EVP - Director - Chief Security Officer

EVP - Director - Chief Security Officer page is loaded## EVP - Director - Chief Security Officer locations:
Operations - Raleigh - Creedmoor Rdtime type:
Full time posted on:
Posted Todayjob requisition :
JR-14342
** If you are motivated and believe in the credit union philosophy of "People Helping People," join our team!
***
* Position Overview:

** The Chief Security Officer is responsible for establishing and leading the enterprise-wide information security and cyber risk strategy. This role ensures the confidentiality, integrity, and availability of the institution’s data, systems, and technology assets while enabling business growth and maintaining compliance with regulatory requirements.
*
* Essential Responsibilities:

**•    **(15 %)
** Strategic Leadership  o    Develop and execute a comprehensive information and physical security strategy aligned with business objectives and regulatory expectations.  o    Provide executive level guidance on cyber risk, resilience, and emerging threats to senior leadership and the board.
o    Champion a culture of security awareness across the enterprise.•   **(5 %)
** Governance and Risk Management  o    Establish and oversee enterprise-wide security governance frameworks, policies, and standards.  o    Lead risk assessments and development of key risk and performance indicators for cyber related processes.  o    Ensure compliance with financial industry regulations (e.g., FFIEC, GLBA) and evolving cybersecurity mandates.•   **(25 %)
** Security Operations and Technology  o    Direct the design, implementation, and monitoring of security controls across networks, applications, cloud environments, and data assets.  o    Direct the design, implementation, and monitoring of physical security at branches and operations centers; and oversees executive protection program.
o    Oversee incident response, digital forensics, and crisis management programs related to cyber and physical security events.  o    Drive adoption of modern security technologies, automation, and analytics to enhance detection and response capabilities.•    **(25 %)
** Identity and Access Management  o    Ensure robust identity governance, privileged access management and zero trust architecture principles.
o    Align IAM strategy with customer experience, fraud prevention, and regulatory requirements.•    **(30 %)
** Collaboration and Stakeholder Engagement  o    Partner with IT, Risk, Compliance, and business lines to embed security into digital transformation.
o    Liaison and interact with regulators, auditors, and external partners on cybersecurity matters.
o    Communicate complex technical risks in clear actionable terms for non-technical stakeholders.
** Required Education & Experience (Knowledge, Skills, & Abilities):*
* • Bachelor’s degree in computer science, information security, or related field.  
• CISSP or CISM (if applicable)  
• 10 - 15 years in information security, risk management, or technology leadership.  
• Experience interacting directly with state and federal regulators  
• Enterprise-wide strategy development  
• Prioritizing initiatives based on business impact and risk mitigation   
• Budget and resource management   
• Experience in regulated sectors with a deep understanding of compliance, governance and risk management  
• Cybersecurity operations, Current and emerging threat factors  
• Identity and Access Management  
• Data governance and privacy  
• Knowledge and understanding of relevant legal and regulatory requirements, such as FFIEC IT Guidance, Payments Card Industry Standards, and Privacy Law(s).  
• Knowledge of common information security management frameworks, such as ISO/IEC 27001, ITIL, COBIT as well as those from NIST, including 800-53 and Cybersecurity Framework  
• Key cyber security and data protection regulations  
• Market specific threats and trends  
• Cybersecurity role in digital transformation  
• Sound knowledge of business management and a working knowledge of cybersecurity risk management and cybersecurity technologies  
• Experience presenting to a board of directors  
• Participation in governance structures such risk, project and IT steering committees   
•…