I am...

Summary Information About the Role

SilverEdge is a premier provider of innovative cyber, software and intelligence solutions addressing everyday challenges to meet mission goals across the DOD and Intel Communities and beyond. We are seeking a candidate with Cybersecurity Assessor background. You’ll use your experience to work with national security and intelligence community clients to discover their cyber risks, understand policies, and develop mitigation plans. You’ll review technical and environmental details to assess the entire threat landscape. Then, you’ll guide your client through a plan of action with presentations, whitepapers, and milestones. You’ll work with your client to translate security concepts, directives, and controls into action, so they can make the best decisions to secure their mission-critical systems. This is your opportunity to act as an information security specialist while broadening your skills in leading-edge technologies in support of national security.

​

Company Overview

SilverEdge Government Solutions was founded on the belief that nurturing talent and collaborating closely with our customers enables us to think big and deliver the best for our country. Our mission is to bring top technology talent together to solve the world’s most challenging problems while protecting the United States and our allies. SilverEdge Government Solutions, LLC is an Equal Opportunity Employer, and applicants receive lawful consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or protected veteran status.

NA

Required Qualifications

• 3+ years of experience with IT and cybersecurity
• Experience as a Security Control Assessor, ISSO, ISSE, or ISSM
• Experience performing assessment and authorization activities for Intelligence Community or DoD customers
• HS diploma or GED

​

Preferred Qualifications

• 6+ years of experience with IT and cybersecurity
• Experience with ICD 503, CNSS, NIST requirements, processes, and controls, and control implementation
• Experience with cyber defense and vulnerability assessment tools
• Experience with operating systems, platforms, and technologies, including Windows, Linux, cloud, virtualization, or wireless
• Knowledge of customer IT systems, requirements, and processes for information assurance, assessment, and authorization activities
• Ability to work independently and as part of a team
• Possession of excellent verbal and written communication skills
• Bachelor's degree
• Advanced Cybersecurity Certifications, including Security+, GSEC, or CISSP Certifications

NA

Company Overview:

​

Yampa Valley Bank (YVB) is a full-service commercial bank that has been providing Genuine Hometown Banking for over two decades. As the only locally owned bank in the Yampa Valley, we bring value to our banking relationships by providing local decisions, local ownership and local investment to our communities. YVB is proud to power our communities by enabling our customers to succeed.

​

Role Summary:

​

Yampa Valley Bank's Compliance & Information Security Manager will perform a key risk management role to help ensure that Bank initiatives and business processes comply with applicable Federal and State banking laws and regulations. This position has the resources and executive level commitment to establish and maintain compliance excellence.

​

Location: Steamboat Springs, CO or Craig, CO or Remote. Position will require regular travel to Steamboat Springs, approximately once per month.

​

Compensation: Annual Base Salary of $85,000, depending on experience. Eligible for annual discretionary bonus with a target opportunity of 10% of base salary.

​

Benefits include: Paid Time Off of 30+ days per year (Vacation, Sick, Holidays), Medical, Health Savings Account, Dental, Vision, Disability, Life Insurance, 401(k) with company match.

• Research federal and state banking laws and regulations and review YVB's policies and procedures to ensure that the Bank is in compliance with laws and regulations.
• Responsible for internal audits and compliance area monitoring/auditing and establishing a risk weighted annual risk assessment for both audit and compliance.
• Provide subject matter expertise by responding to inquiries from all YVB departments regarding the proper application of compliance laws, regulations, and related requirements.
• Manage YVB's audit functions with regard to timeliness, effectiveness of audit reports, findings and follow up.
• Provide regular and consistent reporting to Executive Management and the Audit Committee regarding the adequacy of management responses to audits and/or target dates for remedial action.
• Develop and maintain information security policies, standards, and guidelines.
• Oversee and maintain effective business continuity and disaster recovery policies and standards to align with program goals.
• Provide regular and consistent reporting on the current status of the information security program to Executive Management, the Enterprise Risk Management Committee (ERM), and the Board of Directors as part of the strategic enterprise risk management program.
• Build collaborative working relationships to understand core business activities and processes, as well as key risks, products, and transactions that pertain to the Bank's compliance framework and risk assessment activities.
• Develop, conduct, and assist with relevant training for Bank employees on compliance responsibilities, including the dissemination of information security policies, standards, and guidelines.

Required Qualifications:

​

• Bachelor's degree in accounting, finance, law, economics, or a related business discipline, or commensurate work experience.
• Minimum of five (5) years of work experience in banking regulatory compliance or similar work experience in risk management and abatement.
• Current certification, or ability to receive certification, as a CRCM (Certified Regulatory Compliance Manager) and/or CRCP (Certified Regulatory and Compliance Professional).

We are an Equal Opportunity Employer and qualified applicants or employees will receive consideration for employment without regard to race, color, religion, national origin, sex (including pregnancy), sexual orientation, gender identity, mental or physical disability, genetic information, protected veteran status, or any other category protected by applicable federal, state or local laws. YVB does not sponsor applicants for work visas. All applicants must be legally authorized to work in the US.

​

Please check your junk/spam mail for emails from our Recruitment team

Job Summary

​

The focus area for this Director will be leading the organization's ability to effectively respond to and recover from events that result in interruption of Point32Health's business operations. In this role, the Director Cyber & Information Security will be focused on leading a team responsible for:

​

• Developing and implementing a strategy and practices that will ensure that the organization is prepared for events that may result in extended interruption of technology systems, applications, or business operations.

• Setting requirements and providing education to business and technology stakeholders about their roles in supporting the organization's business continuity, disaster recovery, and incident/crisis management disciplines.

• Development, maintenance, and adoption of a single incident/crisis management framework across the organization - all hazard/threat types.

• Ensuring that the organization's business continuity and disaster recover procedures/playbooks remain up-to-date

• Leading tabletop and simulation exercises to help ensure preparedness and to proactively identify and address opportunities for improvement.

• Anticipate the impact of core systems, applications, facilities, and vendor relationships being unavailable and implement plans that will reduce the impact of those events.

​

The Director, Cyber & Information Security, will report into the Chief Information Security Officer (CISO) for Point32Health. The Director leads Cyber & Information Security managers and/or security leaders to oversee and help to ensure that core programs are effectively implemented. This role is integral in driving the organization’s Cyber & Information Security strategy and objectives. The Director, Cyber & Information Security is considered a leader within the IT Department and is expected to work collaboratively to identify, influence, and enhance areas of improvement across the organization.

​

Who We Are

​

Point32Health is a leading health and wellbeing organization, delivering an ever-better personalized health care experience to everyone in our communities. At Point32Health, we are building on the quality, nonprofit heritage of our founding organizations, Tufts Health Plan and Harvard Pilgrim Health Care, where we leverage our experience and expertise to help people find their version of healthier living through a broad range of health plans and tools that make navigating health and wellbeing easier.

​

We enjoy the important work we do every day in service to our members, partners, colleagues and communities.

• Manage a team of managers/senior leaders responsible for overseeing the core pillars of Cyber & Information Security
• Develop and implement policies, standards, and guidelines that continuously increase the organization’s Cyber & Information Security program maturity
• Communicate potential security concerns/exposures with recommended improvements
• Lead communication and collaboration efforts with the business and IT to ensure quality solutions are delivered
• Evangelize the objective to embed security behaviors and principles into the Point32Health culture through active engagement, education, awareness, and partnership
• Develop operational excellence in anticipation and response to evolving threats and opportunities to improve cyber and information security
• Identify business risk and communicate risk to appropriate leadership
• Collaborate with stakeholders to define and implement technical and non-technical controls designed to cyber risk objectives and legal / regulatory obligations.
• Maintain the risk repository to continually identity, prioritize, and mitigate cyber and information security related risk issues
• Participate in various forums and groups across Point32Health to understand the risk environment and to provide recommends that effectively incorporate security objectives while balancing the business impact of recommendations provided
• Facilitate adoption of leading security practices to remain in compliance with regulations and to support our continuous monitoring and improvement goals
• Maintain up-to-date knowledge of the cyber and information security industry, including awareness of new or revised security capabilities, improved security processes, threat scenarios, trends, etc.
• Identify/recommend tools, processes, software, and protocols to advance or replace current security practices, services, or technologies to meet strategic objectives.
• Other duties and projects as assigned.

EDUCATION, CERTIFICATION AND LICENSURE:

​

• Bachelor’s degree in Cyber Security, Computer Science, Risk Management, or related field preferred or equivalent experience

​

EXPERIENCE (minimum years required):

​

• 10+ years combined IT, cyber/information security, risk, audit, compliance, with increasing responsibility
• 5+ years in cybersecurity or field(s) related to the programs for which the role is responsible for
• 5+ years in a leadership role, preferably with at least 2 of those years overseeing other managers
• Experience in leading or sponsoring implementation of technical security solutions within large organizations
• Experience developing and implementing process-based security controls, processes, and capabilities
• Experience in engaging with and managing vendors responsible for implementing processes and/or IT solutions
• Experience creating and maintaining security requirements, guidelines, and procedure documents
• Extensive knowledge and experience in security and compliance frameworks such as NIST, ISO, etc

​

SKILL REQUIREMENTS:

​

• Ability to lead a team, including managers, through mentoring, coaching, and motivating - providing an opportunity to learn and grow at Point32Health
• Requires the ability to identify risk within complex, interrelated programs; ability to assess dynamic situations objectively; and to make recommendations or decisions that best align with the corporate strategic objectives
• Ability to communicate effectively across multiple levels of the organization including managing through cross-business area or business unit prioritization discussions
• Strong relationship building skills; Must be able to work collaboratively and cooperatively as a team member, fostering an atmosphere of trust and respect
• Ability to influence all levels of staff and senior management in the decision-making process
• Deep understanding of IT infrastructure, program portfolio management, application design, and secure software development lifecycle (SDLC) methodologies

• Commitment to Diversity, Equity & Inclusion

​

Point32Health is committed to making diversity, equity, and inclusion part of everything we do—from product design to the workforce driving that innovation. Our DEI strategy is deeply connected to our core values and will evolve as the changing nature of work shifts. Programming, events, and an inclusion infrastructure play a role in how we spread cultural awareness, train people leaders on engaging with their teams and provide parameters on how to recruit and retain talented and dynamic talent. We welcome all applicants and qualified individuals, who will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status.

• Scam alert: Point32Health has recently become aware of job posting scams where unauthorized individuals posing as Point32Health recruiters have placed job advertisements and reached out to potential candidates. These advertisements or individuals may ask the applicant to make a payment. Point32Health would never ask an applicant to make a payment related to a job application or job offer, or to pay for workplace equipment. If you have any concerns about the legitimacy of a job posting or recruiting contact, you may contact TA_operations@point32health.org

​

This job has been posted by Ignyte AI on behalf of Point32Health. Ignyte AI is committed to the fundamental principle of equal opportunity and equal treatment for every prospective and current employee. It is the policy of Ignyte AI not to discriminate based on race, color, national or ethnic origin, ancestry, age, religion, creed, disability, sex and gender, sexual orientation, gender identity and/or expression, military or veteran status, or any other characteristic protected under applicable federal, state or local law.

​

Req ID: R8365