Senior Data Security Analyst

Job Description

JOB INFORMATION

Title:

Senior Data Security Analyst

Officer Title:

Grade:

28

FLSA Classification:

Exempt

Date Last Edited:

3/11/2026

Reports To:

Chief Information Security Officer

Department:

Cybersecurity Governance and Risk

URL Link

https://hvfcu.jdxpert.com/ShowJob.aspx?EntityID=2&jobcode=1241

PRIMARY FUNCTION

The Senior Data Security Analyst supports the CISO in ensuring that the credit union's data assets are protected throughout their lifecycle. This position bridges data governance and cybersecurity by monitoring controls for data classification, access, encryption, and retention.

The analyst evaluates data protection risks, supports regulatory compliance (GLBA, FFIEC, NCUA Part 748, NIST), and ensures that governance and security controls work together to safeguard member and institutional data. This role also partners with Information Security, IT, and business units to align security practices with the credit union's Information Security and Data Governance Programs.

•

Implement and monitor data protection controls including encryption, masking, and access management across databases, data warehouses, and file systems.

•

Assist in maintaining the data classification framework and ensuring consistent tagging and handling of sensitive data.

•

Evaluate and test logical access, data leakage prevention (DLP), and file transfer security controls.

•

Support the implementation of privacy and security-by-design principles within data workflows and business applications.

•

Participate in reviews of new technologies and vendors to assess data security posture and compliance with governance standards.

•

Collaborate with the CISO to ensure data protection requirements are embedded in governance policies, standards, and procedures.

•

Maintain awareness of regulatory requirements (GLBA, NCUA, NYDFS 500, CFPB) and assist in mapping controls to those requirements.

•

Support audit and regulatory reviews by providing documentation of data security controls, evidence of access reviews, and remediation actions.

•

Participate in risk assessments and contribute to data-related security incident investigations.

•

Partner with Data Stewards, Data Quality Analysts, and IT Security to remediate issues that impact data integrity or confidentiality.

•

Provide input for data governance dashboards and metrics related to data protection and compliance.

•

Assist in developing and maintaining procedures for secure data handling, retention, and disposal.

•

Support awareness efforts that promote secure data practices across departments.

•

Adhere to all Credit Union policies, procedures, and regulatory agency requirements. Participate in all required and recommended training and development including, but not limited to, Bank Secrecy Act training (BSA) and demonstrate attained knowledge. Participate on Credit Union teams, projects and strategic initiatives when the opportunity arises. Perform additional duties and special projects as assigned.

•

Embrace and apply HVCU’s guiding principles to all activities and responsibilities. This includes the Credit Union’s Mission, Vision, Core Values, Employee and Member Value Propositions, Sales and Service Model, and commitment to Lean Six Sigma practices. Support the Credit Union’s initiatives by demonstrating teamwork and professionalism.

•

Responsible for regular and predictable attendance including punctuality.

Bachelor’s Degree

Information Systems, Cybersecurity, or related field

X

• CISSP, CompTIA Security+, SSCP, CISA, CDMP, or equivalent data protection or security certification.

X

Minimum 5 Years

Work history in data security, governance, or information risk management field.

X

Minimum 1 Year

Work history in a financial institution or other regulated environment.

X

•

Understanding of data governance principles, metadata management, and data lifecycle management.

•

Strong analytical skills with attention to detail and accuracy.

•

Knowledge of data security tools, concepts, and practices, including encryption, data loss prevention, and access controls.

•

Familiarity with privacy and compliance requirements related to member data (GLBA, NIST, NCUA Part 748).

•

Ability to translate technical security issues into clear business language.

•

Excellent communication and documentation skills.

•

Proficiency in Excel and data visualization tools (Power BI, Tableau); SQL experience a plus.

•

Ability to collaborate effectively with business units, IT, and compliance partners.

•

Up-to-date knowledge of emerging trends in cybersecurity governance, risk management and compliance requirements.

•

Advanced analytical, problem-solving, and organizational skills.

•

Must be able to demonstrate working knowledge of finance and accounting concepts.

•

Advanced proficiency in Microsoft Office Software (Word, Excel, Outlook, PowerPoint, etc.)

•

Must have experience with the application of computer software models.

•

Must be able to learn new software products.

•

Advanced verbal, written and presentation skills.

•

Must be able to demonstrate advanced analytical, communication and interpersonal skills.

•

Ability to effectively communicate with Senior Management.

•

Ability to work in a fast-paced environment and deal with a variety of internal/external customer and vendor situations.

PHYSICAL DEMANDS

Frequency

Physical Demand

Weight (lbs.)

Frequently

Sit for prolonged periods of time

Frequently

Required to communicate verbally

Frequently

Normal range of vision and hearing abilities required

Occasionally

Lift and/or move objects

30

Occasionally

Travel outside of work location to attend meetings and training programs

Frequently

Required to skillfully operate a computer, telephone and other standard office equipment

WORK ENVIRONMENT

•

Typically the noise level in the work environment is low to moderate.

•

May experience occasional job stress in dealing with difficult situations and/or high volume.

•

May experience occasional job stress in response to job demands.

•

High energy, high impact atmosphere.

•

There are no significant hazardous conditions.

View Competencies

Service Excellence

Consistently incorporates Hudson Valley's member and employee value proposition, reinforcing organizational culture and brand differentiators.

Level 1

1. Anticipates and meets the needs of both internal and external customers. Delivers high quality service and is committed to continuous improvement.  2. Consults with management on modifying business processes to enhance service delivery. Monitors own work to ensure quality and apply feedback to improve performance.  3. Integrates core values into the way work is done and how relationships are conducted.  4. Possesses knowledge of customer service concepts and techniques; ability to meet or exceed customer needs and expectations and provide excellent service in a direct or indirect manner.  5. Tailors communications based on others’ needs, motivations and agendas.

Work Standards

Sets high standards of performance for self and others; assumes responsibility and accountability for successfully completing assignments or tasks.

Level 3

1.  Coaches others to develop effective techniques for producing expected results.  2. Confirms achievement and acceptance of results to ensure process closure.  3. Escalates unusual findings that could have an impact on future process cycles.  4. Mobilizes group to anticipate likely results expected in future process cycles.  5. Recognizes significant results in ways that sustain employee motivation to achieve.  6. Sets critical work standards and expectations for a group or unit.

Flexibility and Adaptability

Adapts as needed; knowledge of successful approaches, tools, and techniques for dealing with changes and adapting to a changing environment.

Level 3

1. Helps others adapt to changing environments and accept new situations.  2. Identifies and elevates process improvements.  3. Leverages prior experience as a help towards handling changing situations.  4. Makes progress in an atmosphere of ambiguity and uncertainty.  5. Recovers from disappointments and setbacks.  6. Works effectively with unstructured teams, situations, or environments.

Information Security Audits

Knowledge of and the ability to utilize tools and techniques for assessing the effectiveness of information security measures, identifying potential risk exposures, and protecting the availability, confidentiality and audit trails of information from destruction or manipulation.

Level 2

1. Assists in conducting, documenting and following-up on security audits.

2. Provides inventory reports on information, software and physical assets.

3. Monitors compliance to security checklists and documents checklist exceptions.

4. Participates in documenting audit standards/procedures that are unique to a line of business.

5. Documents deficiencies and corrective plans, appropriately following up on their resolution in a timely manner.

Analytical Thinking

Knowledge of techniques and tools that promote effective analysis and the ability to determine the root cause of organizational problems and create alternative solutions that resolve the problems in the best interest of the business.

Level 3

1. Chooses among a diverse set of analytical tools according to the nature of the situation.

2. Identifies many possible causes for a problem based on prior experience and current research.

3. Quantifies the costs, benefits, risks and chances for success before recommending a course of action.

4. Seeks discrepancies and inconsistencies in available information; explains variances.

5. Organizes and prioritizes the sequence of steps to be taken to remedy the situation.

6. Approaches a complex problem by breaking it down into its component parts.

This job description is not designed to cover or contain a comprehensive listing of activities, duties, or responsibilities that are required of the employee in this position.  Additional functions and requirements may be assigned by supervisors as deemed appropriate, with or without notice.

Nothing contained in this material creates a contract of employment between an employee and Hudson Valley Federal Credit Union or otherwise alters the at-will nature of the employment relationship.

Are you able to perform the essential functions listed in this job description with or without reasonable accommodation?  YES_______  NO_______

By signing below you certify that you have received this job description and understand the requirements, essential functions and duties of the position.  If you are currently employed in this position, your signature acknowledge that this job description accurately describes the position, including its essential functions.

Name:  _____________________________________________

Signature: _____________________________________________

Date:  _____________________________________________ 

Please also note that Hudson Valley Federal Credit Union respects the religious beliefs and practices of employees and will, on request, reasonably accommodate its employees when a reasonable accommodation is available that does not create an undue hardship on the Credit Union’s business.  Therefore, unavailability for work due to religious observances or practices may not be a bar to employment.