Logo
PenFed Credit Union

Director, Tech & Cyber Audit

PenFed Credit Union, Mc Lean, Virginia, us, 22107


Overview

Are you looking to take your career from good to great? As an employee of PenFed, every day is an opportunity to thrive, and be part of a team working to ensure our organization is providing world-class service to our members, employees, and our communities. We exist to help our members realize their full potential, educate and encourage their dreams, and make every effort to follow our mission and help our members “do better.” Joining PenFed is more than being an employee; it’s about being a part of the PenFed family.PenFed is hiring a (Hybrid) Director, Tech & Cyber Audit at our Tysons, Virginia location. The primary purpose of this job is to lead the technology and cyber audit portfolio for PenFed’s Internal Audit department. The role is a leadership position responsible for the development and execution of a risk-based audit plan that addresses the significant risks relevant to the assigned departments. The role is responsible for developing/maintaining strong relationships with assigned business partners to obtain an understanding of the risks facing the credit union and stay aware of new developments impacting the business. Additionally, the role will be responsible for leading, directing, evaluating, and developing audit professionals to ensure audit activities are conducted to high standards of accuracy, rigor, and credibility and according to regulations and industry standards.Responsibilities

Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. This is not intended to be an all-inclusive list of job duties and the position will perform other duties as assigned.In conjunction with the Senior Vice President (SVP), develop and execute a comprehensive audit plan for the assigned departments that addresses key regulatory requirements, relevant emerging trends and mitigates potential risk. Areas of audit responsibility include technology areas such as system development, incident management, IT asset management, change management and cyber areas such as data security, security operations, vulnerability management, and identity and access management.Monitor the assigned audit universe for changing risks and identify and address audit coverage requirements.Develop and deliver the risk-based annual Cyber and Technology audit plan by forecasting audit hours and balancing staffing requirements, due dates, and stakeholder availability.Provide oversight in the audit plan execution through proactively and independently reviewing and providing audit teams guidance on audit scope, risk and controls, testing procedures, and formulating audit results.Support Internal Audit’s strategic direction by proactively monitoring emerging cyber threats and the changing regulatory environment and understand the impact to PenFed’s operations.Direct and lead technology related audits within the assigned portfolio; business integrated audits and targeted audits focused on platform initiatives across assigned portfolios.Develop the audit team through on-the-job training, real-time feedback, and coaching for career development and audit performance.Effectively communicate complex audit reporting and implications to various levels of management both oral and written.Coordinate with the SVP to prepare and deliver materials and responses for regulators.Assist the SVP with executing and evolving department strategy and governance.Demonstrate commitment to professional growth by assuming progressively more challenging assignments (in-line with standard audit career progression), proactively seeking relevant education and training opportunities, and expanding professional network.Qualifications

An equivalent combination of education and experience is considered.Bachelor's degree required. Business Administration, Cybersecurity, Computer Science, Information Technology, or related degree strongly preferred.Minimum of twelve (12) years of experience assessing the risk of and/or auditing information technology and cyber required.Minimum of five (5) years of direct management experienceDemonstrated ability to manage the cybersecurity and tech audit portfolio independently with minimal supervision, delivering high quality, timely audit reporting and analysis.Strong background in cybersecurity assessments including applying risk management principles to a cybersecurity environment and leveraging cybersecurity frameworks (i.e. ISO/IEC 62443, NIST CSF, NIST 800 series).Prior experience working in the financial services industry strongly preferred.Strong knowledge of regulatory requirements, industry standards, cybersecurity policies, standards, procedures and controls, security strategies and roadmaps, and cybersecurity organization design and implementation.Proven leadership skills with the ability to motivate and lead a team of professionals.Demonstrated knowledge of and ability to apply auditing standards to a financial services environment. Including the ability to effectively perform root cause analysis.Prior experience developing and delivering written and oral communications to senior level executives and regulators.Strong project management skills, with the ability to proactively prioritize and manage multiple initiatives and deadlines.High ethical standards and a commitment to integrity in all aspects of work.Supervisory Responsibility

This position will supervise employees.Licenses and Certifications

CISA, CISSP, CIA, CPA or other relevant professional designation (required)Work Environment

While performing the duties of this job, the employee is regularly exposed to an indoor office setting with moderate noise.*Most roles require working in an office setting with moderate noise and the ability to lift 25 pounds.*Travel

The ability to travel to various worksites and be on-call may be required.About Us

Established in 1935, PenFed today is one of the country’s strongest and most stable financial institutions with over 2.8 million members and over $36 billion in assets. We serve members in all 50 states and the District of Columbia, as well as in Guam, Puerto Rico and Okinawa. We are federally insured by NCUA and we are an Equal Housing Lender. We are available to members worldwide, via the web, seven days a week, twenty-four hours a day.We provide our employees with a lucrative benefits package including robust medical, dental and vision plan options, plenty of paid time off, 401k with employer match, on-site fitness facilities at our larger locations, and more.Equal Employment Opportunity

PenFed management will maintain and observe personnel policies which will not discriminate or permit harassment or retaliation against a person because of race, color, creed, age, sex, gender, gender identity, gender expression, religion, national origin, ancestry, marital status, military or veteran status or obligation, the presence of a physical and/or mental disability or medical condition, genetic information, sexual orientation, and all statuses protected by applicable state or local law in all recruiting, hiring, training, compensation, overtime, position classifications, work assignments, facilities, promotions, transfers, employee treatment, and in all other terms and conditions of employment. PenFed will also prohibit retaliation against individuals for raising a complaint of discrimination or harassment or participating in an investigation of same.PenFed will also reasonably accommodate qualified individuals with a disability so that they can apply for a job or perform the essential functions of a job unless doing so causes a direct threat to these individuals or others in the workplace and the threat cannot be eliminated by reasonable accommodation or if the accommodation creates an undue hardship to PenFed. Contact human resources (HR) with any questions or requests for accommodation at 402-639-8568.

#J-18808-Ljbffr