Join a winning team at Millbury Federal Credit Union

At Millbury Federal Credit Union [MCU], our members count on us for excellence in service. We treat our employees right, so they can offer the best possible service and enjoy a lasting and successful career.

MCU is currently searching for an Information Security Officer (ISO). The ISO is responsible for developing and maintaining the Credit Union’s information security program to ensure the confidentiality, integrity, and availability of our corporate and customer data. The ISO works across the organization and with our security partners (auditors, security management platform providers) to assess and manage risk, ensure compliance, promote proper governance, and continually optimize our information security program.

Location: Millbury, MA ~ Schedule: Full-time, 8:30am – 5pm Monday-Friday

Essential Functions and Activities:

Information Security Program

• Oversee the development, implementation, and maintenance of an Information Security Program.
• Develop and implement information security strategies, policies, standards, procedures, and access controls that align with business objectives, regulatory requirements, and best practices.
• Communicate information and cybersecurity requirements and best practices across the Credit Union to gain users’ understanding and compliance, including such activities as training, education, and testing.
• Develop and implement the Credit Union’s Information Security Testing Plan of all critical security controls.
• Coordinate and contribute to GLBA required reporting on the status of the Information Security Program to the Board of Directors, Senior Management, and other stakeholders.
• Liaise with external partners, agencies, and peers to maintain an awareness of trends and alerts, and ensuring that the we maintain a strong, proactive security stance.
• Coordinate and contribute to the IT Steering Committee as a crucial member.

Risk Assessment

• Lead the identification and evaluation of cyber security threats, risks, vulnerabilities, and processes to determine the risk to our data, applications, and systems.
• Work with Audit, IT team members and vendors to prepare for and engage in audits and examinations.
• Coordinate or conduct the required activities of the Information Security Testing Plan, such as the FFIEC cybersecurity assessment, IT risk assessment and other required risk and vulnerability assessments.
• Understand our wide and local-area network infrastructure along with our security operations capabilities, and monitor and manage security events, alerts, and logs, including a periodic review of firewall rules and exceptions.
• Understand, review, and enhance data management and data classification used within the organization.
• Stays up to date on developments in IT security, standards and threats, including participating in trade groups and conferences as needed.

Risk Management

• Manage the tracking and resolution of internal audit and examination findings related to IT, information security and risk.
• Monitor information security trends, threats, and developments and coordinating organizational efforts in response or reaction to those trends and threats.
• Collaborate with business units to provide input and help steer ongoing program improvements, strategic direction, and continuous information security improvement measures.
• Maintain and effectively utilize the Credit Union’s Risk Management Software Solutions to remediate issues and mitigate risk.
• Performs related and unrelated duties as may be required

Cognitive Requirements:

High levels of cognitive abilities are necessary to perform this job. Includes, but is not limited to: advise, counsel, communicate thoughts clearly (in writing and verbally), detect detail, diagnose problems, teach, interpret, use judgement, remember short- and long-term information, research, organize and prioritize.

Physical Requirements:

The physical demands are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform essential functions.

Knowledge and Experience:

• 5 years of proven experience in information security, risk, and/or audit areas in a financial institution
• Bachelor’s degree and relevant information security certification preferred (CISM, CISSP, Security )
• Strong understanding of security frameworks (GLBA, FFIEC, NIST), standards and best practices
• Demonstrated knowledge of financial institution operations, technology applications, and security technologies and tools
• Strong problem-solving and decision-making abilities
• Effective communicator, relationship builder, and advocate for sound risk mitigation practice
• Strong organizational skills

Working at Millbury Federal Credit Union

MCU places strong emphasis on providing quality service to our members and you! MCU offers a family - friendly working environment and outstanding benefits which include competitive salary, vacation, sick and personal paid time off, health, dental, vision, life and disability insurance as well as tuition assistance and 401(k) retirement plan. We offer a respectful and inclusive workplace where everyone is given the opportunity for personal and professional growth.

We are an equal opportunity employer, and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status, or any other characteristic protected by law.

To express interest in and be considered for a position, please provide your background information and work experience by completing the online employment application and attaching your resume & cover letter. Website: www.millburycu.com

EEO / AA Employer