Talent.com
UFCU
Director, Information SecurityUFCU • Austin, TX, USA
Director, Information Security

Director, Information Security

UFCU • Austin, TX, USA
30+ days ago
Job type
  • Full-time
Job description

Job Summary

The Director of Information Security is a collaborative partner that seeks opportunities to learn and engage across the organization. The Director will direct and evolve UFCU’s enterprise information security and cyber risk program while enabling secure innovation and outstanding Member experiences.The Director works closely with senior leaders to outline and execute company goals and is responsible for defining and executing UFCU’s information security strategy, cyber and technology risk posture, and operational resilience. This role serves as a trusted advisor to executive leadership and the Board, championing a member‑first, security‑by‑design culture that safeguards trust while supporting growth and innovation. This position is based in Austin, Texas and requires frequent onsite engagement at UFCU Plaza to support executive collaboration, enterprise risk governance, cross-functional partnership, and operational leadership across the organization.

The Director develops and drives a proactive, collaborative partnership understanding team needs, creating engaging conversations, monitoring partner feedback, and identifying trends and opportunities to advance UFCU’s overall business strategy and vision. The Director, Information Security position is an exempt role and reports to the Chief Technology Officer and leads the Information Security team.

About UFCU

Our Credit Union was founded in 1936 and has grown to serve members throughout Texas and beyond. At UFCU, we are more than just a financial institution, and our people are more than just employees. We are dedicated to our purpose of empowering our Members to achieve financial success and build brighter futures.

In pursuit of our aspiration that UFCU is loved by millions of Members and built to thrive for generations, we are guided by our values:

Purposefully Member-Obsessed

We are driven by a profound sense of empathy to deeply understand our Members’ needs and preferences, what brighter futures means to them, and the obstacles in their way. We act in our Members’ best interests, forever seeking to empower their financial success.

Possibilities Reimagined

We are inspired to courageously experiment, learn, and iterate in pursuit of positive impact for our Members, UFCU, and coworkers. We challenge assumptions, embrace diverse perspectives, and make use of data and insights.

Performance Excellence Rooted in Unwavering Integrity

We do the right thing, always. We champion teamwork, accountability, continuous improvement, and celebrate successful outcomes of others, fostering an inclusive environment of excellence and collaboration.

Essential Functions

Enterprise Security Strategy & Leadership

  • Define and own UFCU’s enterprise information security and cyber risk strategy, roadmap, and policies in alignment with business objectives, risk appetite, budgets, and regulatory expectations
  • Lead the design, implementation, and operation of a comprehensive cyber security program covering governance, architecture, infrastructure, networking, cloud security, application security, IAM, vulnerability management, and security operations
  • Embed security‑by‑design practices into digital banking, payments, and member‑facing platforms by partnering with Technology, Product, and Enterprise Risk teams

Cyber Risk, Compliance & Governance

  • Establish and maintain an effective information security governance framework, including standards, policies, and leadership forums that align cyber security priorities with enterprise goals
  • Ensure compliance with applicable regulatory and industry frameworks, including NCUA guidance, GLBA Safeguards Rule, NIST, ISO, and PCI (as applicable)
  • Lead internal and external examinations, audits, and assessments; oversee remediation plans and ensure sustainable closure of findings Oversee identification, assessment, and treatment of cyber and technology risks
  • Partner with Technology, Risk, and business leaders to support business continuity, disaster recovery readiness, cyber resiliency, and enterprise operational resilience initiatives.
  • Present cybersecurity risks, trends, incident readiness, and strategic recommendations to executive leadership, risk committees, and other governance groups as needed.

Security Operations & Resilience and Third Party & Data Protection

  • Provide executive oversight of day‑to‑day cyber security operations, including threat monitoring, detection, and response across enterprise cyber security platforms
  • Own and mature UFCU’s incident response and crisis management framework, ensuring effective coordination, communication, and executive reporting
  • Partner with peer leaders to ensure the effectiveness and resilience of critical services
  • Lead information security components of third‑party risk management
  • Oversee data protection, privacy controls, and secure data‑sharing practices across the data lifecycle in collaboration with Legal, Compliance, and Data & Insights teams

Team Leadership and Development

  • Build, lead, and develop a high‑performing information cyber security organization across Governance, Risk, Compliance, Engineering, Architecture, and Security Operations
  • Serve as a role model in transparent communication, two-way dialogue, and proactive communication to the team.
  • Build a successful team to operate according to UFCU guiding principles, providing guidance and resources and removing obstacles as needed.
  • Provide team leadership based on servant leadership principles, caring for the whole person.
  • Plan, monitor, and appraise job results with an emphasis on coaching and developing employees to achieve desired performance results.
  • Help teams achieve their career goals. Ensure team members understand how to have an impact and are aware of that impact when they've made it.

Strategic and Executive Business Partner

  • Collaborate across Technology, Digital, Operations, Risk, Compliance, and Member‑facing teams to balance security, experience, and innovation
  • Serve as UFCU’s senior cyber security advisor to executives and the Board, translating technical risk into clear business impact and investment decisions. Communicate program, progress, risk posture, investment using metrics-driven reporting
  • Collaborate with business partners to determine future needs and support necessary to achieve business unit strategy. Network with other financial institutions and cyber risk leaders to learn and share best practices

Strategy Development/Strategic Planning

  • Collaborate with senior leaders and actively participate in the organizational strategic planning process.
  • Develop Information Security strategies in partnership with executive leadership to drive achievement of Credit Union and department goals.
  • Monitor and evaluate department progress toward stated goals and make adjustments as needed based on business and department needs. Facilitate procurement of tools and resources to achieve organizational and department strategic priorities.

Budgetary Oversight/Expense Management

  • Establish Information Security annual budget with identification of planned expenses for new or enhanced programs and services.
  • Ensure effective control of results. Take action to guarantee achievement of departmental objectives that fall within designated budgets.
  • Monitor expenses on a monthly basis to evaluate versus budget using strong financial management skills. Take action to make adjustments as needed based on organizational and department priorities.
  • Collaborate with senior leaders on development of organizational annual budget in alignment with strategic objectives.

Other

  • Perform other duties as assigned.
  • Adhere to all organizational policies, procedures, and business ethics codes.
  • Complete required regulatory training as assigned.
  • Maintain strict adherence and compliance to all laws, rules, regulations, policies, procedures, and internal controls specific to the role, including but not limited to the Bank Secrecy Act, Anti-Money Laundering, USA Patriot Act, OFAC, and Fair Lending regulations.

Knowledge/Skills/Abilities

Team Building and Leadership

  • Strategic and operational leader with the ability to remain closely connected to evolving technologies, cybersecurity operations, and organizational priorities while developing high-performing teams.
  • Proven ability to create a high-performance climate through talent identification, recruitment, and retention.
  • Strong and demonstrable leadership skills with the ability to inspire and motivate others and define vision, set priorities and execute complex multi-year roadmaps.
  • Proven ability to build a team of diverse talents that complement one another.
  • Proven ability to hold themselves to the highest standard of integrity and personal behavior.

Building Relationships and Using Influence

  • Exceptional stakeholder and interpersonal skills with the proven ability to influence senior level management and key stakeholders.
  • Strong ability to recognize nuances in others and leverage this understanding for a more influential impact on the team.
  • Effective communicator, listener, and presenter, with the ability to work with various levels of the organization.
  • Adept at maintaining effective relationships with internal departments external business and community partners, and others key stakeholders.
  • Strong collaboration and program management skills with ability to translate technical security risks into clear, actionable business language for executive leadership and the Board

Executing for Results

  • Possess a proven delivery track record and exceptional service orientation.
  • Adept at translating the mission of the organization into actionable, quantitative plans.
  • Possess high levels of energy and persistence.
  • Rigorously hold oneself and others accountable for achieving high levels of individual and organizational performance.

Business Acumen

  • Deep knowledge of information security, cybersecurity risk management, and operational resilience within regulated financial institutions
  • Strong working knowledge of applicable regulatory and industry frameworks and understanding of modern banking and fintech technologies, including digital banking platforms, mobile applications, payments, APIs, cloud services, and third‑party ecosystems
  • Ability to balance security, regulatory compliance, member experience, and business agility in a rapidly evolving threat landscape
  • Ability to make sound risk‑based decisions under pressure and during high‑impact incidents or regulatory scrutiny with ability to evaluate decisions in terms of impact to the business.
  • Ability to articulate ideas to both technical and non-technical audiences and translate technical security risks into clear, actionable business language for executive leadership and the Board

Core Competencies

  • Delivering Member Obsession
  • Seeks to understand customers
  • Identifies customer service issues
  • Drives member-focused practices
  • Assures member satisfaction
  • Delivering Performance Excellence
  • Maintains focus
  • Measures progress and outcome
  • Ensures accountability
  • Delivering Innovation
  • Inspires curiosity
  • Challenges current thinking
  • Supports experimentation
  • Advances ideas to the next stage
  • Delivering Empowered Leadership Develops direction Builds team trust Identifies opportunities to share responsibility Informs the team Supports the team

Experience

Minimum Requirements

  • Bachelor’s degree in Information Security, Computer Science, Information Systems, Engineering, Business or relevant field of study or equivalent combination of education and experience
  • Minimum of ten (10) years of related experience in information security or related technology disiplines
  • Minimum of seven (7) years of management and supervisory leadership experience developing and leading teams with direct reporting relationships
  • 5–7+ years of experience leading cybersecurity teams with accountability for strategy, budget, and vendor management
  • Prior experience in a senior security leadership role (Director, Head of Security, Deputy CISO, or CISO), preferably within financial services or another regulated industry
  • Experience supporting regulatory examinations, audits, and remediation activities within regulated financial environments
  • Relevant industry certification required (CISSP, CISM, CISA, CRISC, GIAC, or equivalent).
  • Must be bondable

Preferred Requirements

  • Master’s degree in information security, Computer Science, Information Systems, Engineering, Business or relevant field of study
  • Minimum of five (5) years of demonstrated strategic leadership experience
  • Experience working in or with credit unions, community banks, reginal financial institutions or regulated environments
  • Hands-on exposure securing digital banking, mobile, payments, account opening and contact center platforms
  • Demonstrated success building or maturing security programs aligned to NIST CSF, ISO, FFIEC, and SOC frameworks
  • Additional certifications such as GIAC, CEH, CCSP or cloud security certifications

Physical Demands

The physical demands described are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

Frequent

  • While performing the duties of this job, the employee is regularly required to sit; use hands to finger, handle or feel; reach with hands and arms; and talk or hear.
  • Specific vision abilities required by this job include close vision, distance vision, peripheral vision, and ability to adjust focus.
  • Employee will make extensive use of the telephone and virtual communications requiring the ability to explain complex information effectively and accurately.

Work Environment

The work environment characteristics described are representative of those an employee encounters while performing the essential functions of this job.

  • This position is required to frequently work at UFCU Plaza in Austin, Texas.
  • This position may involve periodic stressful
  • May occasionally require an adjusted work schedule, overtime, and evening/weekend
  • May occasionally involve public contact, requiring appropriate professional appearance.
  • Frequent computer use at a workstation for multiple hours at a
  • The noise level in the work environment is usually moderate
Create a job alert for this search

Director, Information Security • Austin, TX, USA

Similar jobs

Information Security Analyst

TradeJobsWorkForce78779 Austin, TX, US
Full-time

Monitor their organization’s networks for security breaches and investigate a violation when one occurs Install and use software, such as firewalls and data encryption programs, to protect sensitiv... Show more

 • Promoted

Compliance Director

TradeJobsWorkForce78766 Austin, TX, US
Full-time

Compliance Director Job Duties: Accomplishes compliance human resource strategies by determining acco... Show more

 • Promoted

Deployment Safety Risk Manager, Technology Deployment (TD)

Amazon Technologies, Inc.Austin, TX, United States
Full-time

Are you inspired by invention? Is problem solving through teamwork in your DNA? We apply advances in robotics and software to solve real-world problems that delight our customers' experiences in wa... Show more

 • Promoted

Product Manager, Threat Intelligence (Remote US)

AnomaliAustin, TX, United States
Remote
Full-time

Product Manager, Threat Intelligence (Remote US)Anomali is headquartered in Silicon Valley and is the Leading AI-Powered Security Operations Platform that is modernizing security operations.At the ... Show more

 • Promoted

Cybersecurity Manager - Cyber Threat Intel (Remote)

Home Depot Management Company, LLCAustin, TX, United States
Remote
Full-time

Position Purpose :The Cyber Threat Intelligence Manager leads the development and execution of threat intelligence strategies to proactively identify, assess, and mitigate cyber threats.Develop and... Show more

 • Promoted

Security Technical Account Manager - US Remote - EST or CT

FastlyAustin, TX, United States
Remote
Full-time

Security Technical Account Manager - US Remote - EST or CTJoin to apply for the Security Technical Account Manager role at FastlyFastly helps people stay better connected with the things they love.... Show more

 • Promoted

Senior Security Architect

TradeJobsWorkForce78741 Austin, TX, US
Full-time

Senior Security Architect Job Duties: Enhances security team accomplishments and competence by planning deliver... Show more

 • Promoted

Director of Engineering

White Lodging Services CorporationAustin, TX, US
Full-time

Location: Westin Austin Downtown.White Lodging develops and operates a portfolio of award-winning, premium-brand hotels, rooftop bars, and restaurants in some of the country’s best cities to live.W... Show more

Information Security Specialist (Remote)

N. Harris Computer Corporation - USAAustin, TX, United States
Remote
Full-time

The Harris Corporate IT Team is seeking an Information Security Specialist to join our team!You will participate in evaluating, developing, and implementing security tools, standards, procedures, a... Show more

 • Promoted

Solutions Engineer - Cloud, CDN & Internet Security (Public Sector, Remote Southeast)

KORE1Austin, TX, United States
Remote
Full-time

KORE1, a nationwide provider of staffing and recruiting solutions, has an immediate opening for a Solutions Engineer - Cloud, CDN & Internet Security (Public Sector) for the Southeast region.Av... Show more

 • Promoted

Director of Customer Success (Remote, US-Based)

LiquibaseAustin, TX, United States
Remote
Full-time

Job DescriptionJob DescriptionOverviewLiquibase is the leader in Database DevOps.Downloaded more than 100 million times, our software enables DevOps teams around the globe to accelerate the softwar... Show more

 • Promoted

Security Practice Lead (Nationwide)

Presidio Networked Solutions, LLCAustin, TX, US
Full-time

Presidio, Where Teamwork and Innovation Shape the Future.AtPresidio, we're at the forefront of a global technology revolution, transforming industries throughcutting-edge digital solutions and next... Show more

 • Promoted

Director Of Instructional Design Training Operations - Remote

Maximus Inc.Austin, TX, United States
Remote
Full-time

We are seeking a Strategic and Visionary Learning & Development Director to lead the development and implementation of enterprise-wide learning strategies and scalable instructional ecosystems.... Show more

 • Promoted

Director of SMB Servicing Operations - North America

PayPalAustin, TX, United States
Full-time

The Company PayPal has been revolutionizing commerce globally for more than 25 years.Creating innovative experiences that make moving money, selling, and shopping simple, personalized, and secure, ... Show more