Information Security Manager
Company: Michigan State University Federal Credit Union
Location: East Lansing
Posted on: November 4, 2018
Who we are:
MSUFCU has a national reputation for excellence and has received several top industry and workplace awards. For the sixth year in a row, MSUFCU was named as a Top Workplace in the large employer category by the Detroit Free Press. This year, it was also recognized as one of CU Journal's Best Credit Unions to Work For, a Best Workplace for Women by Fortune Magazine, and Outstanding Credit Union of the Year by the Michigan Credit Union League. MSUFCU has also been nationally recognized for its financial education initiatives, ranking first in Michigan and second in the nation for the 2017 Alphonse Desjardins Adult Financial Education award by the Credit Union National Association. Founded in 1937 by MSU faculty and staff, MSUFCU has 18 branches, over 260,000 members, more than $4 billion in assets, and 875 employees.
A day in the life of an Information Security Manager
The Information Security Manager reports to the Chief Information Security Officer and provides technical leadership, expertise, and direction to the Information Security team. The manager works with credit union staff to design and implement Information Technology data and security systems. This position develops and performs Information Technology risk and security assessments to ensure the protection of credit union technology assets and compliance with applicable laws and industry regulations. This position also provides proactive operational responsibility for Information Security incident prevention, detection, and remediation. The Information Security Manager is responsible for the supervision of the Information Security staff including selection, training, coaching, mentoring, evaluation and compensation as well as the efficient, effective operation of the Information Security department in accordance with established policies and procedures and credit union strategic goals and mission.
- Responsible for ensuring the confidentiality, integrity, and availability of member data and applications across the credit union.
- Responsible for mentoring and fostering the overall development of the Information Security team employees, including; training and ongoing development, coaching, selection and hiring process, and also the promotion and performance evaluation of the Information Security team employees.
- Manage day-to-day operations of the Information Security team including; staffing, scheduling, and ensuring employees meet their annual training requirements and goals as well as day to day security support and problem resolution requests from throughout the credit union.
- Oversee all Information Security projects ensuring that all implementations follow established credit union practices and change management.
- Oversee the team's triage process, ensuring timely communication and completion of support tickets and maintenance projects.
- Lead team meetings and conduct written and/or verbal presentations to department, management, and credit union staff.
- Oversee the research and analysis of designated security systems, and coordinate the feasibility, cost justification, selection, and purchase of said systems.
- Review credit union vendor contracts for security compliance and performs vendor due diligence as prescribed by credit union policy.
- Develop and maintains the credit union's Information Security program, which includes the creation and maintenance of security policies, standards, and procedures.
- Initiate, facilitate, and promote activities to create Information Security awareness within the organization.
- Work with internal and external auditors and examiners to ensure compliance with regulations, laws, and established standards and procedures.
- Perform technology risk assessments on credit union information systems and business processes, both independently and in collaboration with the Risk Management team.
- Research, recommend, and implement risk mitigation strategies that are aligned with business goals and objectives.
- Ensure that the credit union is conforming to Information Security best practice standards.
- Develop, maintain, and review the credit union's incident response plan outlining specific courses of action that will be taken if network resources or member data have been compromised.
- Coordinate technical staff across multiple teams in response to Information Security incidents.
- Assist in the ongoing development and testing of all IT disaster recovery procedures.
- Participate in the ongoing development and testing of the credit union's Business Continuity program.
- Assist in the ongoing design and implementation of the credit union's Information Technology systems and network security solutions in a complex enterprise computing environment.
- Provide guidance and direction to other management and staff for special system capabilities or problems and resolutions.
- Participate in training activities within the department/branches/human resources, as well as training outside the department; such training helps to ensure staff compliance with credit union policies and state and federal regulations and laws.
- Perform other duties and assist other employees, as assigned.
What you can bring to MSUFCU:
- A bachelor's degree or actively pursuing a bachelor's degree from an accredited college or university with concentration in Computer Science or related field is required.
- Five years of information technology management experience.
- One or more of the following certifications: CISM, CISA, CISSP, or other accredited certification that demonstrates expert knowledge in Information Security program development, design, and management, and that requires continuing education credits to maintain certification.
- Must be able to communicate with members, staff, vendors, and individuals in the community in a professional manner. This will require excellent written, verbal, and interpersonal communication skills along with the ability to present and explain information effectively for non-technically inclined individuals.
- In depth understanding of computers, networks and the internet, including internet and network communication protocols, standards and Information Security, network security engineering, enterprise data networking, worldwide security threats, common exploits, etc. and their potential effect on the credit union's information technology and member data assets.
- Ability to read and understand complex computer system documentation.
- Knowledge of overall credit union operations.
- Ability to use good judgment to solve problems efficiently and accurately and handle complex details.
- Ability to work with a high degree of independence, yet also maintain professional and effective working relationships with team members, vendors, auditors and examiners.
- Must have proven project management skills with projects of varying complexity and experience.
- Multi-task orientation to handle a number of projects at once while remaining flexible to changing requirements and priorities.
- Ability to meet deadlines in a timely manner and collaborate effectively in teams with all levels of the organization.
- Must be available outside of normal business hours to assist in recovery in the event of a failure or outage of a critical credit union system.
Keywords: Michigan State University Federal Credit Union, East Lansing , Information Security Manager, Executive , East Lansing, Michigan
Didn't find what you're looking for? Search again!