Security Assurance Lead

Job Description

JOB INFORMATION

Title:

Security Assurance Lead

Officer Title:

Grade:

31

FLSA Classification:

Exempt

Date Last Edited:

2/13/2025

Reports To:

Director IT Assurance

Department:

IT Assurance

URL Link

https://hvfcu.jdxpert.com/ShowJob.aspx?EntityID=2&jobcode=1082

PRIMARY FUNCTION

The Security Assurance Lead role is crucial in ensuring that HVCU's information systems are secure and compliant with relevant regulations and standards. This position involves leading the initiative in evaluating, testing, and reporting on the effectiveness of IT general and cybersecurity controls.

This position requires a deep understanding of cybersecurity principles, risk management, IT governance, and regulatory requirements. The Security Assurance Lead will work closely with various departments, including IT, Risk, Compliance, Internal Audit, and Information Security to develop and maintain a comprehensive security testing and quality management strategy.

•

Build program to conduct thorough assessments of cybersecurity controls to ensure they are functioning as intended and effectively mitigating risks.

•

Collaborate on the oversight and execution of the annual Information Technology general and cybersecurity controls testing on an annual basis and provides reporting of its outcomes. Track audit/assessment recommendations/findings through to completion.

•

Responsible for the creation and governance of the security testing standards to be followed and adhered to by all HVCU staff.  Participate in the education and guidance of technology and business users on the importance of security testing.

•

Identify areas of improvement and provide recommendations to enhance the organization's cybersecurity posture.

•

Collaborate closely with 1st, 2nd and 3rd line security functions for the execution of IT general and cybersecurity controls testing.

•

Lead and provide guidance to third party providers to achieve assurance goals in a cost-effective manner.

•

Leverage third party automation solutions to enable speed and agility in meeting security testing needs.

•

Adhere to all Credit Union policies, procedures, and regulatory agency requirements. Participate in all required and recommended training and development including, but not limited to, Bank Secrecy Act training (BSA) and demonstrate attained knowledge. Participate on Credit Union teams, projects and strategic initiatives when the opportunity arises. Perform additional duties and special projects as assigned.

•

Embrace and apply HVCU’s guiding principles to all activities and responsibilities. This includes the Credit Union’s Mission, Vision, Core Values, Employee and Member Value Propositions, Sales and Service Model, and commitment to Lean Six Sigma practices. Support the Credit Union’s initiatives by demonstrating teamwork and professionalism.

•

Responsible for regular and predictable attendance including punctuality.

Bachelor’s Degree

 Cybersecurity, Information Technology, Computer Science, or related field.

X

Relevant certifications such as CISSP, CISM, CEH, CRISC

X

Minimum 5 Years

Work history in technology or security related field

X

Minimum 5 Years

Work history in a cybersecurity or related discipline

X

Work history in Credit Union or Financial Institution

X

Quality Assurance Testing Experience

X

•

Ability to multi-task and handle varying deadlines within a fast-paced work environment.

•

Ability to think and act strategically and proactively.

•

Advanced analytical skills and experience with Information technology and/or data analysis.

•

Proficiency in conducting security assessments and vulnerability testing

•

Knowledge of network security, application security, and cloud security

•

Ability to interpret and apply cybersecurity regulations and standards

•

Advanced verbal, written and presentation skills.

•

Attention to detail and a commitment to accuracy and thoroughness

PHYSICAL DEMANDS

Frequency

Physical Demand

Weight (lbs.)

Frequently

Sit for prolonged periods of time

Frequently

Required to communicate verbally

Frequently

Normal range of vision and hearing abilities required

Occasionally

Lift and/or move objects

20 lbs.

Occasionally

Travel outside of work location to attend meetings and training programs

Frequently

Required to skillfully operate a computer, telephone and other standard office equipment

WORK ENVIRONMENT

•

Typically the noise level in the work environment is low to moderate.

•

May experience occasional job stress in dealing with difficult situations and/or high volume.

•

High energy, high impact atmosphere.

•

There are no significant hazardous conditions.

View Competencies

Strategic Visioning

Takes a long-term view and builds a shared vision within the organization; acts as a catalyst for organizational change. Influences others to translate vision into action.

Level 3

1. Facilitates cross-boundary communication to surface and resolve issues proactively.  2. Leads the organization to develop and translate strategy into operational goals and priorities.  3. Modifies the organizational structure to address strategic leadership and talent needs.  4. Sees beyond short term commitments to a long-term competitive, sustainable position.  5. Stays in touch with the evolving needs and demands of the market and looks for trends and new ideas that might affect the organization.

Leadership

Leads people towards meeting the organization’s vision, mission, and goals. Provides an inclusive workplace that fosters diversity, development, teamwork and continuous improvement.

Level 3

1. Builds and manages workforce based on organizational goals and budgetary considerations. Drives ongoing workforce planning and succession to support future vision.    2. Develops networks and builds alliances; collaborates across boundaries to build strategic relationships and achieve common goals.  3. Looks towards the broadest possible view of an issue or challenge. Discusses multiple aspects and impacts of issues and projects them into the future.  4. Nurtures growth and development; promotes organizational learning within and across business units by providing challenging and stretching tasks and sharing key experiences.  5. Projects competence and composure. Communicates with credibility. Demonstrates situational- and self-awareness.

Service Excellence

Consistently incorporates Hudson Valley's member and employee value proposition, reinforcing organizational culture and brand differentiators.

Level 4

1. Champions culture, establishes clear organizational values, vision and strategy.   2. Creates the organization's business model and competitive position in the marketplace. Effectively communicates model to drive understanding and action throughout the organization.  3. Delivers upon the member value proposition by providing a product line that meets and exceeds expectations.  4. Enhances brand awareness by keeping messages focused and consistent with the business strategy. Leads through principled and consistent communications even when addressing difficult subjects.

Results Driven

Drives critical activities to completion. Meets organizational goals and customer expectations.

Level 3

1. Conducts ongoing organizational unit performance and risk analysis, recognizing strategic opportunities for success as well as potential risks. Adjusts strategies to address opportunities as well as potential risks to ensure attainment of business unit targets.  2. Evaluates organizational benefits and impacts of regulations. Creates standards and business processes to ensure regulatory compliance.  3. Leads organizational units to drive critical activities to completion. Demonstrates how units contribute to organizational results.  4. Sets operational productivity measures in terms consistent with business strategy. Defines responsibilities and processes for monitoring, communicating progress, and measuring results.

Resiliency

Adapts positively to changing environments in order to achieve business results.

Level 3

1. Encourages new ideas and innovations; designs and implements new or cutting edge programs/processes.  2. Establishes programs that result in continuous improvement through innovation and lean thinking.   3. Guides others to understand and accept change more readily. Directs team through ambiguity to ensure ongoing success.   4. Leads a continuous cycle of innovation that incorporates feedback and lean thinking to improve future initiatives.  5. Remains in touch with the evolving needs and demands of the market and looks for trends and new ideas that might affect the organization.

This job description is not designed to cover or contain a comprehensive listing of activities, duties, or responsibilities that are required of the employee in this position.  Additional functions and requirements may be assigned by supervisors as deemed appropriate, with or without notice.

Nothing contained in this material creates a contract of employment between an employee and Hudson Valley Credit Union or otherwise alters the at-will nature of the employment relationship.

Are you able to perform the essential functions listed in this job description with or without reasonable accommodation?  YES_______  NO_______

By signing below you certify that you have received this job description and understand the requirements, essential functions and duties of the position.  If you are currently employed in this position, your signature acknowledge that this job description accurately describes the position, including its essential functions.

Name:  _____________________________________________

Signature: _____________________________________________

Date:  _____________________________________________ 

Please also note that Hudson Valley Credit Union respects the religious beliefs and practices of employees and will, on request, reasonably accommodate its employees when a reasonable accommodation is available that does not create an undue hardship on the Credit Union’s business.  Therefore, unavailability for work due to religious observances or practices may not be a bar to employment.