VP of Risk Management & CISO
|Employment Type:||Full Time|
|Employer:||Hudson River Community Credit Union|
|Description:||The VP of Risk Management and CISO is responsible for the organizations ERM, information security, vendor due diligence, security and compliance programs. Development and implementation of an Enterprise Risk Management Program inclusive of risk assessment design and completion, board reporting dashboard and staff training plan is their responsibility as well. This senior manager is responsible to assess, communicate and to work with managers to mitigate risk across the organization. |
|Duties:||Manage the development and implementation of security strategies for the credit unions computer data and systems. Work with experts and Chief Information Officer to enhance our Information Security and Cyber Security Programs. Track penetration and vulnerability testing results and mitigation of risks. Ensure appropriate staff training for programs.|
Develop and implement an Enterprise Risk Management Program. Develop and maintain risk assessments, risk metrics, fraud monitoring and appropriate internal controls.
Enhance and Maintain a compliance program. Establish and maintain an ongoing compliance training program for all staff Provide compliance review and comments on new products and product changes.
Manage subordinate staff, train, direct and evaluate performance.
Develop and manage the Vendor Due Diligence program. Test and report on vendor control considerations compliance. Report vendor status and test results to the CEO quarterly and certify vendor compliance annually.
Develop and maintain the Physical Security and Disaster Recovery Program. Test and report on program compliance to the CEO annually.
|Qualifications:||Experience: Seven years to ten years of similar or related experience. |
Education: Masters Degree in Enterprise Risk Management, Management Information Systems or related field. CISSP Certification preferred.
Interpersonal Skills: The ability to motivate or influence others is a material part of the job, requiring a significant level of diplomacy and trust. Obtaining cooperation (internally and/or externally) is an important part of the job.
Other Skills: Strong supervisory, leadership, written and verbal communications.
Must have an in depth understanding of and ability to interpret regulations affecting all financial services as well as extensive knowledge of regulatory, fraud, audit theory and business trends.
Must have a solid understanding of regulations and laws pertaining to financial services, credit union regulations, payment system infrastructure and audit theory and practice.
Advanced knowledge of a broad range of systems, platforms, interfaces, protocols, network administration tools, servers, IT security products and applications.
Able to work in a fast paced environment and be able to adapt to change .