|
Formed in 1934, Telhio began as a credit union for Columbus Telephone Company (now AT&T) employees. Telhio now serves over 70,000 member-owners throughout central and southwest Ohio. As one of the largest credit unions in Ohio, Telhio is a strong financial institution that continues to serve its members through extraordinary service, innovative financial solutions and community involvement. After generations of service and growth, we never lose focus of our three core values - Caring, Commitment, and Integrity.
The VP of Information Security will be responsible for leading Telhio's security and data privacy/compliance initiatives. This role will be strategic in determining how we grow our technological footprint and continue to safeguard our member's data while ensuring their trust long-term. This is a high-impact leadership position.
What you will do:
Strategy, Planning & Leadership:
- Develop an information security vision and strategy that is aligned to organizational priorities.
- Participate in strategic and operational governance processes.
- Lead strategic information security planning to achieve business goals by prioritizing initiatives and coordinating the evaluation, deployment, and management of current and future technologies using a risk-based assessment methodology.
- Provide regular reporting on the status of the information security program to a variety of audiences including senior management and the board of directors.
- Develop, implement, maintain, and oversee enforcement of policies, procedures, and associated plans for system security administration and user system access based on industry-standard best practices and regulatory requirements.
- Manage the budget for the information security function, monitoring and reporting discrepancies.
- Manage the information security organization, including hiring, development, retention and performance management
Acquisition & Deployment:
- Define and communicate plans, procedures, policies, and standards for the organization for acquiring, implementing, and operating new security systems, equipment, software, and other technologies.
- Participate in feasibility studies and conduct risk assessments for software and systems under consideration for purchase and make recommendations.
- Ensure that any new software and integration into company systems meets security requirements.
Operational Management:
- Act as advocate and primary liaison for the credit union's information security vision via regular communications with the senior leadership, department heads, and employees.
- Create a risk-based process for the assessment and mitigation of any information security risk in the ecosystem consisting of supply chain partners, vendors, consumers and any other third parties.
- Work closely with the other departments on corporate technology development to fully secure information, computer, network, and processing systems.
- Develop, track, and control the security services annual operating and capital budgets for purchasing, staffing, and operations.
- Recommend and implement changes in security policies and practices in accordance with changes in local or federal law.
- Manage and contain information security incidents and events to protect corporate IT assets, intellectual property, regulated data and the credit union's reputation.
- Monitor the external threat environment for emerging threats and advise relevant stakeholders on the appropriate courses of action.
- Develop and oversee effective disaster recovery policies and standards to align with the enterprise business continuity management program goals.
- Coordinate the development of implementation of incident response plans and procedures to ensure that business-critical services are recovered in the event of a security event; provides direction, support and in-house consulting in these areas.
- Facilitate and support the development of asset inventories.
- Collaborate with the Chief Information Officer, Business Technology Leadership, Enterprise Risk Management, and HR to establish and maintain processes for ensuring that information security and privacy policies are met.
- Promote and oversee strategic security relationships between internal resources and external entities, including government, vendors, and partner organizations.
- Remain informed on trends and issues in cybersecurity, including current and emerging technologies and threats. Advise, counsel, and educate executive and management teams on their relative importance and organizational impact.
What you will need:
- Bachelor's Degree in Computer Science or Business Administration (preferred)
- 10+ years Leadership role in Information Security (Required)
- 4-6 years Financial Services Industry (Banking, Credit Union) in Information Security or Risk Management role (Preferred)
- Knowledge of common information security management frameworks, such as NIST 800-53 and Cybersecurity Framework, ITIL, COBIT (Required)
- One or more of the following: Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Control (CRISC) (Required)
What you will earn:
- Competitive salary
- Opportunity to earn incentive and bonus
- Benefits: medical, dental, vision, life and disability insurance
- 6% matching and immediately vested 401(k) plan
- Paid holidays, vacation and personal time
- Opportunity for personal career growth, continued education and mentorship programs
- Volunteer opportunities impacting the local community
Physical Demands
The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
While performing the duties of this job, you will need to have good manual dexterity as well as speaking and hearing ability. This position requires sitting; some reaching; standing; some stooping or kneeling. The employee must occasionally lift and move up to 50 pounds. It is expected that the employee will read, compile, compute and record numerical and statistical data. Must drive occasionally.
This is a Non-Collective Bargaining Unit.
Telhio is an Equal Opportunity Employer.
|
