Mgr Info Security Programs (Vinton)

Compensation

: $93,040.00 - $200,830.00 /year *

Employment Type

: Full-Time

Industry

: Information Technology



Loading some great jobs for you...





Job Description

Employee Perks

Why You Will Love Being Part of the Navy Federal Team:

*Competitive compensation with opportunities for annual raises, promotions, and bonus potential
*Best-in-Class Benefits! (7% 401k match / Pension plan / Tuition reimbursement / Great insurance options)
*On-site amenities include fitness center, wellness center, cafeteria, etc. at Pensacola, FL; Vienna, VA and Winchester, VAcampuses
*Consistently Awarded Top Workplace
*Nationally recognized training department by TRAINING Magazine
*An employee-focused, diverse, and service-oriented workplace environment

Basic Purpose

To plan, direct and manage the analysis of Information Security risk management programs to effectively protect information systems assets and enable safe implementation of Navy Federal processes, products and services. Provide subject matter expertise and guidance to senior management and functional areas for the protection of information systems assets. Supervise the development of Information Security awareness campaigns and training. #dice

Responsibilities

Plan, identify, develop and manage the analysis of enterprise information security risk exposure associated with current and new business processes
Lead cross-disciplinary teams to identify and assess information security risks for Navy Federal information systems and networks
Lead the assessment of enterprise risk focusing on security control and protection of member and employee Personal Identifiable Information (PII)
Partner with key stakeholders to plan and develop remediation plans to address outstanding control gaps and areas of noncompliance
Ensure compliance with all regulatory agency regulations and applicable federal, state, and local laws to minimize risk
Report to senior Security management regarding Navy Federal's Information Security posture and the status of remediation efforts to address control gaps and resolve areas of noncompliance
Manage the Information Security Risk Register containing records of the outstanding control gaps, and areas of noncompliance with Information Security Instructions and Standards
Assist in leading the planning, scheduling, budgeting, and resourcing of the Security Controls Improvement Program, Data Security Risk Mitigation Program and other projects focused on remediation of outstanding control gaps and areas of noncompliance
Oversee Service Provider reviews performed on third parties with whom Navy Federal is considering doing business, and existing third parties with an established working relationship
Evaluate controls of the service providers to ensure consistency with Navy Federal standards and do not introduce a level of risk not compatible with Navy Federals risk appetite
Manage the development and execution of service provider reviews to include clearly defined timelines and expectations with third party vendors to ensure adequate documentation is obtained for research and analysis
Collaborate and build relationships with Procurement and business units with established relationships with the
service provider; document and report on issues identified; communicate with stakeholders to determine if relationship should be pursued/continued
Manage development and implementation of information system security policies, practices and standards
Manage development of and implementation of information security education awareness training for members, employees, and contractors.
Collaborate with leadership of other Information Security teams to ensure coordination and alignment with Information Securitys strategic direction.
Perform supervisory/managerial responsibilities
- Ensure adequate/skilled staffing; select employees
- Establish performance goals and priorities
- Prepare, conduct, and review performance appraisals
- Develop, mentor and counsel staff
- Provide input and/or prepare budget requirements for Annual Financial Plan (AFP)
- Ensure section/branch goals and objectives align with division/department strategy
- Ensure efficiency of operations
- Leadership Level
Performs other related duties as assigned

Qualifications

Bachelors degree in Computer Science, Information Security, related fields or equivalent experience
Significant experience with information security processes, concepts, principles, and methodologies
Significant experience in Security policy and procedure development
Significant experience in vendor risk management and oversight
Significant experience in performing Risk Assessments
Significant experience in working with all levels of staff, management, stakeholders, vendors
Extensive experience in developing and maintaining enterprise risk programs focusing on information security
Extensive experience in auditing principles and frameworks such as COSO, Cobit 4.1 and NIST and SANS
Advanced knowledge of NCUA,FFIEC, GLBA, ISO 27001/27002,SANS20, PCI DSS and other Information security requirements and frameworks
Advanced knowledge of at least one industry-leading risk management framework
Effective skill in results-oriented leadership in a challenging environment Advanced skill building effective relationships through rapport, trust, diplomacy and tact
Ability to translate complex information security topics and threats into easily understood terms that can be incorporated into business requirements
Advanced verbal and written skills
Advanced organizational, planning and time management skills
Advanced skill in producing desired results to achieve goals and objectives
Advanced research, analysis and problem solving skills
Effective skill in results-oriented leadership in a challenging environment
Desired Knowledge of Navy Federals mission, objectives, functions and policies
Desired Experience in the financial services industry with a focus on information security and information technology
Desired Knowledge of information security risks and countermeasures
Desired Professional certification in the information security sector (CRISC, CISM, CISSP)
Desired Experience in audit / information security assessment

Hours : Monday - Friday, 8:00am - 4:30pm

Location : 820 Follin Lane SE, Vienna, VA 22180

Equal Employment Opportunity

Navy Federal values, celebrates, and enacts diversity in the workplace. Navy Federal takes affirmative action to employ and advance in employment qualified individuals with disabilities, disabled veterans, Armed Forces service medal veterans, recently separated veterans, and other protected veterans. EOE/AA/M/F/Veteran/Disability


Disclaimer

Navy Federal reserves the right to fill this role at a higher/lower grade level based on business need.


Bank Secrecy Act

Remains cognizant of and adheres to Navy Federal policies and procedures, and regulations pertaining to the Bank Secrecy Act.


Associated topics: chief program officer, cpo, manage, manager, management, monitor, product manager, project manager, relationship manager, task * The salary listed in the header is an estimate based on salary data for similar jobs in the same area. Salary or compensation data found in the job description is accurate.

Launch your career - Create your profile now!

Create your Profile

Loading some great jobs for you...