Apply for this job now

Principal Information Security Governance & Risk Management (Security Risk Assessment) - AO

Pensacola, Florida
Job Type
14 Jul 2022

You have goals, dreams, hobbies and things youre passionate about.

Whats Important to You Is Important to UsWere looking for people who not only want to do meaningful, challenging work, keep their skills sharp and move ahead, but who also take time for the things that matter to themfriends, family and passions. And we're looking for team members who are passionate about our missionmaking a difference in military members' and their families' lives. Together, we can make it happen.

Dont take our word for it.

Military Times 2021 Best for Vets Employers WayUp Top 100 Internship Programs Forbes 2021 The Best Employers for New Grads Forbes America's Best Employers Newsweek Top 100 Most Loved Workplaces 2021 People Companies that Care Fortune Best Workplaces for Women Fortune 100 Best Companies to Work For Fortune Best Workplaces for Millennials Computerworld Best Places to Work in IT

Basic Purpose

The Security Risk Assessment Principal supports Navy Federal Credit Unions (NFCU) Security Department in effectively managing the 1st Line of Defense internal control environment through the execution of the Risk Control Self-Assessment (RCSA) program. In collaboration with business process owners the lead role proactively builds and maintains process maps and risk and control matrices to identify, assess, monitor, update and report out operational risks. This role includes effective partnership with risk partners and process owners within the Security Department and throughout the enterprise as RCSAs are coordinated, facilitated, completed and reviewed. The Principal will also partner with Control Testing and Issue and Event Management functions within the 1st Line Security Governance and Risk Management line of business.Responsibilities: Develop and manage a program that proactively identifies and assesses new business initiatives to ensure the associated risks have been appropriately identified and the corresponding control environment is strong, in advance of the initiative going live. Partner with stakeholders, including process owners and control officers, to document processes (via process flows), risks and controls, enhance control language, and assist to develop/maintain test scripts that validate controls are being performed in compliance with policies, standards, procedures, and other requirements to mitigate security-related risks (i.e., information security, fraud, physical security, BSA-AML, and sanctions compliance) Support the execution of front line controls, self-assurance, and risk assessment activities (ad-hoc controls review, business process management (BPM), risk control self-assessment (RCSA), and independent risk and audit activities as directed Provide ongoing assessment of Securitys risk profile through regular monitoring and status reporting of risks, issues, events and initiatives within core processes Support iterative review and challenge of assessment results, working with appropriate stakeholders across the lines of defense Perform and facilitate the collection, review and assimilation of RCSA assessment data and reporting into concise and meaningful reports Assess exposure to risk, measure operational risk against ERM frameworks, assist establishing policies and procedures to minimize risk, identify ways to protect the organization from data loss and reputational damage Coordinate efforts with Securitys Issues and Events Management and Control Testing functions, to continually update control effectiveness and residual risk rating of Securitys business processes as needed Support implementation for change management needs with appropriate personnel within the Division and/or across divisional lines Monitor and oversee the progress of risk assessments; address and resolve complex issues Assist with Operational Risk event remediation efforts when needed Serve as a subject matter expert with internal and external auditors (e.g., NCUA, CFPB, and contracted third parties) to address and resolve audit questions and findings relative to core process risk management Support the testing of control design and the testing of control effectiveness for assigned areas as needed Identify areas of improvement in existing process, methodology, and policies. Identify gaps and recommend enhancements. Drive, adopt and enforce best practices in report templates and tools Coordinate required meetings, reviews and scheduling needs Perform other duties as assigned Qualifications and Education Requirements:Required: Degree in Business Administration, Economics, Mathematics, Computer Science, Engineering, Auditing, Law or related field or equivalent combination of training, education and experience Advanced knowledge and understanding of risk-based auditing techniques and methodologies Advanced knowledge of operational risk controls, concepts and practices and/or Information Security specific frameworks Proven experience working within cross-functional, multi-dimensional teams and projects of complexity which have business risk and impact Proven ability to plan, organize and effectively execute risk mitigation and process improvement initiatives Advanced organizational, planning and time management skills in order to multi-task competing priorities in a fast paced and dynamic environment Ability to comprehend, analyze, interpret, communicate and apply government and financial industry regulations related principles and practices, and company instructions, procedures and policies Ability to work independently and in a team environment Effective analytical and complex thinking skills to include summarizing information and clearly identifying key elements, patterns results or relationships Significant experience in collaborating across organizational boundaries and building partnerships across various functionsDesired Qualifications and Education Requirements: Working knowledge of Navy Federals products, services, programs policies and procedures ORM, CISA, CISSM, CSPO, CDSPE certifications Lean Six Sigma Black Belt or equivalent process mapping experience Advanced knowledge of state and Federal laws; industry regulations, principles, and practices; and company policies that govern the business units products/servicesHours: Monday - Friday, 8:00AM - 4:30PMLocation: 820 Follin Lane, Vienna VA Heritage Oaks Dr Pensacola, FL Security Dr. Winchester, VA 22602 RemoteSalary: $95,600 - $163,500Navy Federal Credit Union assesses market data to establish salary ranges that enable us to remain competitive. You are paid within the salary range, based on your experience, location and market position. Navy Federal is now hybrid! Our standard enterprise requirement for a hybrid schedule is to report onsite 4-16 days each month. The number of days reporting onsite will ultimately be determined by the employee's leadership and business unit needs. You will learn more throughout the hiring and onboarding process.

Equal Employment Opportunity

Navy Federal values, celebrates, and enacts diversity in the workplace. Navy Federal takes affirmative action to employ and advance in employment qualified individuals with disabilities, disabled veterans, Armed Forces service medal veterans, recently separated veterans, and other protected veterans. EOE/AA/M/F/Veteran/DisabilityCOVID-19 Vaccine InformationAs a COVID-19 safety measure, our employees must either provide proof of COVID-19 vaccination or follow additional safety protocols, including testing.DisclaimerNavy Federal reserves the right to fill this role at a higher/lower grade level based on business need. An assessment may be required to compete for this position.Bank Secrecy ActRemains cognizant of and adheres to Navy Federal policies and procedures, and regulations pertaining to the Bank Secrecy Act.Employee ReferralsThis position is eligible for the TalentQuest employee referral program. If an employee referred you for this job, please apply using the system-generated link that was sent to you.


Apply for this job now


  • Job Reference: 658159880-2
  • Date Posted: 14 July 2022
  • Recruiter: Navy Federal Credit Union
  • Location: Pensacola, Florida
  • Salary: On Application
  • Sector: Government & Defence
  • Job Type: Permanent