YOUR LIFE'S MISSION: POSSIBLE
You have goals, dreams, hobbies and things you’re passionate about.
What’s Important to You Is Important to Us
We’re looking for people who not only want to do meaningful, challenging work, keep their skills sharp and move ahead, but who also take time for the things that matter to them—friends, family and passions. And we're looking for team members who are passionate about our mission—making a difference in military members' and their families' lives. Together, we can make it happen.
Don’t take our word for it.
The Information Security Services Lead is a critical role in the transformation of Information Security to ensure organization-wide understanding and accountability for the protection of our data and resiliency of our systems. Infosec Services Leads will serve as key points of contact for initiatives and business units to aid in implementing security controls in distinct functions and aspects of Navy Federal business operations. In doing so, the InfoSec Security Services Lead is an advocate for building a culture of security across the enterprise.
Partnership and Communication
• Work with business units to ensure cyber security-related requirements and funds are included in strategic initiatives.
• Drive cyber security specific strategic initiatives through assigned business unit areas.
• Ensure business unit awareness of and compliance with ISG/Security-related instructions and standards
• Develop security policies/standards/procedures specific to assigned business unit area.
• Assist with ensuring adherence to information security policies, standards and procedures. Advise on alternatives, such as compensating controls, to resolve issues and exceptions.
• Advise on issues management activities for issues relating to information security (audit, NCUA, self-identified, etc.)
• Facilitate and serve as business unit subject matter expert regarding Information Security Governance.
• Participate, as appropriate, in supporting the appropriate and necessary security events in the project lifecycle.
• As applicable, articulate implications of risks and issues to business owners, assist with security exceptions.
• Consult with business unit on compliance with internal Information security policies and standards as well as externally-driven information security regulations.
• Participate in Information Security Governance-related councils and working groups, as appropriate.
Qualifications and Education Requirements:
Education and Awareness
• Promote organizational cybersecurity and information security awareness activities and implement security awareness concepts locally, customizing communications to be suitable for the business.
• Ensure business unit teams understand security standards and are aware of changes or updates to security standards.
• Lead/facilitate security-based training that is specific to business unit.
Minimum Knowledge & Skills Required:
• Bachelor's degree required (or equivalent military and/or work experience)
• Seven years minimum experience in cybersecurity, information security, and/or information technology or related field
• Possess a working knowledge of the activities within the lines of business; experience in the financial industry preferred with knowledge of industry standards (FFIEC, NCUA, PCI DSS)
• High level of communication and interpersonal skills to interact with leaders at multiple levels and facilitate team interactions
• Ability to present and give talks, facilitate workshops and discussions, and create compelling and engaging presentations to an array of audiences
• Strong understanding of risk management and regulatory requirements pertaining to information security, privacy and/or data protection
• In-depth understanding of industry standards (ISO, NIST, COBIT, COSO, ITIL)
• Experience managing a team, directly or indirectly; project management experience highly desired
• Ability to manage multiple complex priorities and competing agendas without express authority over teams
• Ability to interpret and apply policies and regulations across a large, complex business
• Analytical aptitude with an emphasis on using an inquiry-based approach, methodical critical questioning and logical thinking; ability to identify and report on key metrics
• Advanced skills with MS-Windows and other related PC applications
Desired Qualifications and Education Requirements:
• Mastery of industry knowledge: CISSP, CISM,
• Mastery of industry standards as shown by certifications: (ISACA, NIST, COBIT, COSO, ITIL)
• Experience (and preferably certification) in agile methods and ways of working
Hours: Monday - Friday, 8:00am - 4:30pm
Location: 820 Follin Lane, Vienna, VA 22180
Equal Employment Opportunity
Navy Federal values, celebrates, and enacts diversity in the workplace. Navy Federal takes affirmative action to employ and advance in employment qualified individuals with disabilities, disabled veterans, Armed Forces service medal veterans, recently separated veterans, and other protected veterans. EOE/AA/M/F/Veteran/Disability
Navy Federal reserves the right to fill this role at a higher/lower grade level based on business need. An assessment may be required to compete for this position.
Bank Secrecy Act
Remains cognizant of and adheres to Navy Federal policies and procedures, and regulations pertaining to the Bank Secrecy Act.