Information Security Officer

Navy Federal Credit Union Vienna , VA 22181

Posted 2 months ago


Job Description

Employee Perks

Why You Will Love Being Part of the Navy Federal Team:

  • Competitive compensation with opportunities for annual raises, promotions, and bonus potential

  • Best-in-Class Benefits! (7% 401k match / Pension plan / Tuition reimbursement / Great insurance options)

  • On-site amenities include fitness center, wellness center, cafeteria, etc. at Pensacola, FL; Vienna, VA and Winchester, VA campuses

  • Consistently Awarded Top Workplace

  • Nationally recognized training department by TRAINING Magazine

  • An employee-focused, diverse, and service-oriented workplace environment

Basic Purpose

To plan, manage, and implement functions in support of Navy Federal's Information Security Program, including information security control enforcement, cybersecurity awareness, and security enablement across assigned Navy Federal business unit(s). Serve as an information security subject matter expert (SME) available to the business to foster alignment.


  • Partner with business units to enable business goals while ensuring cyber security-related requirements and controls are included in projects and strategic initiatives

  • Drive Information Security risk mitigation strategic initiatives through assigned business unit(s)

  • Ensure that security is built in at every level for all data initiatives as per best practice

  • Ensure business unit awareness of Information Security policies, procedures and standards

  • Monitor and assure compliance with federal, state and local laws bearing on unauthorized access to member information and information security; provide recommendations/alternatives, such as compensating controls to resolve security issues and exceptions

  • Participate in supporting appropriate security events in the project lifecycle

  • Articulate implications of security risks and related issues to business unit leadership; assist with security exceptions

  • Consult with business units regarding compliance with internal Information Security procedures, instructions, and standards as well as externally-driven security regulations

  • Review internal business units initiatives to determine risk analysis opportunities and provide guidance for information classification and protection

  • Participate in Information Security Governance related councils and working groups, as appropriate

  • Coordinate and promote cybersecurity and information security awareness activities and implement security awareness concepts customizing communications to be suitable for the business unit

  • Meet regularly with business unit leadership to ensure consistent communication

  • Monitor and analyze changes to applicable federal and state laws, rules and regulations; develop and execute action plans for implementation/dissemination

  • Contribute to a culture of collaboration by actively working across business lines, communicating knowledge, and business processes to other business units

  • Maintain current knowledge of industry best practices/frameworks to drive continuous improvements in information security

  • Lead and/or facilitate information security training that is tailored to the business unit

  • Perform other duties as assigned

Qualifications and Education Requirements:

  • Bachelor's degree in Cybersecurity, Information Security, Information Technology, or related field, or the equivalent combination of education, training and experience

  • Advanced knowledge of federal and state laws, rules and regulations governing information security requirements, frameworks, privacy and data protection (e.g., FFIEC, NCUA, CFPB, GLBA, etc.)

  • Significant experience in risk mitigation with proven ability to effectively apply risk principles to challenging business situations, preferably in a large financial institution

  • Significant experience with information security concepts, principles, technologies, and methods, and translating best practices in information security to operations in a risk management framework

  • Advanced knowledge of industry standards (e.g., ISO, NIST, COBIT, COSO, ITIL, etc.)

  • Advanced knowledge of computer hardware/software technologies, and security tools

  • Advanced skill facilitating discussions and creating and delivering compelling and engaging presentations to a variety of audiences

  • Advanced skill developing and maintaining collaborative relationships with all levels of leadership, staff and vendors

  • Effective skill in project management to include establishing and leading project teams; managing timelines/deadlines/resources; ensuring successful project implementation

  • Advanced skill managing multiple complex priorities and competing agendas without express authority over teams

  • Significant experience collaborating across organizational boundaries and building partnerships across functions

  • Advanced skill exercising initiative and using good judgment to make sound decisions

  • Advanced skill presenting findings, conclusions, alternatives and information clearly and concisely

  • Advanced skill to influence, negotiate and persuade to reach agreeable exchange and positive outcomes

  • Ability to interpret and apply policies and regulations across a large, complex business

  • Advanced analytical, planning, organizational, and problem solving skills

  • Advanced skill using MS-Windows and other related PC applications

  • Expert verbal, interpersonal and written communication skills

Desired Qualifications and

Education Requirements:
  • Master's degree in Cybersecurity, Information Security, Information Technology, or related field
  • CISSP, CIPP/US, SSCP, Certifications

Hours: Monday

  • Friday, 8:00am

  • 4:30pm

Location: 820 Follin Lane SE, Vienna, VA 22180

Equal Employment Opportunity

Navy Federal values, celebrates, and enacts diversity in the workplace. Navy Federal takes affirmative action to employ and advance in employment qualified individuals with disabilities, disabled veterans, Armed Forces service medal veterans, recently separated veterans, and other protected veterans. EOE/AA/M/F/Veteran/Disability


Navy Federal reserves the right to fill this role at a higher/lower grade level based on business need.

Bank Secrecy Act

Remains cognizant of and adheres to Navy Federal policies and procedures, and regulations pertaining to the Bank Secrecy Act.

icon no score

See how you match
to the job

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Information Systems Security Officer (Isso)

Jacobs Engineering

Posted 6 days ago

VIEW JOBS 2/12/2020 12:00:00 AM 2020-05-12T00:00 Jacobs is currently seeking an Information Systems Security Officer (ISSO) to work onsite in Arlington, VA. Duties include: As the Information System Security Officer (ISSO), you shall help lead a team that provides expert technical assistance services during the integrated planning, management and execution of a Federal Civilian contract and their cybersecurity mission. The candidate shall have and maintain technical expertise in cybersecurity and provide technical assistance that will contribute to and expand the client's security operations capabilities. The client organization requires this support to facilitate its efforts to accomplish the strategic mission, objectives and goals across its divisions, branches, and functional groups. The ISSO will be responsible for system security planning, system/application compliance testing, project management, tracking and remediating findings, and maintaining and continuous improvement of documentation for communications web applications and the incident response team's equipment and other activities under SOW. The ISSO must be an expert at developing strategic-level plans and have strong knowledge and experience in cybersecurity information technology and security applications. Candidate must possess knowledge of, or ability to: * Serve as an Information System Security Officer (ISSO); and * Understanding of several of the following: o business security practices and procedures; o current security tools available; o hardware/software security implementation; o different communication protocols; o encryption techniques/ tools. * Familiarity with several of the following: o commercial products; o current lab infrastructure technology; o CND policies, procedures, and regulations; o Defense-in-depth principles and network security architecture; o Boundary protection and enclaving; o Authentication and access management technologies. * 7 years information security management experience with a High school diploma; or a Bachelor's degree from an accredited college or university in Information Management, Cybersecurity, Computer Science, or related discipline, and with 5 years of information security management experience. * Must have experience in and be proficient in the following: o Provides support to plan, coordinate, and implement the lab's information security o Provides support for facilitating and helping the lab identify its current security infrastructure and define future programs, design and implementation of security related to lab systems. o Assists the efforts of security staff to design, develop, engineer and implement solutions to security requirements o Responsible for the implementation and development of the DHS IT security. o Gathers and organizes technical information about the lab's mission goals and needs, existing security products, and ongoing programs. o Performs risk analyses which also includes risk assessment. o Provides support to plan, coordinate, and implement the lab's information security. o Provides support for facilitating and helping the lab identify its current security infrastructure and define future programs, design and implementation of security related to lab systems. o Possesses and applies expertise on multiple complex work assignments which are broad in nature, requiring originality and innovation in determining how to accomplish tasks. o Has the ability to apply a comprehensive knowledge across key tasks and high impact assignments. o Plans and leads major technology assignments. o Evaluates performance results and recommends major changes affecting short-term project growth and success. o Functions as a technical expert across multiple project assignments. o Assists with technical/management leadership on major tasks or technology assignments. o Establishes goals and plans that meet project objectives. o Has domain and expert technical knowledge. o Assists in direction and control activities, having overall responsibility for security management, methods, and staffing to ensure that technical requirements are met. o Interactions involving client negotiations and interfacing with senior management. o Supports decision making and domain knowledge that may have a critical impact on overall project implementation * Must have Active DOD Secret Clearance Preferred Qualifications: * ISC2 CISSP * ISACA's CISM * High energy, patient, creative, curious, unconventional, and ability to be adaptive. * Strong desire and ability to learn and experiment with new technologies. * Must be able to work independently as well as in a team environment. Essential Functions: Physical Requirements: Most work will be done at a desk or computer. Work Environment: General Office environment. The work environment is fast-paced and sometimes involves extreme deadline pressures. The nature of the work requires a high degree of teamwork and cooperation with other members of the staff as well as individuals across the Company and Customers. Multiple tasks & duties will need to be accomplished without any single duty falling behind or becoming neglected. Must effectively communicate and be communicated with by other team members. Must be able to represent and speak to current group efforts at any given time. Equipment & Machines: General office equipment including PC/laptop, Fax, Copiers, Shredder, Printers, Telephone, and other miscellaneous office equipment. Attendance: Attendance is critical at all times. Must be able to work a 40-hour workweek, normally Monday through Friday. However, times and days may vary depending on business requirements. Needs to be available to work overtime during critical peaks and be available to meet last minute requests for overtime should the situation occur. Other Essential Functions: Must be able to communicate effectively both verbally and in writing Grooming and dress must be appropriate for the position and must not impose a safety risk/hazard to the employee or others. Must put forward a professional behavior that enhances productivity and promotes teamwork and cooperation. Must be able to interface with individuals at all levels of the organization both verbally and in writing. Must be well-organized with the ability to coordinate and prioritize multiple tasks simultaneously. Must work well under pressure to meet deadline requirements. Must be willing to travel as needed. Must take and pass a drug test and background check as well as a motor vehicle records check. Must be a US citizen. #cjpost #LI-LR1 Jacobs Engineering Vienna VA

Information Security Officer

Navy Federal Credit Union