Start a Rewarding Career with Alliant What will your day look like?
You will be responsible for orchestrating the Information Security and Information Technology (IS/IT) Governance and Compliance program to meet the business objectives and needs of Alliant, our members, and teams. Work requires a broad background and experience in IS/IT Governance and Compliance with additional experience with IS/IT Risk Management an advantage. The incumbent matures the IS/IT governance and compliance program and partners with business and technology leads to identify, analyze, and facilitate decision-making and actioning on compliance issues and ensure organizational regulatory and audit readiness. The Senior Manager is responsible for providing key stakeholders and management timely and accurate reporting on the status of compliance, issues and projects.
Resources to do the job require sound and proven leadership ability, strong analytical skills, and technical expertise. In addition, this individual needs strong written and oral communication skills, as well as the ability to translate detailed, technical information into business objectives. The Senior Manager also contributes to the company Information Security strategy and roadmap. General direction is received from the Director - Governance, Risk Management, and Compliance (GRMC). Responsibilities Do you see yourself doing this?
Leadership and Performance Management Responsibilities:
- Develop and mature IS Governance and Compliance, practices, and procedures; operationalize and institutionalize processes.
- Manage and execute projects to ensure design of controls is aligned to compliance/regulatory requirements, including improving existing compliance/regulatory processes and controls.
- Lead the execution of compliance programs around FFIEC, NCUA, HIPAA, NIST, Privacy and GLBA.
- Partner with control owners and stakeholders to gather required document and address questions.
- Lead compliance assessments and data security governance reviews for internal applications and products as well as service providers utilizing established IT frameworks and assessment programs.
- Prepare, and present assessment findings to cross-functional teams such as product, security, application, sourcing, legal and compliance.
- Support timely remediation of regulatory and audit findings and recommendations.
- Lead an operating rhythm to report key metrics including status of assessments, issue management and key gaps in controls.
- Develop IT/S policies, standards, and procedures and work through the process to get them reviewed, approved and published. Ensure governing documents are aligned with organizational risk appetite, capabilities, and regulatory requirements. Lead training and awareness sessions to explain the requirements to others.
- Responsible for maintaining an IT/IS control library and controls life-cycle management process that meets the organizational and regulatory requirements.
- Participate in other security and audit compliance efforts.
- Interact with multiple cross functional teams to educate, train and address questions related to process, policies, controls and issue remediation.
- Stay current and utilize industry standards and best practices to drive improvements in overall security posture.
- Identify strengths and weaknesses in the security program as they relate to privacy, security, business resiliency and compliance frameworks.
- Ensure organizational regulatory and audit readiness and facilitate resolution of findings and recommendations.
- Partner with strategic vendors and manage relationship with key resources to ensure optimal service levels and work with procurement on contractual requirements.
- Bring visibility to existing organizational issues and drive accountability.
- Mature and formalize the IT Policy Exception process used to identify policy gaps associated with IT applications or projects.
- Lead GRMC-related projects or Information Security projects as needed.
- Lead team members toward achieving team goals including process improvement, continuous compliance improvement and anticipating and navigating roadblocks to achieve success.
- Deliver timely and concise communication, including developing and producing management reporting, illustrating compliance and issue status, tends, and remediation plans.
- Educate Business and IS/IT application owners by leading training session and focus session to demonstrate IS/IT governance and compliance processes and share industry trends.
- Ensure organization regulatory and audit readiness in regards to governance and compliance programs and facilitate resolution of any associated findings and recommendations.
- Manage and mature the Security Awareness training program including program metrics, incorporating lessons learned into process improvements, making program improvements, and reporting on program.
- Manage and improve the Information Security and sub-team SharePoint sites to communicate information to our Stakeholders.
- Perform other duties & responsibilities as assigned.
- Apply high performance management practices in leading an engaged workforce to effectively deliver the value of this function
- Develop and manage employee engagement strategy while facilitating ongoing, meaningful recognition of team and individual successes
- Demonstrate courage, ability and agility to understand and address organizational transition in real-time; establishing expectations for the unexpected.
- Translates strategic and operating plans into meaningful direction of projects, goals, priorities and activities
- Capture, analyze, and understand the internal environment, team dynamics, and talent capabilities to address organizational refinement, agility and growth.
- Champion Employee/Internal Customer Engagement, employee development and all cultural hallmarks through a strong leadership signature and a growing command of Alliant's leadership competencies.
- Provide a structured and consistent approach to ensure that individual development plans are in place, performance management is consistent, performance management process is respected and followed, and coaching and feedback are provided on a regular and dynamic basis.
- Work with your direct reports and help seek out growth opportunities for your reports; continually challenge reports to maximize their engagement and productivity.
- Help propagate messaging across the organization that fosters a broader knowledge of GRMC, promotes collaboration and influences constructive and positive change.
Adhere to and ensure compliance of all business transactions with policy and process of the Bank Secrecy Act. Ensure compliance with all applicable state and federal laws, company procedures and policies. Maintain integrity and ethics in all actions and conversations with or regarding credit union members and their accounts; complies with Privacy Act directives. Qualifications What makes you a great fit?
You'll be a great fit if in addition to the completion of a Bachelor's degree, required, Information Security or Compliance, Risk management, or Governance certifications preferred, and you have:
When you're happy, we're happy!
- 7+ years' experience leading others, including technical staff, and has a proven ability to develop, coach and motivate employees effectively.
- Minimum of 10 years of experience in IT Governance and Compliance.
- Experience in IT GRC required with demonstrated ability to effectively manage the entire IT governance and compliance program, including assurance, assessments, internal, external, and regulatory audits, issue remediation, and reporting.
- Knowledge on regulatory requirements and laws, including but not limited to, FFIEC, NCUA, SOX, GLBA, and Privacy and familiarity with ISO 27001/27002 or NIST is preferred.
- Demonstrates strong analytical skills.
- Exceptional written and verbal communication skills.
- Highly effective project management skills.
- Technical aptitude and ability to work collaboratively with a team.
- Ability to influence, negotiate and build strong partnerships.
- Detail oriented with good time management skills.
- Demonstrated ability to handle multiple assignments simultaneously in a time-bound schedule.
- Excellent organizational and follow up skills
- Effective stakeholder management skills.
- Expert problem solving and decision-making skills.
As a thank you for joining our team, you'll benefit from:
Still not convinced?
- Competitive medical, dental, and free vision benefits
- Competitive compensation plan
- Contributions towards gym memberships
- Generous PTO and banking holidays off
For more details you can also visit our Glassdoor and LinkedIn profiles.