VP Cyber Security Threat & Vulnerability Management

If you are motivated and believe in the credit union philosophy of "People Helping People," join our team!

Position Overview:

SECU is seeking a highly motivated and experienced senior leader for the Vice President, Cyber Security Threat & Vulnerability Mgmt to strategically lead four security programs including Cyber Threat Intelligence (CTI), Offensive Security Testing, Vulnerability Management, and Application Security programs. As an experienced senior strategic leader and self-starter, with direct experience in these programs, you will be responsible for the strategic planning, leadership, delivery, and tactical support of these critical security functions.

In this leadership position, you will mature and direct multiple teams of cyber security analysts, cybersecurity engineers, and third parties driving a risk-based approach to analyzing cyber threat intelligence and proactively identifying and responding to vulnerabilities based on the evolving threat landscape. Your primary focus will be to prioritize remediation efforts with urgency, reduce risk exposure and threat dwell time, influence Application owners in security best practice, and mature our overall security posture by leading offensive security strategies to ensure control and response team effectiveness. These responsibilities include overseeing static and dynamic code analysis, penetration testing, red and purple team exercises, and ensuring the effective remediation and validation of identified security gaps.

This leadership role demands exceptional verbal and written communication skills, strong strategic collaboration abilities, a proven track record of developing both team and technical capabilities, and the ability to forge strong partnerships across the Credit Union.

Essential Responsibilities:

• (20%) Strategically lead and direct the Application Security, Cyber Threat Intelligence, Vulnerability Management, and Offensive Security assurance testing programs.
• (20 %) Build, develop, and manage a high-performing team of cybersecurity analysts and cybersecurity engineers.
• (20 %) Establish and drive a risk-based approach to vulnerability management and threat intelligence for effective prioritization and remediation.
• (15%) Lead the offensive security strategy, including advanced testing methodologies, to identify and address security weaknesses.
• (15 %) Ensure the effective remediation and validation of identified security vulnerabilities and gaps.
• (10 %) Develop strong cross-functional partnerships and provide clear, risk-based reporting to stakeholders.

Required Education & Experience (Knowledge, Skills, & Abilities):

• Bachelor’s degree and 7 years of direct experience with at least 1 year of experience in a leadership role. Must have Information technology and/or financial Institution or related field experience.
• 7 years required of combined security work experience with broad exposure to Cyber Threat Intelligence and Vulnerability Management.
• Expertise in vulnerability management, bringing assertive expert leadership and guidance to teams in patching and vulnerability remediation.
• Experience with vulnerability scanning and reporting solutions
• Experience with various Cyber Threat Intelligence service providers and capabilities.
• Strong experience in Application Security including Application development and analysis, SAST, DAST, and Secure Development Practices and OWASP. 

Preferred Education & Experience (Knowledge, Skills, & Abilities):

• Bachelor’s degree in computer science, Information Systems or at least 7yrs of experience in related field.
• Knowledge of modern enterprise and security architectures, their challenges, common approaches to overcome their challenges, and their inherent security strengths and weaknesses.
• Professional certifications such as: CISSP, CISA, CISM, GIAC, CGEIT, CRISC, OSCE, or other relevant industry certification and/or desire to obtain such certifications.

Job Environment & Physical Requirements:

• Hybrid work environment; 2 days on location in Raleigh, NC
• Able to work all hours scheduled, including unscheduled overtime as directed by manager/supervisor and required by business need.

SECU provides equal employment opportunity to all qualified persons regardless of race, color, religion, age, sex, sexual orientation, gender identity, national origin, genetic information, disability, veteran status, or other classification protected by law.

Disclaimer

State Employees' Credit Union reserves the right to fill this role at a higher/lower level based on business need.