Manager, Information Security Programs

company banner
Navy Federal Credit Union
IT, Security, Computer, ISO, CISSP
Full Time

Job Description

Job Description


You have goals, dreams, hobbies and things you're passionate about.

What's Important to You Is Important to Us
We're looking for people who not only want to do meaningful, challenging work, keep their skills sharp and move ahead, but who also take time for the things that matter to them-friends, family and passions. And we're looking for team members who are passionate about our mission-making a difference in military members' and their families' lives. Together, we can make it happen.

Don't take our word for it.
  • FORTUNE 100 Best Companies to Work For®
  • Computerworld® Best Places to Work in IT
  • FORTUNE® Best Workplaces for Millennials
  • Forbes® America's Best Employers

Basic Purpose

To plan, direct and manage the analysis and negotiation of Information Security contract terms to effectively protect information systems assets and enable safe implementation of Navy Federal processes, products and services with third party vendors. Provide subject matter expertise and guidance to senior management and functional areas related to third party information security and contract risk.


• Conduct expert level, high quality review of information security contract terms for complex and high visibility third party relationships
• Negotiate information security contract redlines, and make decisions on efficacy of mitigating controls, alternative language, and risks posed by vendor
• Identify, analyze, and quantify the information security risk exposure associated with third party contracts and relationships
• Partner with key stakeholders to plan and develop remediation plans to address outstanding contract gaps and
• Ensure compliance with all information security regulatory agency regulations and applicable federal, state, and local laws to minimize risk
• Report to senior Security management regarding Navy Federal's Information Security posture and risks related to third party contractual agreements
• Review Service Provider assessments performed on third parties with whom Navy Federal is considering doing
business, and existing third parties with an established working relationship to inform information security contractual requirements
• Collaborate and build relationships with Procurement and business units with established relationships with the
service provider; document and report on contract issues identified; communicate with stakeholders to determine if relationship should be pursued/continued
• Manage development and implementation of information system security policies, practices and standards
• Collaborate with leadership of other Information Security teams to ensure coordination and alignment with
Information Security's strategic direction.
• May perform supervisory/managerial responsibilities
o Ensure adequate/skilled staffing; select employees
o Establish performance goals and priorities
o Prepare, conduct, and review performance appraisals
o Develop, mentor and counsel staff
o Provide input and/or prepare budget requirements for Annual Financial Plan (AFP)
o Ensure section/branch goals and objectives align with division/department strategy
o Ensure efficiency of operations
• Performs other related duties as assigned


• Significant experience in vendor risk management and oversight
• Significant experience reviewing and negotiating information security contract terms
• Bachelor's degree in Computer Science, Information Security, related fields or equivalent experience
• Significant experience with information security processes, concepts, principles, and methodologies
• Significant experience in Security policy and procedure development
• Significant experience in vendor risk management and oversight
• Significant experience in performing Risk Assessments
• Significant experience in working with all levels of staff, management, stakeholders, vendors
• Advanced knowledge of NCUA,FFIEC, GLBA, ISO 27001/27002,SANS20, PCI DSS and other Information security
requirements and frameworks
• Advanced knowledge of at least one industry-leading risk management framework
• Effective skill in results-oriented leadership in a challenging environment
• Advanced skill building effective relationships through rapport, trust, diplomacy and tact
• Ability to translate complex information security topics and threats into easily understood terms that can be
incorporated into business requirements
• Advanced verbal and written skills
• Advanced organizational, planning and time management skills
• Advanced skill in producing desired results to achieve goals and objectives
• Advanced research, analysis and problem solving skills
• Effective skill in results-oriented leadership in a challenging environment
• Desired - Master's degree in Computer Science, Information Security, or related field
• Desired - Working knowledge of NFCU's mission, objectives, functions, and policies
• Desired - Working knowledge of information security risks and countermeasures
• Desired - Professional certification in the information security sector (CRISC, CISM, CISSP)

Hours: Monday - Friday, 8:00am - 4:30pm

Location: 820 Follin Lane, Vienna, VA 22180

As a COVID-19 safety measure, our employees must either provide proof of COVID-19 vaccination or follow additional safety protocols, including testing.

*Due to COVID-19 and social distancing, this position will be temporarily working from home with plans to return to campus at the desired location listed once Navy Federal is back to normal operations. The specific logistics for returning to campus will be determined at a future date by individual leadership*

Equal Employment Opportunity

Navy Federal values, celebrates, and enacts diversity in the workplace. Navy Federal takes affirmative action to employ and advance in employment qualified individuals with disabilities, disabled veterans, Armed Forces service medal veterans, recently separated veterans, and other protected veterans. EOE/AA/M/F/Veteran/Disability


Navy Federal reserves the right to fill this role at a higher/lower grade level based on business need. An assessment may be required to compete for this position.

Bank Secrecy Act

Remains cognizant of and adheres to Navy Federal policies and procedures, and regulations pertaining to the Bank Secrecy Act.

Employee Referrals

This position is eligible for the TalentQuest employee referral program. Please indicate the employee who referred you when applying.

Company Information

What started as a small group of naval employees with similar goals in 1933 has grown to include officers and enlisted men and women of all branches of the military, veterans, DoD employees and their family members. Today, we're proud to continue to serve the unique needs of our 10 million member-owners.

What inspired our founders still drives us today—as we see it, our members are the mission.

Dice Id : 10117743
Position Id : 6688923
Originally Posted : 7 months ago

Similar Positions at Navy Federal Credit Union