This range is provided by LHH. Your actual pay will be based on your skills and experience — talk with your recruiter to learn more.

Executive Technical Recruiter at LHH, a Forbes 2024 "America's Best" global talent solutions firm.

LHH is seeking an experienced VP of Information Security to join our client's team in Alameda County, CA. This is a full-time, direct hire.

The Vice President, Information Security Officer, under the guidance of the Chief Risk Officer, coordinates closely with the Risk Management team. This role is a thought leader in information and cyber security, establishing and monitoring the credit union's information strategy to protect company and member assets. As a senior leader, the VP collaborates with management and department leaders to recommend security investments that mitigate risks, strengthen defenses, and reduce vulnerabilities.

Responsibilities

• Lead the technology risk strategy and provide guidance to technology partners.
• Develop and maintain cybersecurity risk assessment frameworks and methodologies.
• Partner with operational teams to provide guidance and oversight.
• Establish and enforce cybersecurity policies, standards, and guidelines.
• Conduct independent audits of cybersecurity processes and controls.
• Develop key risk indicators, dashboards, and reports to measure and monitor risks.
• Provide oversight during cybersecurity incidents to ensure proper response and recovery.
• Oversee evaluations of third-party vendors to ensure alignment with organizational standards.
• Support risk training and education regarding the enterprise risk framework.
• Maintain awareness of emerging information security threats and provide expertise to executive management.
• Facilitate audits and examinations by regulatory agencies and create risk mitigation plans.
• Work with business units to facilitate IT risk analysis and management processes.
• Communicate security-related concepts to a broad range of technical and non-technical staff.
• Maintain effective working relationships with corporate and business unit stakeholders.
• Stay updated on the threat environment and comply with all applicable laws and regulations.

Qualifications

• B.S. Degree in Computer Science, Management Information Systems, or a related field.
• 15 years of progressively responsible experience in information security or equivalent.
• 7+ years of Financial Services experience.
• 7+ years of experience in Technology Risk Management, IT Audit, or similar functions.
• Experience with compliance standards, privacy laws, and financial regulations.
• Information security certification required: CISM, CISSP.
• Extensive experience in information security risk assessments and vendor risk assessments.
• Understanding of information security regulations and standards (NCUA, GLBA, CCPA, PCI, FFIEC, NIST 800 / ISO 27000).
• Experience in a regulated environment and responding to regulators and auditors.
• Strong skills in network architecture design and network infrastructure technologies.
• Excellent communication skills, both verbal and written.
• Ability to lead effectively in high-pressure, time-constrained environments.
• Ability to operate standard business machines and tolerate long periods of sitting.
• Occasional business travel required.

Seniority level

• Executive

Employment type

• Full-time

Job function

• Information Technology
• Banking