Chief Information Security Officer

Michigan State Univerity Federal Credit Union's mission is to provide superior service while assisting members and employees to achieve financial security, their goals, and ultimately, their dreams.

* Develop, implement, and communicate information security strategies, policies, standards, and procedures that support the Credit Union’s overall goals and strategic plans. * Provide leadership and direction to instill practices that keep member and organizational data secure. Ensure confidentiality and security of Credit Union data, proprietary information, and intellectual property. * Collaborate with CIO and Information Technology management to strategize change management, implementation of best practices, staff development, system changes, adherence to standards and procedures, etc. * Oversee performance of routine, recurring security reviews and risk assessments to evaluate controls, processes and procedures, standards, and adherence to security policies. Supply metrics and summaries of these reviews and provide guidance and direction to management and employees for any findings. * Respond to and take corrective action for all internal audit, third party audit, and NCUA examination findings. * Oversee Information Security awareness education strategies for Credit Union employees and provide assistance and support to business units delivering Information Security education to members. * Responsible for developing proactive approaches to information security, keeping current with existing and emerging threats, and providing relevant education and guidance to Credit Union management and employees. Recognize new developments in information security systems technology and anticipate organizational implications and required changes. * Responsible for the supervision and overall development of the Security team employees, including; hiring, workforce planning, career development, training, coaching, performance evaluations and promotions or terminations. * Lead team meetings and conduct written and/or verbal presentations to department, management, Credit Union staff, and board of directors. * Oversee the proper allocation of team resources to achieve project objectives; evaluating appropriate workload and variety of projects. Analyze metrics and usage of systems to monitor service and risk levels and trends, determine future projects and staffing needs, and overall evaluation of team performance and efficiency. * Oversees the research and analysis of technology hardware and software systems as relevant to the Security team, and coordinates the feasibility, cost justification, selection, and purchase of said systems. Reviews and negotiates Security team vendor contracts for competitiveness and performs vendor due diligence as prescribed by Credit Union policy. * Contribute to community involvement efforts by volunteering to represent the Credit Union at such activities or serve on boards as appropriate. * Follows up on any adverse trends in absenteeism, tardiness, or other employee performance issues. * Participate in training activities within department and with the learning and talent development department; such training helps to ensure staff compliance with credit union policies and state and federal regulations and laws. * Perform other duties and assist other employees, as assigned.

**Knowledge, Skills, and Abilities Required** * Must be able to communicate with members, staff, and individuals in the community in a professional manner. This will require excellent written, verbal, and interpersonal communication skills along with the ability to present and explain information effectively for non-technically inclined individuals. * A level of technical knowledge and experience normally acquired through completion of a four-year program in computer science, information systems, or related field. A bachelor’s degree in computer science, technology, or business related fields at an accredited college or university is preferred. * Five years of Information Technology work experience with progressive responsibilities and two or more years in a supervisory capacity. * Advanced understanding of Information Security with relevant work experience and/or relevant education and certifications. * Experience with SIEM and DLP products, creating, implementing, and maintaining security policies, and working in or supporting an incident response team is preferred. * Knowledge of the financial services industry preferred. * Work requires the ability to understand complex computer, security, and network system operations. * Requires an analytical mind and strong problem solving skills with experience in root cause analysis. * Must have proven project management skills with projects of varying complexity and experience. * Must be able to attend conferences, seminars, and training sessions out of the area. * Must be available outside of normal business hours to assist in an emergency, a recovery in the event of a failure or outage, etc. of a critical Credit Union system. * Must be multi-task orientated to meet aggressive deadlines and handle multiple and complex projects at once while remaining flexible to changing requirements and priorities. * Must be able to work independently, take initiative, and coordinate across organizational boundaries to identify information security and technology needs and implement solutions that fulfill them.