Information Security Officer

Position Description: Information Security Officer

Reports to: Chief Information Officer

Grade Level: 16

Full Salary Range: $116,888.51 – $175,332.77

Hiring Salary Range: $116,888.51 – $146,110.64

Primary Responsibilities:

The Information Security Officer (ISO) role leads and executes our cybersecurity strategy. As a key member of the leadership team reporting directly to the CIO, the ISO will be both a strategist and an active participant in day-to-day security operations. The ISO will drive the design and continuous improvement of the credit union’s information security posture while personally engaging in critical security tasks and incident response. The role requires a balance of policy and procedure development and direct technical execution to safeguard the organization and ensure compliance with evolving regulatory and threat landscapes.

Duties and Responsibilities:

• Continually renew, implement, and maintain the credit union’s information security program, aligning with business goals and regulatory standards
• Perform regular risk assessments, vulnerability scans, and security audits; directly analyze results and follow up with mitigation strategies
• Actively monitor security systems, respond to incidents, and lead investigations from detection to resolution
• Collaborate with IT teams and business units to securely integrate new technologies and processes
• Develop and deliver information security training and awareness programs across all staff levels
• Provide strategic guidance to the CIO and executive leadership on risk posture, emerging threats, and security investments
• Research, review, and propose new solutions related to information security and participate in the budgetary process
• Manage vendor and third-party risk through assessments and security reviews
• Serve as the primary liaison during regulatory exams, audits, and cybersecurity assessments
• Attend information security conferences and network with peers to learn how others are reducing security friction for staff and members
• Stay hands-on with industry tools and technologies while continuously evolving the strategic vision for security at the credit union
• Perform all other duties as assigned.

Qualifications:

Education and Experience

• Bachelor’s degree in Information Security, Cybersecurity, Information Technology, or related field (Master’s degree and/or certifications such as CISSP, CISM, or CRISC preferred)
• 7+ years of experience in IT security roles, with at least 3 years in a leadership or managerial capacity
• 4+ years of experience managing information security in Microsoft Azure and M365
• 4+ years of experience configuring and using vulnerability scanning systems
• Experience designing and managing an enterprise-wide information security program
• Strong knowledge of federal and state compliance regulations relevant to financial institutions (e.g., NCUA, OCC, FDIC, GLBA, FFIEC)
• Demonstrated ability to balance technical execution with long-term strategic planning
• Effective communicator with the ability to translate complex security topics into actionable guidance for both technical and non-technical stakeholders

Skills and Competencies

• Proven ability to lead and develop technical teams across multiple functions.
• Extensive knowledge of IT compliance standards, cybersecurity frameworks, and operational risk management.
• Excellent problem-solving, issue resolution, and project management skills.
• Strong communication skills, including the ability to express the severity of a situation while maintaining respect for the individual.
• Ability to prioritize and manage multiple competing demands in a dynamic environment.

Benefits

• Health, Vision, Dental Insurance
• Long-term Disability Insurance
• Critical Illness
• Life Insurance
• 401(k) match
• Profit sharing
• PTO
• Flexible Spending Account
• Tuition Reimbursement
• Pet Insurance
• Commuter Benefit

While performing the duties of this job, the employee is frequently required to sit, view information on a computer screen, and talk or hear. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

Monday - Friday from 8:00am to 4:30pm