Director of Cyber Security
3 weeks ago
Job Type
Full-time
Description
This is a remote position which may require minimal travel as needed for business needs (conferences, team/board meetings, etc.)
THE OPPORTUNITY
The Director of Cyber Security (DCS) assumes a pivotal role in safeguarding the organization's information systems and data from potential security threats and breaches. With a focus on proactive risk management, the DCS develops, oversees, and coordinates the organization's cyber and digital risk management program and policies, ensuring alignment with industry standards and regulatory requirements. The DCS is responsible for identifying, evaluating, mitigating, and reporting digital and cyber risks, thereby fostering a culture of proactive risk mitigation within the organization. The DCS will protect the organization from emerging threats and promote best practices in cybersecurity.
The DCS will collaborate with other departments to stay abreast of the latest cybersecurity trends and emerging threats. The DCS, in coordination with the internal IT department and CTO, will work towards enhancing security measures, promoting best practices, and conducting regular security assessments of vendors and solutions.
THE WORK ITSELF
Develop and maintainthe organization's digital risk and risk appetite framework and related processes to achieve the organization's short and long term strategic, technology and cybersecurity goals. This includes a strategic, comprehensive enterprise information security program to ensure the integrity, confidentiality, and availability of data.
Participatein strategic and long-range planning and the development of project plans, policies, procedures, and budgetary projections.
Provide regular and consistent reporting on the current status of the information security program to senior management and the board of directors.
Create and maintain a comprehensive set of corporate information security policies and standards. Continuously monitor information security controls, Key Risk Indicators (KRIs), Key Performance Indicators (KPIs), and the technical landscape.
Monitor the external threat environment for emerging threats and advise relevant stakeholders and the CEO on the appropriate course of action.
Develop a compliance and audit program to ensure the organization is in compliance with applicable cybersecurity laws, standards, frameworks, and regulations, as well as SOC 2/3 requirements. This may include regulations such as GDPR, PCI DSS, as well as industry standards like ISO 27001.
Implement effective Governance, Risk, and Compliance (GRC) controls and measures to protect systems and data.
Conduct and/or risk assessments to identify and prioritize cyber risks based on potential impact and likelihood of occurrence. This involves analyzing the organization's IT infrastructure, systems, and processes to identify vulnerabilities and threats.
Manage security incidents and events to protect corporate IT assets, company clients, including intellectual property, regulated data, and the company's reputation.
Develop and maintain incident response plans to effectively respond to and mitigate cybersecurity incidents. This involves coordinating with internal teams and external stakeholders to contain and remediate security breaches.
Work with business, internal IT, and third-party vendor teams to promote and adopt security best practices.
Validate IT infrastructure and reference architectures for security best practices and recommend enhancements.
Provide regular and consistent security awareness training and education to executive team on the relevant risks and changes in the cyber landscape.
Review monthly penetration tests and make recommendations to the CEO and CTO.
In coordination with the internal IT team, the DCS shall be involved in the management and coordination of audits with stakeholders and third parties.
Provide regular reports and updates to senior management and stakeholders on the organization's cyber risk posture, including identified risks, mitigation efforts, and compliance status.
Conduct Incident Response Drills that simulate a real-world cybersecurity incident and test the organization's preparedness, response procedures, and coordination among relevant teams and stakeholders.
THE SKILLS YOU BRING
The Must Haves...
Experience working in cyber security strategy, enterprise risk management, or information security.
Proven experience in monitoring and developing policies and procedures related to data or cyber security.
Ability to assist in audit and artifact collection and management in support of organization's SOC 2/3 certifications.
Experience with security technologies, including IDS/IPS, vulnerability testing, and firewalls is preferred.
Must have extensive knowledge of privacy and data protection laws, regulations, and best practices.
Enthusiasm, a collaborative work style, an inquisitive attitude, flexibility, creativity, a focus on excellence, and an overall "great-to-work-with" demeanor.
Excellent written and oral communications and cross functional project management skills required.
Must be a self-starter who is able to follow projects through to completion with little supervision and meet deadlines in a fast-paced environment.
Comprehensive understanding of information security and enterprise risk management.
Proficiency in computer programs (e.g. Microsoft Office, Excel, and PowerPoint).
The Nice To Haves...
Bachelor's degree in business, information technology, strategy, project management or related areas.
Strong relationship builder and communicator with experience in leading diverse work teams.
Experience working for a technology company that develops and sells software that stores and processes sensitive data is preferred.
THE PERKS WE OFFER
Competitive Pay : We know your value and we're not afraid to pay for it We offer a competitive total compensation plan including annual bonuses and a 5% contribution to your 401k.
Time Off : Besides our competitive paid time off package, team members receive paid holidays and time off to volunteer for causes that are important to them.
Benefits : We offer a comprehensive benefits package, including all the necessities such as medical, dental, and vision. Don't need health insurance? No problem An opt-out credit will be provided to you for waiving coverage.
Opportunity for you to make an impact on the people we serve We're all about people helping people
THE COMPANY ITSELF
CUSG is a credit union service organization offering leading edge products and services in the areas of Martech, HR Performance and Financial Empowerment. Our company's dedication to the credit union mission is reflected through service excellence to credit union clients, credit union system partners and credit union leagues spanning 48 states.
We are an equal opportunity employer committed to diversity in the workplace. We do not discriminate on the basis of race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or any other protected status. We welcome and encourage applications from all qualified individuals.
#J-18808-Ljbffr
-
Business Analyst 3
3 weeks ago
Lansing, United States Hudson Data Full timeJob Title: Business Analyst 3 - Cyber Security Location: Lansing, MI ( Hybrid ) Duration: Long Term 40 Hrs Job Description: Short Job Description The IT Business Analyst performs a complete range of assignments supporting the business and technical needs within the Cybersecurity and Infrastructure Protection area. The position performs a range of...
-
Business Analyst 3
3 days ago
Lansing, United States Hudson Data Full timeJob Title: Business Analyst 3 - Cyber Security Location: Lansing, MI ( Hybrid ) Duration: Long Term 40 Hrs Job Description: Short Job Description The IT Business Analyst performs a complete range of assignments supporting the business and technical needs within the Cybersecurity and Infrastructure Protection area. The position performs a range of...
-
Security Engineer
3 weeks ago
Lansing, United States The College Board Full timeTechnology Division, Cyber Security Operations Team 100% Remote (working EST) About the Team: The Cyber Security Operations team is critical to the strategic foundation of our products, most notably the secure delivery of our new Digital SAT and AP programs. We are a highly motivated group of cyber security experts who take a proactive approach to ensuring a...
-
Security Engineer
3 days ago
Lansing, United States The College Board Full timeTechnology Division, Cyber Security Operations Team 100% Remote (working EST) About the Team: The Cyber Security Operations team is critical to the strategic foundation of our products, most notably the secure delivery of our new Digital SAT and AP programs. We are a highly motivated group of cyber security experts who take a proactive approach to ensuring a...
-
Lansing, United States KSN Technologies, Inc. Full timeIT Security Analyst Lansing, MI Hybrid Locals to MI One Year Contract We are looking for candidates who can work on our W2. Top Skills & Years of Experience:6+ Years experience with IT security and auditing.EXPERT knowledge around NIST Controls and ability to perform risk assessments.Ability to coach/train other team members to help improve the process.Must...
-
Cyber Security Engineer
4 weeks ago
Lansing, United States Brooksource Full timeJob Description: As a Security Engineer specializing in SIEM (Security Information and Event Management) and Splunk, you will play a crucial role in safeguarding our organization's digital assets and ensuring the integrity of our IT infrastructure. Your primary responsibilities will revolve around managing and optimizing our SIEM platform, with a strong...
-
Cyber Security Engineer
2 days ago
Lansing, United States Brooksource Full timeJob Description: As a Security Engineer specializing in SIEM (Security Information and Event Management) and Splunk, you will play a crucial role in safeguarding our organization's digital assets and ensuring the integrity of our IT infrastructure. Your primary responsibilities will revolve around managing and optimizing our SIEM platform, with a strong...
-
Cyber Security Engineer
2 weeks ago
Lansing, United States Brooksource Full timeJob Description: As a Security Engineer specializing in SIEM (Security Information and Event Management) and Splunk, you will play a crucial role in safeguarding our organization's digital assets and ensuring the integrity of our IT infrastructure. Your primary responsibilities will revolve around managing and optimizing our SIEM platform, with a strong...
-
Cyber Security Engineer
4 weeks ago
Lansing, United States Brooksource Full timeJob Description: As a Security Engineer specializing in SIEM (Security Information and Event Management) and Splunk, you will play a crucial role in safeguarding our organization's digital assets and ensuring the integrity of our IT infrastructure. Your primary responsibilities will revolve around managing and optimizing our SIEM platform, with a strong...
-
IT Security Analyst 3
14 hours ago
Lansing, United States InterSources Inc. Full timeTop Skills & Years of Experience Required 3-5 years' experience for skills below: Knowledge of Cyber Security NIST 800-53 Follow the IT security technical architecture design methodology and best practices. External Vendor contact/Communication skills Microsoft SharePoint Microsoft Excel This position will function as a Compliance Specialist within...
-
IT Security Analyst
6 days ago
Lansing, United States Rose International Full time*Date Posted: * 04/23/2024 *Hiring Organization: * Rose International Position Number: 462794 *Job Title: * IT Security Analyst Job Location: Lansing, MI, USA, 48933 Work Model: Hybrid Shift: Hybrid Role with 2 days onsite from day 1 - Monday and Tuesday Employment Type: Temporary Estimated Duration (In months): 13 Min Hourly Rate($): 50.00 Max...
-
Lansing, MI
3 weeks ago
Lansing, United States Apex Systems Full timeJob#: 1367049 Job Description: Infrastructure Solutions ArchitectShort Job DescriptionPerforms duties of unusual significance or importance to the department. Makes recommendations in areas of expertise. Develops program goals and plans for implementation. Develops alternative strategies for programs based on analysis and research in an assigned specialty...
-
Information Security Manager
2 days ago
Lansing, United States Rolls-Royce Solutions America Full timeJob Functions: At Rolls-Royce, we see sustainability in the field of drive and energy solutions as both the biggest challenge and biggest opportunity of our time. That's why we have set targets to reach Net Zero by 2050. In our Power Systems division, we have set an even more aggressive target to reduce our CO2 emissions by 35% by 2030 (from 2019 levels). It...
-
Information Security Manager
2 weeks ago
Lansing, United States Ultium Cells Full timeUltium Cells, LLC. is a joint venture Lithium-ion automotive battery cell manufacturing plant between LG Energy Solution, Ltd., and General Motors. This high-technology plant is a new construction that will have the latest in battery cell manufacturing technology. This $2.3 billion investment will be among the largest battery cell manufacturing plants in the...
-
Information Security Manager
3 weeks ago
Lansing, United States Rolls-Royce Solutions America Full timeJob Functions: At Rolls-Royce, we see sustainability in the field of drive and energy solutions as both the biggest challenge and biggest opportunity of our time. That's why we have set targets to reach Net Zero by 2050. In our Power Systems division, we have set an even more aggressive target to reduce our CO2 emissions by 35% by 2030 (from 2019 levels). It...
-
Space Systems Engineer
7 days ago
Lansing, United States Deloitte Full timePosition Summary Are you looking to elevate your cyber career? Your technical skills? Your opportunity for growth? Deloitte’s Government and Public Services Cyber Practice (GPS Cyber Practice) is the place for you! Our GPS Cyber Practice helps organizations create a cyber minded culture and become stronger, faster, and more innovative. You will...
-
Space Systems Engineer
3 days ago
Lansing, United States Deloitte Full timePosition Summary Are you looking to elevate your cyber career? Your technical skills? Your opportunity for growth? Deloitte’s Government and Public Services Cyber Practice (GPS Cyber Practice) is the place for you! Our GPS Cyber Practice helps organizations create a cyber minded culture and become stronger, faster, and more innovative. You will...
-
Mgr-Information Security
3 days ago
Lansing, United States Marriott Full timeJob Number 24081565 Job Category Information Technology Location Marriott International HQ, 7750 Wisconsin Avenue, Bethesda, Maryland, United States Schedule Full-Time Located Remotely? Y Relocation? N Position Type Management JOB SUMMARY Seeking a proactive manager to lead threat hunting efforts, analyzing security logs and network traffic to...
-
Privacy and Security Analyst
6 days ago
Lansing, United States State of Michigan Full timeThe Office of Privacy and Security is responsible for policy development, system security access and security support for various applications/systems, executing Treasury's Privacy and Disclosure program and investigating security and privacy incidents. This position is responsible for executing the privacy and disclosure program requirements for the...
-
Software Architect
2 weeks ago
Lansing, United States Optomi Full timeSoftware Architect (Secret Clearance) Optomi, in partnership with a leader in content monetization platforms, is seeking an Software Architect to join a self-motivated team of engineers responsible for the development of cyber security software products for a family of ground combat vehicles. The function of this position is to design and lead the...