We use cookies. Find out more about it here. By continuing to browse this site you are agreeing to our use of cookies.
I agree and accept cookies
Main menu
Post a Job
Request a Demo
Yes
No
Both
Advanced search
#alert
Back to search results / More jobs like this
Back to search results
New
TDECU jobs

Director - Information Security

TDECU
United States, Texas, Sugar Land
Jan 16, 2025

Position Title: Director - Information Security

Reporting Manager: VP -Enterprise Infrastructure and IT Security

Essential Duties and Responsibilities:

  • Directs and oversees the development and maintenance of information security architecture patterns in alignment with the greater enterprise strategy that enables the enterprise information security program.
  • Monitors regulatory environment for emerging requirements that will affect the Credit Union's information security program and initiatives.
  • Protects digital assets by developing security programs and by managing threats to the organizations most critical assets and data
  • Evangelizes key security initiatives to gain buy-in from C-Level and other business leaders throughout the organization
  • Aligns business objectives with security objectives by combining people, processes and technology
  • Identifies the appropriate resources needed to advance the security program and presents business case to Leadership to gain support.
  • Actively qualifies and quantifies cyber-risk in business terms that accurately reflects the overall risk position of the TDECU board and its members. Leverages the risk assessment to inform strategy and tactics.
  • Monitors changes in business, technology, and threat environments to identify and develop strategies for addressing new risks
  • Directs and oversees maintenance of programs to manage risks to the Bank's network, systems, and data from malware, network intrusion, and other threats. Assesses the risk associated with newly discovered vulnerabilities and directs the application of vendor-supplied patches to manage risk.
  • Identifies threats to the enterprise and determines the level of threats and the appropriate action(s) to take to avoid damages based on strategic NIST Cyber Framework adopted in security operations
  • Determines the level of reporting based on relevant metrics to track the health of the program based on events and incidents
  • Determines the tools needed to protect, detect and recover from security incidents and proposes the technology and process changes to leadership for implementation.
  • Reports and incidents to relevant stakeholders with a short-term approach to control current incidents as well as a strategic plan to prevent recurring incidents
  • Develops a comprehensive plan to attract, train and retain security professionals with the requisite skills and interest in pursuing a cybersecurity career at TDECU.
  • Develops a comprehensive plan to maintain the skill level of existing employees (and third-party service personnel) on a regular basis to evolve skill levels that coincide with the existing and emerging threat landscape that is relevant to the TDECU business and data assets
  • Monitors the threat landscape specifically to the credit union business vertical as well as those specific to TDECU and takes preventive action through a robust cyber-security awareness and education program and evangelizes the program to all employees and board members
  • Participates in the global information security community that monitors and explores all sources of information and leverages techniques and initiatives of other security executives by sharing experience and knowledge.
  • Evangelizes to all TDECU employees their critical role on the information security team as well as all members of the information technology teams that they are subject matter experts and their knowledge in critical to the overall success of securing member information
  • Develops and executes on communications independently or with enterprise communications resources the risk of a faltering information security program to employees, managers, business leaders and board members by effectively communicating that information security risk is a business risk
  • Continuously communicates his/her role as a thought leader is to clearly demonstrate a commitment to protecting the organization, its members, and the member's most private data
  • Develops relationships throughout the organization that nourishes a spirit of cooperation and partnership to help further the information security mission and charter
  • Actively participates in aligned Incident Response and Business Continuity Teams.

# of Direct Reports:

1

# of Indirect Reports:

5

Financial Responsibility: (Indicate type and amount of budget, sales volume, etc. for which this position is responsible)

$2.5 M

Applied = 0
MORE JOBS LIKE THIS

(web-776696b8bf-vd2jz)