The Opportunity We are seeking a talented Deputy Chief Information Security Officer to serve as the senior team member who designs, creates and continuously improves InfoSec processes including but not limited to InfoSec policies/standards, enterprise risk assessments and metrics.
Additionally, this role is the backup to the Chief Information Security Officer (CISO) in customer inquiries, incidents and other circumstances where the CISO is not available as the primary point of contact between the business units.
The incumbent will be involved in the implementation of new projects and providing guidance to the business units regarding business unit specific requirements around information security.
This role is also responsible for identifying current and emerging information security and compliance requirements of the organization and coordinating the implementation of solutions that address these requirements.This position is fully-remote.
That means we are open to talent across the country and the person in this position will be able to continue working remotely even after we transition back into our physical office locations.
What You Can Look Forward to Manage and provide support to staff, delegating when opportunity arises.Team building by involving others in planning, enabling staff to make decisions.Recognition/celebration for accomplishments.Provide employee performance planning, counseling and evaluations.Set clear performance expectations and goals.Monitor and evaluate employee progress.Manages operational and tactical activities and individuals in support of Information Security program.Develops frameworks, supporting processes and act as senior consultant for InfoSec policies, standards, metrics and project/vendor risk assessments.Keeps current on emerging business needs and security threats and identifying solutions that address those needs.Serves as an information security expert and trusted advisor to partners in IT and the business.Develops an understanding of business goals and reframes risk discussions in simple solutions that are understandable at all levels of the organization.Constructively engages business partners regarding information security issues.Actively and professionally engages business partners in conversations that drive good risk decisions.Provides a different view of the world to business partners by translating emerging IT and business trends into meaningful risks and opportunities.Educates business partners on the risk implications of critical decisions by combining empirical analysis with expert judgment to assess business decisions.Creates constructive tension between Security and the business by being a facilitator of constructive disagreement when applicable and provide insight to pressure test ideas.Challenges business partners’ assumptions about value drivers and presents alternate assumptions.Reshapes business partners’ preconceived notions of success where appropriate.Supports 24/7 incident response processes as needed.Regular and reliable attendance.Responsible for reporting risks that are identified to the appropriate team and/or management.
Additionally, responsible for managing, monitoring and reporting risks within the scope of your work area, to include, but not limited to Information Security risks.Actively supports our CO-OP culture and embraces our core values of Work as Partners, Communicate Openly and Honestly, Demonstrate Excellence and Champion Change in all interactions.
What You’ll Need to Succeed BS or MA in Computer Science, Information Security, or a related field (e.G., IT Audit, Enterprise Risk Management, etc.).10 years of experience in information security.5 years of experience with regulatory compliance and information security management frameworks (e.G., IS027000, FFIEC, PCI, etc.).Information Technology concepts such as Operating Systems, programming languages, networking and databases.Information Security technologies such as NIDS, DLP, Firewalls, Antimalware at the conceptual level.Experience building streamlined processes around governance (policies/standards), metrics and enterprise risk assessments.An understanding of the impact of emerging business and end-user technologies have on information security requirements and architecture.An understanding of business needs and commitment to delivering high-quality, prompt, and efficient service to the business.Strong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate one.Demonstrated technical expertise in existing security and IT systems and an ability to keep pace with changing security and IT technologies.Strong interpersonal skills, with an emphasis on the ability to effectively influence others.A team-focused mentality with the proven ability to work effectively with diverse stakeholders.An ability to communicate complex and technical issues to diverse audiences, orally and in writing, in an easily-understood, authoritative, and actionable manner.Aptitude for understanding internal organizational environments and their relationship to the external business environment.Ability to develop a full and deep understanding of the business operations.Developed understanding of how business initiatives create value and risk for organizations.Strong ability to convey complex information risk and security issues in a manner that is easily understood and actionable and constructively challenges prevailing thoughts and processes.Able to consistently, effectively defend ideas and solutions.Adept at improving outcomes through proactive team coaching and development.Demonstrates an ability to construct, challenge, and manage choices.Effectively manage projects, prioritize time and communicate adjustments as to management and stakeholders.Able to effectively analyze risk within the context of business problems.MA/MS in Computer Science, Information Security, or a related field (e.G., IT Audit, Enterprise Risk Management, etc.) is a plus.15 years of experience in information security, especially in a security architect role is a plus.10 years of experience with regulatory compliance and information security management frameworks (e.G., IS027000, FFIEC, PCI, etc.) preferred.Financial services knowledge preferred.
Why Join CO-OP?
CO-OP is committed to fostering a workplace where every employee feels valued, respected, and connected.
We are dedicated to understanding, attracting and engaging a diverse workforce; ensuring that our employee base reflects the consumers we serve; cultivating a workplacein which every employee can live up to their full potential.
The result of this effort is an inclusive environment where diverse talent thrives.
You will be part of an organization that focuses on a strong culture and embodies the credit union movement philosophy of People Helping People.
CO-OP’s commitment to reflecting our own core values and purpose extends beyond how we serve our clients and the products that we deliver.With more than 35 years of industry leadership, CO-OP Financial Services is the largest, most comprehensive credit union service organization in the nation.
CO-OP serves as THE credit union technology engine, bringing payments solutions, engagement services and strategic counsel to help credit unions optimize member experiences to consistently provide seamless, personalized multi-channel offerings, while delivering secure, sophisticated fraud mitigation service.CO-OP serves more than 3,000 client credit unions, with 60 million debit and credit cardholders, nearly 30,000 surcharge-free ATMs and more than 5,600 shared branches nationwide.
Our vast technological ecosystem facilitates more than 6.5 billion transactions every year and equips credit unions of all sizes to deepen member engagement and prosper in the fast-paced world of fintech.
The Perks Fun, challenging and, collaborative work environment with passionate colleagues that care deeply about the intersection of technology and human-centered financial services.Great Work/Life Benefits – Paid Time Off (PTO), Maternity, Parental, Family Care, Adoption Leave Programs, Community Volunteer Time Off, and 10 Paid Holidays.Health benefits – medical, dental, & vision plus wellness programs and gym reimbursements.401K with generous company match.Tuition reimbursement.