Assistant Vice President, Business Information Security Officer

Overview

The AVP of Business Information Security Officers (BISO Leader) will serve as a critical bridge between the centralized cybersecurity organization and the business units across the enterprise. This senior leader will oversee a team of BISOs aligned to various lines of business, ensuring that security strategies are tailored, understood, and embedded into business operations. The role requires a seasoned security professional with deep business acumen, excellent stakeholder management skills, a strong understanding of Cyber and IT, and experience operating in a complex, regulated financial environment.

This position is eligible for the TalentQuest employee referral program. If an employee referred you for this job, please apply using the system-generated link that was sent to you.

Responsibilities

• Lead and manage the network of Business Information Security Officers (BISOs) across all lines of business
• Act as the primary interface between the CISO organization and business unit leadership and risk teams to ensure alignment on security priorities, risks and compliance
• Develop and drive federated BISO program that empowers decentralized decision-making while maintaining centralized governance and standards
• Translate enterprise security strategy and polices into actionable roadmaps for business units
• Guide BISOs in identifying, assessing, and mitigating information security risks within their respective business areas
• Ensure BISOs support secure product development, technology deployments, and digital transformation initiatives
• Report business unit-specific security postures, risks, and KPIs to executive leadership
• Collaborate with enterprise risk, compliance, legal, audit, and IT teams to support integrated risk management
• Lead regular reviews with business and security stakeholders to track progress, surface issues and escalate risks as needed
• Foster a culture of security awareness, accountability, and partnership throughout the organization
• Perform supervisory/managerial responsibilities
  • Ensure adequate/skilled staffing; select employees
  • Establish performance goals and priorities
  • Prepare, conduct, and review performance appraisals
  • Develop, mentor and counsel staff
  • Provide input and/or prepare budget requirements for Annual Financial Plan (AFP)
  • Ensure section/branch goals and objectives align with division/department strategy
  • Ensure efficiency of operations
• Perform other duties as assigned

Qualifications

• Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field or the equivalent combination of education, training, and experience
• 10+ years of experience in information security, IT risk management, or a related field
• Experience in Information Security leadership roles to include delegation, coaching, and mentoring skills and the ability to make sound long and short-term business decisions
• Strong understanding of security frameworks and regulatory requirements in the financial industry
• Mastery of industry standards as shown by certifications: (ISO, NIST, COBIT, COSO, ITIL)
• Advanced knowledge of federal and state laws, rules and regulations governing information security requirements, frameworks, privacy, and data protection (e.g., FFIEC, NCUA, CFPB, GLBA, etc.)
• Experience with transforming Information Security strategies in partnership with the business with ability to effectively apply risk principles to challenging business situations
• Experience with information security concepts, principles, technologies, and methods, and translating best practices in information security to operations in a risk management framework
• Working knowledge of activities within common lines of business (e.g., HR, Finance, Legal, etc.)
• Ability to translate business strategy into information security strategy, programs, and initiatives, then lead the execution of the programs
• Ability to present and facilitate workshops and discussions, and create compelling and engaging presentations to an array of audiences
• Experience in agile methods and ways of working; Six Sigma or process analysis and/or change management strategies in order to influence and assist organizational change initiatives
• Ability to manage multiple, complex priorities and competing agendas
• Ability to interpret and apply policies and regulations across large, complex business lines
• Ability to analyze and interpret business metrics and information security analytics to develop action plans and ensure successful implementation
• Proven experience in a consultative capacity to senior business leaders, shaping strategy, goals and alignment to the enterprise information security program

Desired Qualifications

• Master's degree in Computer Science, Information Technology, Cybersecurity, or a related field or the equivalent combination of education, training, and experience
• Experience in the financial industry preferred with knowledge of industry standards (FFIEC, GLBA, NCUA, PCI DSS)
• Mastery of industry knowledge: CISM, - CISSP, CIPP/US, SSCP Certifications and other security certifications preferred
• Advanced knowledge of the relationships between Security divisions and the BISO model
• Advanced knowledge of Navy Federal's functions, philosophy, operations and organizational objectives and security practices, processes, and interdependencies across NFCU and third parties

Hours: Monday - Friday, 8:00AM - 4:30PM

Location: 820 Follin Lane, Vienna, VA 22180 | 5510 Heritage Oaks Drive, Pensacola, FL 32526 | 141 Security Drive, Winchester, VA 22602

About Us
Navy Federal provides much more than a job. We provide a meaningful career experience, including a culture that is energized, engaged and committed; and fierce appreciation for our teams, who are rewarded with highly competitive pay and generous benefits and perks.

Our approach to careers is simple yet powerful: Make our mission your passion.

Best Companies for Latinos to Work for 2024

Computerworld Best Places to Work in IT

Forbes 2024 America's Best Large Employers

Forbes 2024 America's Best Employers for New Grads

Forbes 2024 America's Best Employers for Tech Workers

Fortune Best Workplaces for Millennials 2024

Fortune Best Workplaces for Women 2024

Fortune 100 Best Companies to Work For 2024

Military Times 2024 Best for Vets Employers

Newsweek Most Loved Workplaces

2024 PEOPLE Companies That Care

Ripplematch Recruiting Choice Award

Yello and WayUp Top 100 Internship Programs

From Fortune . 2024 Fortune Media IP Limited. All rights reserved. Used under license. Fortune and Fortune Media IP Limited are not affiliated with, and do not endorse products or services of, Navy Federal Credit Union.

Equal Employment Opportunity: All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected Veteran.

Hybrid Workplace: Navy Federal Credit Union is a hybrid workplace, and details will be discussed during your interview process.

Disclaimers: Navy Federal reserves the right to fill this role at a higher/lower grade level based on business need. An assessment may be required to compete for this position. Job postings are subject to close early or extend out longer than the anticipated closing date at the hiring team's discretion based on qualified applicant volume. Navy Federal Credit Union assesses market data to establish salary ranges that enable us to remain competitive. You are paid within the salary range, based on your experience, location and market position

Bank Secrecy Act: Remains cognizant of and adheres to Navy Federal policies and procedures, and regulations pertaining to the Bank Secrecy Act.