AVP, Information Security Officer

Location:

BAYTREE HEADQUARTERS, 8045 North Wickham Road, Melbourne, FL 32940, USA.

At Space Coast Credit Union (SCCU), our members are at the heart of everything we do. Since 1951, we’ve been committed to delivering financial services founded on integrity and a people-first philosophy.

In this role, you will serve as the AVP, Information Security Officer at our Melbourne Headquarters. You will provide strategic leadership for the Credit Union’s Information Security Governance Program and serve as the second line of defense for information security risk management. Your focus will be on ensuring that security policies, frameworks, and controls are designed and maintained in alignment with regulatory requirements, industry standards, and the organization’s risk appetite.

You will oversee a team of security professionals, offering guidance, development, and oversight to strengthen the Credit Union’s overall security posture. Through collaboration, clear communication, and sound governance practices, you will help foster a strong and sustainable security culture across the organization.

• Member‑Focused Mission:
  Be part of a not-for-profit organization that reinvests in its members.
• Hybrid and Flexible Schedule Options:
  This position is Hybrid with 2 days per week required in office.
• Career Growth:
  We prioritize internal promotions and offer on-the-job training.

• Develop, maintain, and enhance the Credit Union’s information security governance framework in alignment with NIST, NCUA, and FFIEC guidelines.
• Establish and monitor security policies, standards, and procedures to ensure compliance with regulatory requirements and industry best practices.
• Provide regular updates to Executive Management, Risk Committees, and the Board on the Credit Union’s information security posture.
• Collaborate with IT, Risk, and Compliance teams to align security initiatives with business objectives.
• Oversee risk assessments, control testing, and assurance activities for Information Security.
• Identify, assess, and monitor information security risks across the Credit Union.
• Maintain and update the Information Security Risk Register and ensure alignment with enterprise risk appetite. Recommend risk treatment strategies and validate remediation plans for identified gaps.
• Provide independent oversight and challenge to 1st Line IT and business units regarding security controls and risk mitigation.
• Monitor and report on key risk indicators, vulnerabilities, and emerging threats to Executive Management and Risk Committees.
• Manage the development, oversight, and continuous improvement of the Credit Union’s Incident Response Program.
• Conduct periodic tabletop exercises to test the effectiveness of the IRP.
• Coordinate with legal counsel, Compliance, and internal stakeholders for any legal and/or regulatory notifications.

• Design and implement a comprehensive security awareness program for employees, contractors, and vendors.
• Promote a strong security culture through regular training, phishing simulations, and targeted campaigns.
• Measure and report on the effectiveness of awareness initiatives and cultural improvements.
• Stay current on emerging technologies, threats, and regulatory changes impacting information security.

• Manage and mentor a team of information security professionals, fostering a culture of accountability and continuous improvement.
• Develop staff capabilities through training, coaching, and performance management.

• Bachelor’s degree in Cybersecurity, Computer Science, Programming, or a similar field is preferred, or a combination of training, education, and experience may be considered. Experience working in a financial institution is preferred.
• 10 years’ experience in Information Security or related field. 3+ years’ demonstrated experience in building, developing, and managing high-performance teams.
• Experience in assessing and ensuring the effectiveness of an information security program.
• Advanced knowledge of industry standards adopted by ISO, NIST, COSO, FFIEC,…