Overview

　　To conduct Information Security contract oversight and reviews, and support negotiation of information security terms and obligations in contracts with a variety of third parties presenting security risks to Navy Federal. Ensure that appropriate contractual obligations are in place with third parties who present information security risk to Navy Federal. Apply skills and job knowledge in area of specialization and adapts procedures, operations, techniques, tools, materials, and/or equipment to meet needs of area of specialization. Act as primary point of contact for contract review requests and quickly process intakes.

　　Responsibilities

　　Draft, review, interpret, and advise on information security contract language for third parties including: data safeguards; audit rights; data and asset use; change control management; network security; threat management; application security; encryption, hashing, and data masking; access control; authentication measures; security breaches; data location, storage, and destruction; and sub-contracting risks

　　Process and record requests for assistance, organize document libraries, and ensure requests are handled within acceptable service level agreements (SLAs)

　　Identify and propose means of reducing business unit exposure to information security and contract risks

　　Gain knowledge of information security best practices and industry trends and apply them to contract reviews and negotiations

　　Identify ineffective, inadequate, or absent third-party information security contract language and quantify the risk to Navy Federal

　　Perform high quality contract reviews and communicate results to contract stakeholders and leadership

　　Lead Agile/scrum activities supporting the delivery of program enhancements and execution of special projects

　　Build and maintain strong relationships with team members, leadership, Procurement, key business unit stakeholders, and third parties

　　Provide support to peer analysts for consultation and questions on technical controls and third-party oversight

　　Qualifications

　　Bachelor's degree in Information Systems, Computer Science, Engineering, or related field, or the equivalent combination of education, training, and experience

　　Advanced organizational skills and experience with scrum and agile methodology (e.g experience with Azure DevOps, SharePoint, Power BI, etc.)

　　Solid hands-on experience with contract review, interpretation, and drafting

　　Familiarity with third party risk management and/or information security topics

　　Advanced organizational skills and attention to detail

　　Strong verbal and written communication and presentation skills

　　Demonstrated project management skills

　　Advanced research, analytical, critical and problem-solving skills

　　Advanced skill in interpreting regulations, instructions, procedures, and policies

　　Advanced skill analyzing and organizing problems or work processes for technical solutions

　　Desired Qualifications:

　　Juris Doctor or Bachelor’s degree in Information Security, Cyber Security, Information Technology, or related field

　　Knowledge regarding IT, networking, cloud services, and other technically complex topics.

　　Knowledge of NCUA and FFIEC regulations, NIST guidance, GLBA, PCI and other information security requirements and frameworks

　　Experience with Agile methodology or Kanban board ticketing and tracking

　　Advanced knowledge of Navy Federal's functions, philosophy, operations and organizational objectives

　　Professional Information Security certification (CISSP, CISA, CISM, CRISC)

　　Hours: Monday - Friday, 8:00AM - 4:30PM

　　Location: 820 Follin Lane, Vienna, VA 22180 | 5550 Heritage Oaks Dr. Pensacola, FL 32526 | 141 Security Dr. Winchester, VA 22602

　　About Us

　　You have goals, dreams, hobbies, and things you're passionate about—what's important to you is important to us. We're looking for people who not only want to do meaningful, challenging work, keep their skills sharp and move ahead, but who also take time for the things that matter to them—friends, family, and passions. And we're looking for team members who are passionate about our mission—making a difference in military members' and their families' lives. Together, we can make it happen. Don't take our word for it:

　　• Military Times 2022 Best for Vets Employers

　　• WayUp Top 100 Internship Programs

　　• Forbes® 2022 The Best Employers for New Grads

　　• Fortune Best Workplaces for Women

　　• Fortune 100 Best Companies to Work For®

　　• Computerworld® Best Places to Work in IT

　　• Ripplematch Campus Forward Award - Excellence in Early Career Hiring

　　• Fortune Best Place to Work for Financial and Insurance Services

　　Equal Employment Opportunity: Navy Federal values, celebrates, and enacts diversity in the workplace. Navy Federal takes affirmative action to employ and advance in employment qualified individuals with disabilities, disabled veterans, Armed Forces service medal veterans, recently separated veterans, and other protected veterans. EOE/AA/M/F/Veteran/Disability EOE/AA/M/F/Veteran/Disability

　　Disclaimers: Navy Federal reserves the right to fill this role at a higher/lower grade level based on business need. An assessment may be required to compete for this position. Job postings are subject to close early or extend out longer than the anticipated closing date at the hiring team’s discretion based on qualified applicant volume. Navy Federal Credit Union assesses market data to establish salary ranges that enable us to remain competitive. You are paid within the salary range, based on your experience, location and market position

　　Bank Secrecy Act: Remains cognizant of and adheres to Navy Federal policies and procedures, and regulations pertaining to the Bank Secrecy Act.

　　REQNUMBER: 15869-OTHLOC-300000025800044