About Patelco Credit UnionPatelco Credit Union is a not-for-profit credit union with a purpose to build financial health and wellbeing for our members. Since 1936, Patelco has grown from $500 in assets to over $9 billion in assets and is the 7th largest credit union in California with branches throughout Northern California. We are here for our members throughout all their stages of life. Meeting them with the products and services to help them plan purposefully for their futures and to secure our life-long partnership as their trusted financial advocate. As one team, we are all committed to delivering service, empowering financial literacy, creating products, and providing new technology for our members. We believe that work should be rewarding, challenging, and enjoyable. We’re dedicated to creating a positive and supportive culture where our team members can thrive. If you’re looking to use your skills and knowledge to make a difference in our members’ lives, Patelco could be the perfect fit for you.OverviewThe Vice President, Information Security Officer works under the guidance of the Chief Risk Officer and coordinates closely with the Risk Management team. Acting as thought leader in the area of information and cyber security and risk management, the role establishes and monitors the credit union’s information strategy and program to ensure that all company and member information assets are adequately protected. As a senior leader, this role works in a collaborative environment with Management and other department leaders and fosters a culture of teamwork in recommending information security investments which mitigate risks, strengthen defenses, and reduce vulnerabilities for internal and client facing systems and products.The VP is responsible for developing and reviewing cybersecurity control frameworks, defining KRIs and metrics, creating risk assessments, and testing and reviewing conformance. The VP tracks the actions of the first line of defense and analyzes the impact of those actions to determine their effectiveness in mitigating cyber risks and ensuring that risks are actively monitored and appropriately managed. In accordance with compliance and regulatory requirementsResponsibilitiesLead the technology risk strategy and provide guidance and requirements to technology partners to enable the achievement of technology and security risk objectives Develop and maintain cybersecurity risk assessment framework and methodologies.Partner with first line operational teams to provide guidance and oversight. Provide effective 2nd Line challenge to Technology risk owners, including third party technology providers. Establish and enforce cybersecurity policies, standards, and guidelines in alignment with industry and regulatory standards and collaborate with first line of defense to ensure compliance and adherence to policies.Conduct independent audits of cybersecurity processes and controls. Develop key risk indicators, dashboards, and reports to measure and monitor risks and threats. Provide regular reporting to senior leadership, ARC committee, and board of directors on risk posture and control effectiveness. Provide independent oversight during cybersecurity incidents to ensure proper response and recovery measures. Oversee evaluations of third-party vendors to ensure practices align with organizational standards. Support risk training and education regarding the enterprise risk framework working with other risk areas; assist with development and rollout of contentMaintain awareness of changing and emerging information security and cyber security threats and provide subject matter expertise to executive management on a broad range of information security topics and standards. Provide support and security-related information as needed to business unit stakeholders.Facilitate audits and examinations by regulatory agencies. Create risk mitigation plans for audit findings and track the plans to completion.Work directly with business units to facilitate IT risk analysis and risk management processes; identify acceptable levels of risk and establish roles and responsibilities with regard to information classification and protection.Possess strong technical writing and verbal communication skills.Must be an intelligent, articulate, and persuasive leader who can serve as an effective member of the senior management team and who is able to communicate security-related concepts to a broad range of technical and non-technical staff.Requires strong analytical skills and experience creating an enterprise security strategy.Demonstrated ability to maintain effective working relationships with corporate and business unit stakeholders.Considerable experience as a team leader: supervising teams to create an atmosphere of trust; seeking diverse views to encourage improvement and innovation.Maintain up-to-date knowledge and intelligence of the threat environment, such as groups or organizations that could affect the organization’s security.Understand and comply with all applicable federal and state laws and banking regulations (including those related to OFAC and Bank Secrecy Act / Anti-Money Laundering compliance) and Patelco Credit Union's policies and procedures. QualificationsB.S. Degree in Computer Science, Management Information Systems, or a related technical/business discipline is required.15 years progressively responsible experience with information security, or an equivalent combination of education and relevant experience.7+ years of relevant experience in Technology Risk Management, or IT Audit or other similar risk consulting or internal control functions, with experience designing, implementing, and managing complex risk programs and leading team members and stakeholders on the continued use and management of such programsExperienced in implementation of compliance standards, privacy laws and financial regulations into technology and business processes Information security certification required: Certified Information Security Manager (CISM), Certified Information Systems Security Professional (CISSP).Extensive experience performing information security risk assessments, network penetration testing and vendor risk assessments. Detailed understanding and experience designing and implementing defense in depth strategies and how security controls are deployed to achieve this.Strong experience in conducting vendor information security risk assessments.Extensive understanding of information security regulations and standards including: NCUA, GLBA and CCPA, PCI, FFIEC, and NIST 800 / ISO 27000.Experience working in a regulated environment and responding to inquiries and findings of regulators and auditors. Working knowledge of National Credit Union Administration (NCUA) or equivalent regulations, California Credit Union Law and Rules and Regulations, and other applicable federal and state laws and regulations.Strong skills in network architecture design, network infrastructure technologies and network protocols.Excellent ability to communicate, both verbally and in writing; ability to tolerate long periods of continuous sitting.This position is based out of the Dublin headquarters office.Ability to operate standard business machines such as computer, printer, and telephone systems.Ability to function and lead effectively in occasional high-pressure, high-stress, time-constrained environments, and/or tolerate long work periods and unusual work hours, such as when responding to incidents and events. Work is primarily performed within an enclosed office setting and occasional business travel may be required. Subject to standard background noise found in an office environment, and occasional high background noise found in a data center environment. Travel is occasionally required to distant sites and conference locations nationwide.Target Base Pay$250,000-270,000/yearCompensation at PatelcoPlease note that the salary information is a general guideline only. Patelco Credit Union considers factors such as (but not limited to) scope and responsibilities of the position, candidate's work experience, education/training, key skills, internal peer equity, as well as market and business considerations when extending an offer. We offer a competitive total rewards package including a wide range of medical, dental, vision, financial, and other benefits.We OfferPhysical Health: Exceptional Medical, Dental, Vision, and Life Insurance benefits Onsite fitness center at HQ and rewards for completing wellness related activities Financial Health: Competitive compensation packages with bonus opportunity401(k) with 3% Safe Harbor and 5% employer matchDiscounts on loan productsTuition reimbursement Emotional Health: Employee Assistance Program (EAP) PTO for part-time and full-time positions Paid holidays Personal Development: On-the-job training and skills developmentInternal transfer opportunities for career growth Volunteer work Flexible work arrangements available for specific positions Patelco Credit Union is an Equal Opportunity Employer including individuals with disabilities and protected veteransIND123Job type: FULL TIMECategories: Technology Patelco Credit Union
