Chief Information Security Officer
Apply NowCompany: National Cooperative Business Association
Location: Arlington, VA 22204
Description:
Job Summary:
The Chief Information Security Officer (CISO) is responsible for leading NCB's information security program and developing a comprehensive information security strategy. This role requires a strategic thinker with a deep understanding of cybersecurity threats, risk management, and regulatory compliance, particularly within the banking sector. The CISO operates as a second-line risk function in our three lines of defense model and reports to the General Counsel, independent of the IT chain of command.
Key Responsibilities:
Minimum Qualifications:
AA/EOE
The Chief Information Security Officer (CISO) is responsible for leading NCB's information security program and developing a comprehensive information security strategy. This role requires a strategic thinker with a deep understanding of cybersecurity threats, risk management, and regulatory compliance, particularly within the banking sector. The CISO operates as a second-line risk function in our three lines of defense model and reports to the General Counsel, independent of the IT chain of command.
Key Responsibilities:
- Develop and execute an enterprise-wide information security strategy and program tailored to the needs of a $4 billion OCC regulated bank, including with respect to cybersecurity, resiliency, and incident response.
- Implement and maintain security policies, procedures, and controls to protect the bank's information assets and meet applicable banking and regulatory requirements.
- Oversee risk assessments, reviews, testing, and exercises to identify and manage risks, ensure compliance with policies, standards and regulations, and evaluate readiness and response capabilities, all with a view towards constant improvement of the program.
- Develop and implement a resiliency and incident response plans and programs and lead the Bank's response to security incidents, ensuring timely and effective resolution.
- Manage and develop the Information Security Team.
- Champion the integration of security elements into all aspects of the bank's operations with IT and other departments.
- Stay current with emerging cybersecurity threats and trends, and proactively adjust the security strategy as needed.
- Foster a security-conscious culture throughout the bank through managing and maintaining a security training and awareness program for employees at all levels.
- Serve as the primary point of contact for all information security-related matters, both internally and externally, including reporting to senior management, the Board of Directors, auditors, and regulators.
Minimum Qualifications:
- Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field, or equivalent experience. A master's degree is preferred for this position.
- Minimum of 10 years of experience in information security, with at least 4 years in a leadership role.
- Strong knowledge of cybersecurity frameworks, standards, and best practices, including cloud security and emerging technologies.
- Experience with risk management, business continuity planning (BCP), incident response, and regulatory compliance, particularly within the banking sector.
- Experience in developing and implementing information security policies and procedures.
- Proven track record in building and leading high-performing teams.
- Excellent communication and interpersonal skills, with the ability to convey complex security concepts to non-technical stakeholders effectively.
- Relevant certifications such as CISSP, CISM, or CISA are highly desirable, as is experience in the banking industry or a similar regulated sector.
AA/EOE