Information technology Jobs in Orlando, FL

Vice President, Information Security Officer

Financial Freedom Happens Here and it starts with YOU.

At FAIRWINDS Credit Union, we're more than a workplace; we're a team on a mission. Join the credit union nationally endorsed by The Dave Ramsey Show, where every day is a step toward financial freedom - for our members and for you. Join a mission-driven financial organization and help protect what matters most!

We're seeking a dynamic, technically strong, forward-thinking VP Information Security Officer to lead our enterprise-wide Information Security Program and protect the systems, data, infrastructure, and member trust that power FAIRWINDS.

This role serves as the credit union's board-appointed Information Security Officer and is responsible for the governance, strategy, architecture, and continuous improvement of FAIRWINDS information security program. The ideal candidate will bring more than information security risk management experience; they will also bring the technical depth and leadership required to guide a modern defense-in-depth security environment across network security, endpoint protection, cloud security, data protection, identity, monitoring, incident response, and emerging cyber threats.

This leader will oversee and help shape the architecture, operation, and evolution of security capabilities across platforms such as enterprise firewalls, endpoint detection and response, cloud security, data protection, secure access, vulnerability management, SIEM/logging, incident response, and other critical defensive technologies. They must be able to partner deeply with IT infrastructure, operations, applications, vendors, audit, and risk teams while also communicating security strategy clearly to senior leadership and the Board.

If you are energized by meaningful work, thrive in a collaborative environment, and want to make a measurable impact in the financial industry, this role is for you.

Your Role in Our Mission

Information Security Program Leadership:

• Serve as the board-appointed Information Security Officer, stewarding FAIRWINDS enterprise Information Security Program.
• Update, maintain, and report on the Information Security Program annually to senior leadership and the Board.
• Ensure the Information Security Program supports regulatory expectations, operational resiliency, member trust, and FAIRWINDS strategic goals.
• Develop, maintain, and strengthen information security policies, standards, procedures, and control expectations.
• Monitor regulatory requirements, industry trends, emerging threats, and financial services security practices.

Security Architecture & Technical Leadership:

• Own and continuously improve the information security architecture for the credit union, across network, endpoint, cloud, identity, data, and application layers.
• Lead the strategy, design, evaluation, configuration oversight, and continuous improvement of FAIRWINDS' defense-in-depth security capabilities.
• Provide technical leadership across security infrastructure and platforms, including technologies such as Palo Alto, Splunk, CrowdStrike, Cloudflare, Varonis, Microsoft 365 security tooling, vulnerability management platforms, SIEM and logging, IDS/IPS, email and web security, data protection, and related security solutions.
• Bring hands-on technical depth, able to personally evaluate configurations, review queries and detection logic, validate vendor claims, and engage at the console level when needed, not just direct others from a distance.
• Partner with infrastructure, network, cloud, endpoint, application, and operations teams to ensure security controls are appropriately designed, integrated, monitored, and improved.
• Assess current security tools and capabilities for effectiveness, redundancy, gaps, automation opportunities, and scalability.
• Provide informed technical direction to vendors, managed service providers, and internal teams.
• Translate technical security risks into practical business decisions and executive-ready recommendations.

Cyber Risk, Controls & Compliance:

• Conduct and refine information security risk assessments, evaluating inherent risk, control effectiveness, and residual risk.
• Evaluate systems, processes, vendors, locations, and technology changes to identify opportunities for enhanced security controls.
• Oversee internal controls related to information security, including preventive, detective, and corrective controls.
• Ensure appropriate security requirements are incorporated into vendor due diligence, selection, implementation, and ongoing monitoring.
• Guide access governance, including system access authorization, review, and auditing processes.
• Collaborate with Internal Audit, Enterprise Risk Management, Compliance, Information Technology, and business leaders on control testing, remediation, and reporting.

Security Operations, Monitoring & Incident Response:

• Oversee and validate security monitoring, alerting, configurations, workflows, and escalation processes.
• Lead incident response efforts, including triage, investigation, documentation, case building, loss assessment, communication, root-cause analysis, and remediation.
• Strengthen cybercrime prevention capabilities and ensure adherence to laws, contracts, policies, and member protection obligations.
• Maintain readiness through tabletop exercises, control testing, scenario planning, and continuous improvement of incident response procedures.
• Advance threat detection, vulnerability management, logging, investigation, and response capabilities.

Innovation & Continuous Improvement:

• Stay ahead of emerging cybersecurity threats, technologies, and practices affecting financial institutions.
• Identify opportunities to improve security through automation, analytics, AI-enabled capabilities, improved tooling, and more effective workflows.
• Maintain a working point of view on how AI is reshaping both offense and defense and bring practical security applications back to FAIRWINDS as the landscape matures
• Help FAIRWINDS modernize security operations while maintaining strong governance, risk management, and regulatory discipline.
• Recommend practical enhancements that improve security posture, reduce operational friction, and scale as the organization grows.

Training, Awareness & Partnership:

• Develop and deliver engaging training programs for crewmembers, volunteers, and internal business units.
• Promote a strong culture of security awareness and shared accountability across the organization.
• Provide expert consultation, analysis, and reporting to senior management and business partners.
• Communicate complex technical and cyber risk issues in clear, practical language for non-technical audiences.

Team Leadership:

• Lead, coach, and develop the Information Security Analyst and future security team members.
• Set clear expectations, goals, and priorities for the information security function.
• Build strong working relationships across IT, Risk, Operations, Digital, Lending, Branches, and other business units.
• Model FAIRWINDS values and support a proactive, collaborative, member-focused security culture.

What Makes You a Great Fit

Education:

• Bachelor's degree in Cybersecurity, Computer Science, Information Systems, Engineering, or a related technical field required.
• MBA, MS in Cybersecurity, or other advanced degree preferred.
• Equivalent combinations of education, technical experience, and leadership experience may be considered.

Experience:

• Minimum of 7 years of progressive experience in information security, cybersecurity, security engineering, security operations, infrastructure security, or information risk management.
• Minimum of 5 years of experience providing technical leadership over enterprise security architecture, security tools, security operations, or cyber defense capabilities.
• Financial institution, credit union, banking, fintech, or regulated industry experience strongly preferred.
• Demonstrated experience with defense-in-depth security architecture, including network security, endpoint protection, identity/access controls, vulnerability management, cloud security, logging/monitoring, and data protection.
• Proven ability to lead incident response, security investigations, risk assessments, and control improvement efforts.
• Experience managing vendors, security platforms, implementation projects, and cross-functional technical initiatives.
• Prior people leadership or team leadership experience preferred.

Certifications:

• One or more current industry-recognized certifications strongly preferred, such as CISSP, CISM, CCSP, OSCP, or equivalent.
• Technical certifications in networking, cloud, endpoint security, firewall platforms, or security operations are a plus.

Skills & Competencies:

• Strong technical understanding of enterprise IT architecture, networks, endpoints, cloud environments, identity, data protection, logging, monitoring, and security controls, deep enough to challenge designs and validate vendor claims.
• Ability to evaluate and guide the configuration, performance, and integration of security technologies, with the hands-on fluency to engage at the technical level when needed.
• Strong knowledge of financial institution regulatory requirements, including NCUA, FFIEC, GLBA, and related cyber risk guidance.
• Strong analytical, risk assessment, and problem-solving skills.