institution serving Colorado’s Front Range. Founded in 1953, we’ve grown from 12 members and less than $100 in assets to an institution with 13 branches and more than 120,000 members that manages over $1.7 billion in assets and is the No. 1 credit union mortgage lender in Colorado. At Elevations, we’ve made a commitment to move away from a product-centered business model and focus instead on creating consumer solutions. Our objective is to provide our members, as well as the entire community, with unbiased consumer information.
EEO Statement: Elevations Credit Union is an equal opportunity employer. We do not discriminate on the basis of race, color, religion, marital status, age, national origin, ancestry, physical or mental disability, medical condition, pregnancy, genetic information, gender, sexual orientation, gender identity or expression, veteran status, or any other status protected under federal, state, or local law. All aspects of employment including the decision to hire, promote, discipline, or discharge, will be based on merit, competence, performance, and business needs.
Candidates for certain positions may be required to submit to a credit history report in determining qualification for employment with Elevations Credit Union. If the position you are applying for requires a credit history report, any information received in such a report will not be the sole factor in making an employment decision. A history of personal financial irresponsibility may be reason for disqualification insofar as it relates to your potential job duties. Elevations Credit Union is aware that occasionally there are extenuating circumstances that may affect an individual's credit history. We comply with the Fair Credit Reporting Act and the Colorado Employment Opportunity Act.