Vice President Information Security & Data Privacy

Lensa is a career site that helps job seekers find great jobs in the US. We are not a staffing firm or agency. Lensa does not hire directly for these jobs, but promotes jobs on LinkedIn on behalf of its direct clients, recruitment ad agencies, and marketing partners. Lensa partners with DirectEmployers to promote this job for Financial Partners Credit Union. Clicking "Apply Now" or "Read more" on Lensa redirects you to the job board/employer site. Any information collected there is subject to their terms and privacy notice.

#1644

Costa Mesa, CA, USA

Pay Range

$194,695.80 - $324,493.00

Position Type

Full Time

Job Description

Financial Partners Credit Union is seeking a Vice President of Information Security & Data Privacy to join our fast-growing IT Infrastructure team in developing and executing the credit union’s information security, data privacy and cyber risk strategy. Reporting to the Chief Operation Officer and working closely with the Chief Information Officer, Information Security Steering Committee and Executive Management Team, the VP ensures the protection of data, systems, applications, and infrastructure across the enterprise.

What You’ll Do/Requirements

• Perform Tier-1 tasks on Information Security technologies, to maintain and manage annual updates and revision to security and privacy policies
• Evaluate business activities (e.g. investments, assets, processes) to assess compliance risk to NIST CSF and Credit Union standards
• Participate in building or maintaining Fraud Detection processes, including technology
• Partner with IT, Risk and Legal to ensure secure development, infrastructure, and operations
• Provide or coordinate with internal and external audit to advise on and remediate all gaps from reviews, audits, policies, procedures and practices as it aligns to information security and data privacy
• Develop and implement an effective ISMS (Information Security Management System) and Data Privacy compliance program
• Support and maintain ISMS, NIST CSF Framework, GDPR, CCPA (and additional states or country privacy laws), PCI-DSS internal controls and monitor adherence to them
• Proactively document and review processes, practices and documents to identify weaknesses and risks
• Identify and evaluate the organization’s data processing activities for PCI-DSS
• Conduct annual Data Protection Impact Assessments (DPIAs)
• Participate in annual Business Continuity/Disaster Recovery and Incident management testing to written plans
• Manage Incident and Privacy breaches, incidents and potential incidents, including reviews of flaw remediation
• Arrange or conduct training on Data Privacy and Security Awareness compliance training for employees and contractors (including vendors where not aligned or provided)
• Build and lead executive-level communications on security posture, emerging threats, and strategic initiatives
• Ability and experience communicating to external auditors
  
  

What We Are Looking For/Requests

• Bachelor’s degree in Computer Science, Computer Information Systems, or any relevant Business degree with additional technical & security related certifications
• 5 years' senior leadership experience as a Information Security, Compliance Officer or Compliance Manager
• 5 years’ experience in Linux, Windows and Cloud (Microsoft, Google, AWS) technologies, as well as security tools (IDS/IPS, DLP, SIEM, EDR/MDR, Firewall)
• Knowledge of various security methodologies and processes, and technical security solutions
• Solid knowledge of Data Privacy and data protection laws
• Familiarity with physical security systems and controls
• Ability to handle and classify confidential and restricted information
  
  

Nice To Haves/Enhancements

• Bachelor's degree in one of the following:
• Information Systems
• Computer Science
• Information Technology
• Management Information Systems (MIS)
• Cybersecurity
• CISA certification, Network Security certification or relevant InfoSec certifications
• Agile experience
• Experience championing a security program
• Professional certification (e.g. Compliance & Ethics Professional, Leadership ) is a plus
• Broad yet mostly expert understanding of information security and the application of controls across a diverse infrastructure and management organization
• Excellent planning, organizational, written and verbal communication skills
• Self-starter capabilities with the ability to work with independently to drive results
  
  

The pay range for this position is listed above. Our pay ranges are designed to allow for candidates with various levels of experience and skill to be considered, and to allow room for growth to be achieved in a role over time. Generally, new hire salary offers fall within the minimum to midpoint of a pay range for many candidates. Any offer extended to a candidate will be based upon their individual combination of experience, knowledge, skills, and education as well as internal equity.

Financial Partners Credit Union is an equal opportunity employer and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.

If you have questions about this posting, please contact support@lensa.com