Director, Information Security - Risk & Compliance

Tysons Corner , Virginia
Aug 07, 2017
Aug 28, 2017
Executive, Director
Full Time

PenFed is hiring a Director of Information Security - Risk & Compliance in our headquarters office located in McLean, VA. This individual is accountable for the creation, implementation and management of the company-wide information security program including enterprise Information Security risk reporting, Information Security policy development and maintenance, design of security policy education, training, and awareness activities, monitoring compliance with company security policy and applicable laws.


Essential Functions

Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. This is not intended to be an all-inclusive list of job duties and the position will perform other duties as assigned

    Manage third-party risk, business continuity risk, and IT operational risk. Establish and managing controls inventories and performing controls effectiveness reviews. Lead organization’s Compliance with Vulnerability Management Program efforts. Manage security compliance staff and provides leadership to support PenFed requirements. Lead organization’s communications, reporting, observation tracking and remediation activities to address internal audit, outside audit (NCUA, GLBA, etc.) and related enhancements to improve overall IT Security compliance and operations. Establish key performance indicators and proactively reports to Sr. VP, IT Security on performance of IT Security compliance activities and metrics. Maintain IT Security compliance programs in accordance with credit union industry regulations and requirements. Lead organization’s IT security awareness training program activities and coordination with appropriate business and operational units. Prepare reports and performance metrics for IT Security compliance to senior management, regulators, and Board of Directors. Provide expert-level analysis of alternatives, design and implementation plans and recommendations supported by strong research skills and provided through strong communication skills.  Supervise and review updates to information security policies, architectures, standards, and/or other technical documents. Stay abreast of latest industry developments in the information security area. Represent the organization’s security compliance interests in all matters: with partners, suppliers, industry associations, and government entities to ensure the bi-directional flow of technical information and best practices in the area of information security. Collaborate closely with other departments to ensure that information security compliance and risk requirements are met.

Education and Experience

    Master’s Degree and/or Bachelor’s Degree in Computer Science or equivalent in related field preferred. 10+ years of relevant Information Security management experience. Experience in the management of security control capabilities within large, complex financial services organization. Solid working knowledge of understanding of key security controls (Access Control, Encryptions, etc.) Ability to communicate effectively and influence Business and IT leadership, staff, and other stakeholders, company-wide, to implement security recommendations. Ability to establish and develop effective, trusting relationships with internal business units, together with a proven knowledge of the methods necessary to assess information security within a large organization. Experience in formal risk assessment and risk management practice. Strong familiarity with information security, risk management, and IT government standards and frameworks (e.g. NIST 800-53, NIST Cyber Security Framework, ISO 27000, ISO31000, etc.)

Supervisory Responsibility

6 Est. Direct Staff / 10 Est. Full Staff

    This position will directly supervise employees.

Licenses and Certifications


Work Environment

While performing the duties of this job, the employee is regularly exposed to an indoor office setting with moderate noise.

* Most roles require working in an office setting with moderate noise and the ability to lift 25 pounds.*



Limited travel to various worksites is required.


About Us

Founded in 1935, and still growing, we began as the War Department Federal Credit Union.  Today, PenFed is one of the country’s strongest and most stable financial institutions with over 1.5 million members and over $21 billion in assets.  We serve members in all 50 states and the District of Columbia, as well as on military bases in Guam, Puerto Rico and Okinawa. 

Our mission isn’t simply to help our members get by. We exist to help them realize every ounce of their potential. We exist to educate, and to encourage. We exist to usher their dreams into the land of reality.

We provide our employees with a lucrative benefits package including robust medical, dental and vision plan options, plenty of paid time off, 401k with employer match, on-site fitness facilities at our larger locations, and more.

Equal Employment Opportunity

PenFed will maintain and observe personnel policies which will prohibit discrimination or harassment against a person because of race, color, creed, age, sex, gender, religion, national origin, ancestry, genetic information, military or veteran status or obligation, the presence of a physical and/or mental disability and all other statuses protected by applicable state or local law in all recruiting, hiring, training, compensation, overtime, position classifications, work assignments, facilities, promotions, transfers, employee treatment, and in all other terms and conditions of employment.  PenFed will also prohibit retaliation against individuals for raising a complaint of discrimination or harassment or participating in an investigation of same.

PenFed will also reasonably accommodate qualified individuals with a disability so that they can apply for a job or perform the essential functions of a job unless doing so causes a direct threat to these individuals or others in the workplace and the threat cannot be eliminated by reasonable accommodation or if the accommodation creates an undue hardship to PenFed. Contact human resources (HR) with any questions or requests for accommodation at 703-838-1568.

Similar jobs