VP, Cyber Assurance & Defense
Broadview Federal Credit Union · Albany, NY · 1 mo ago
Engineering$200k–$250k/yrFull-time
Summary of Role
The Vice President of Cyber Assurance and Defense is responsible for designing, operating, and maturing a comprehensive, risk-based cyber assurance and defense program for a complex, highly regulated financial institution.
Cyber Assurance & Defense Leadership
- Provide oversight of the Cyber Assurance & Defense function (includes Cyber Defense and Identity Governance)
- Defensive security monitoring and detection
- Offensive security (penetration testing, red/purple teaming)
- Digital forensics and investigations
- Identity and Access governance (IAG)
- Act as the technical security expert, independently validating initiatives/project situations, security control design, effectiveness, and sustainability
Program Maturity & Continuous Improvement
- Design and execute a multi-year cybersecurity maturity roadmap addressing:
- Vulnerability and exposure management
- Security architecture and technical design reviews
- Security tool rationalization and roadmap planning
- Early warning detection capabilities using SIEM and UEBA
- Deception technologies and advanced detection engineering
- Mature security capabilities from ad-hoc to defined, repeatable, and measurable, with regulator defensible documentation and evidence
Cyber Defense, Detection & Incident Response (IR)
- Enhance and oversee the Cybersecurity Incident Response Team (CIRT) program
- Maintain updated IR plans, playbooks, and runbooks to align with evolving threats
- Define roles and escalation paths
- Executive and regulator communication standards
- Tabletop exercises and live simulations
- Oversee forensic investigations involving:
- Endpoint, network, cloud, and SaaS platforms
- Insider threat activity
- Credential misuse and account compromise
- Ensure lessons learned are operationalized into control improvements
Identity & Access Governance (IAG)
- Architect and lead a centralized enterprise IAG program
- Encourage Role Based Access Control (RBAC) least privilege enforcement
- Segregation of duties (SoD)
- Privileged Access Management (PAM)
- Assess, select, and implement user access governance platforms appropriate for financial services scale and risk
- Centralize access risk decisions based on application criticality, data sensitivity, and regulatory impact
Risk Identification, Assessment & Reporting
- Identify emerging cyber threats and systemic risks impacting:
- Core banking systems
- Cloud (AWS) and SaaS platforms (Microsoft 365)
- Digital channels and member facing technologies
- Translate technical findings into clear risk statements with prioritized remediation recommendations
- Develop cyber risk metrics, KRIs, and dashboards to:
- Inform senior leadership and board committees
- Optimize investment decisions
- Demonstrate risk reduction over time
Technology, Cloud & Secure Engineering Advisement
- Review and challenge technology controls across are required:
- Network and infrastructure
- Cloud (AWS IaaS/PaaS)
- SaaS (Salesforce Shield, Microsoft 365 E5)
- DevSecOps pipelines and CI/CD tooling
- Ensure security is embedded in (security by design):
- System acquisitions
- Projects and initiatives
- Software development lifecycles
- Change and release management
- Provide guidance on secure AI usage, automation, and emerging technologies
People Leadership & Executive Partnership
- Build, lead, and mentor a team of highly technical cybersecurity practitioners capable of:
- Threat modeling and attack simulation
- Detection engineering
- Forensic analysis
- Technology and security control validation
- Serve as a trusted advisor to leadership and peers
- Communicate complex security concepts clearly to both technical and non-technical stakeholders
Minimum Job Qualifications
- 15+ years of progressive, hands-on technical information security experience in financial services or similarly regulated industries
- Ability to deliver risk-focused recommendations balancing cost and benefit
- 5+ years at a VP level or equivalent senior leadership role managing enterprise-scale cybersecurity programs
- 10+ years leading highly technical security teams, including direct involvement in:
- Forensic investigations
- Ethical hacking / penetration testing
- SIEM/SOC operations and threat analysis
- Incidence response
- ED/EXR
- Security tool implementations
- Experience operating under FFIEC, NCUA, CFPB, NYS DFS Cybersecurity, GLBA, PCI and regulatory scrutiny
- Technical Expertise (Required)
- Network, endpoint, and application security
- Cryptography, key management, and data protection
- Cloud security (AWS IaaS/PaaS)
- SaaS security controls
Technical Expertise (Preferred)
- CISSP
- CEH
- AWS Security
- GICSP
- OSCP
Starting Compensation
$200,000-$250,000, plus a competitive benefits package.