Division Lead Data Protection Manager

Location: VA Vienna - Headquarters Full/Part Time: Full-Time Regular/Temporary: Regular

Job Description


You have goals, dreams, hobbies and things you’re passionate about.

What’s Important to You Is Important to Us
We’re looking for people who not only want to do meaningful, challenging work, keep their skills sharp and move ahead, but who also take time for the things that matter to them—friends, family and passions. And we're looking for team members who are passionate about our mission—making a difference in military members' and their families' lives. Together, we can make it happen.

Don’t take our word for it.

  • FORTUNE 100 Best Companies to Work For®
  • Computerworld® Best Places to Work in IT
  • FORTUNE® Best Workplaces for Millennials
  • Forbes® America’s Best Employers
  • PEOPLE® Companies That Care


Basic Purpose

To develop, implement, and oversee Navy Federal’s due diligence on Data Protection, it is proposed that an Information Security Officer for Data Protection be created. This function works to enable processes related to data handling, governance, and protection on behalf of Security.  Said processes will work across the enterprise and with ISD for data handling and protection optimization, business understanding for data protection, and successful cross-functional engagement.  Working across all Security areas, this role also supports special projects across Security leadership and works to promote organizational communication, process maturity, resiliency, and member protection.


Strategy & Leadership
• Execute and/or support the execution of Security strategic and operational priorities
• Work across teams in Security to identify areas for process improvement and increased efficiencies in data handling, protection, and privacy
• Serve as liaison on behalf of Security and relate matters of relevance to leadership and support the preparation and execution of department/division special projects related to data protection
• Work with ISD leadership and other ISD teams to ensure cohesive understanding of leading practices for data protection, handling, privacy, and governance
• Drive Security strategic initiatives throughout the enterprise to cultivate and promote a culture of security
• Collaborate across ISD and Security, working (with colleagues) to strengthen capabilities and elevate maturity and capabilities across and within teams on data protection

• Work across the enterprise ensuring Security-related requirements for data protection, handling, and privacy and related controls are included in projects, operations, and strategic initiatives
• Coordinate with appropriate stakeholders to clarify and align data-related instructions, standards, and classification
• Clarify implications of Security policies/standards/procedures for business audience with regard to data protection and handling
• Assist with ensuring adherence to Security policies, standards and procedures on data handling and protection; advise on alternatives, such as compensating controls, to resolve issues and exceptions when necessary
• Advise on issues management activities for issues relating to data protection, handling, and controls in response to audit needs (audit, NCUA, CFPB, etc.)
• Facilitate and serve as business unit subject matter expert regarding Security data protection and governance to business unit leadership
• As applicable, articulate implications of risks and issues related to data management and protection to sponsors and risk owners and, if necessary, assist with Security exceptions or issue management
• Consult where needed on compliance with internal Security instructions and standards as well as externally-driven Security regulations to serve as a resource on data protection, handling, and privacy controls
• Participate in Security-related special projects, councils, working groups, etc. as appropriate
• Perform other duties as assigned

Qualifications and Education Requirements:

• Bachelor's degree in Information Systems, Computer Science, Engineering, or related field, or the equivalent combination of education, training and experience
• Working knowledge of NCUA and FFIEC regulations, NIST CSF, GLBA, PCI and other Security requirements and frameworks
• Working knowledge of at least one industry-leading risk management framework (e.g. OCTAVE, COSO, COBIT etc.)
• Working knowledge of at least one data protection and/or privacy framework (e.g. DMM, DMBOK, NIST Privacy Framework)
• Experience in risk mitigation, strategic planning, and management of personnel
• Advanced knowledge of information technology systems, project processes, and application development
• Advanced organizational, planning and time management skills
• Advanced research, analytical, and problem solving skills
• Advanced skill developing and implementing programs in a leadership role
• Advanced skill building effective relationships with all levels of staff, management, stakeholders, and vendors, through rapport, trust, diplomacy and tact
• Significant experience working with internal audit and external examiners
• Significant experience collaborating across organizational boundaries and building partnerships across functions
• Effective skill to influence, negotiate and persuade to reach agreeable exchange and positive outcomes
• Advanced skill exercising initiative and using good judgment to make sound decisions
• Advanced verbal, written, interpersonal, and presentation skills to communicate clearly and concisely technical and non-technical information to all levels of management

Desired Qualifications and Education Requirements:

• Graduate education in Information Systems, Computer Science, Engineering, or related field
• Professional or planned date for certification in the information security or sector
• Professional certification in Data Management and/or in services/process maturity (e.g., DMM, CMMI, etc.)
• Knowledge of Navy Federal Credit Union instructions, standards, and procedures

Hours: Monday - Friday, 8:00am - 5:00pm

Location: 820 Follin Lane, Vienna, VA 22180

Equal Employment Opportunity

Navy Federal values, celebrates, and enacts diversity in the workplace.  Navy Federal takes affirmative action to employ and advance in employment qualified individuals with disabilities, disabled veterans, Armed Forces service medal veterans, recently separated veterans, and other protected veterans.  EOE/AA/M/F/Veteran/Disability


Navy Federal reserves the right to fill this role at a higher/lower grade level based on business need.

Bank Secrecy Act

Remains cognizant of and adheres to Navy Federal policies and procedures, and regulations pertaining to the Bank Secrecy Act.