As the nation's largest community credit union, we begin every day focused on delivering superior financial products and services for our 1.3 million members and more than $30 billion in managed assets. Our work has an economic impact as we support our members' financial goals. We are unapologetic about being devoted to our members and the communities we serve. Our business is guided by our people helping people philosophy – which includes our team members.

BECU has been in business for more than 85 years, driven by unwavering core values and a dedication to improving the communities we serve. While we have a rich history, the future of our company, accelerated by business and technology transformation, is even brighter. There's never been a better time to work for BECU.

To learn more visit becu.org/careers.

**PAY RANGE**

The Target Pay Range for this position is $147,800-$180,600 annually. The full Pay Range is $114,700-$213,700 annually. At BECU, compensation decisions are determined using factors such as relevant job-related skills, experience, and education or training. Should an offer for employment be made, we will consider individual qualifications. In addition to your salary, compensation incentives are available for the hired applicant. Incentives are performance based and targets vary by role.

**BENEFITS**

Employees and their eligible family members have access to a wide array of employee benefits, such as medical, dental, vision and life insurance coverage. Employees have access to disability and AD&D insurance. We also offer health care and dependent care flexible spending accounts, as well as health savings accounts, to eligible employees. Employees are able to enroll in our company’s 401k plan and employer-funded retirement plan. Newly hired employees accrue 6.16 hours of paid time off (PTO) on a per pay period basis based on hours worked (up to a maximum of 160 PTO hours per year) and receive ten paid holidays throughout the calendar year. Additional details regarding BECU Benefits can be found here .

**IMPACT YOU’LL MAKE:**

The Senior Cybersecurity Governance, Risk and Compliance (GRC) Manager will play a pivotal role in overseeing cybersecurity-related governance, risk, and compliance across the enterprise. Your contributions will be essential in ensuring that cybersecurity risk is effectively managed and incorporated into applicable Enterprise Risk Management programs, making a significant, positive change in BECU’s journey, where your contributions are valued, and your growth is continually fostered.

**WHAT YOU’LL DO:**

+ **Drive and Evolve Cybersecurity Governance, Risk, and Compliance Program:** You will work closely with Cybersecurity leadership to develop, drive, and continuously improve Cybersecurity Governance, Risk, and Compliance program, processes, and associated disciplines, ensuring that cybersecurity initiatives align with business objectives and industry best practices.

+ **Interpret Legal and Regulatory Requirements:** You will take the lead, under the direction of Leadership, in coordinating the interpretation of legal and regulatory requirements with respect to Cybersecurity Governance, Risk and Compliance, working closely with Legal and Outside Counsel to ensure compliance and risk mitigation.

+ **Liaison with Compliance and Regulators:** As the main point of contact, you will act as a liaison with Compliance, State and Federal Regulators, including the NCUA and Washington State DFI, fostering strong relationships and ensuring effective communication and collaboration.

+ **Provide Expert Oversight and Challenge:** Your role will involve providing expert oversight and credible challenge to ensure cyber risks are identified, appropriately owned, and visible within risk management activities, laying the foundation for a robust risk management framework.

+ **Lead and Develop Risk Management Practices:** You will take the lead in developing risk management practices for the Enterprise, playing a crucial role in designing system and business controls, providing visibility to risk ownership and status, and identifying and prioritizing risks to ensure proactive risk management.

+ **Interpret Information Security Data:** Your responsibilities will include interpreting information security data and processes for potential control or framework compliance issues, including PCI, NIST, and FFIEC guidance and frameworks, ensuring that cybersecurity measures align with industry standards and guidelines.

+ **Support and Ensure Cybersecurity-related Enterprise Risk Management Process:** You will be responsible for supporting cyber risk-related Enterprise Risk Management processes, ensuring that risk management operations and reporting activities are seamlessly integrated to support effective risk treatment activities and decision-making.

+ **Engage BECU Staff and Management around Security Training and Awareness:** Your role will involve supporting engagement with BECU Staff and Management around Security Training and Awareness, including contributing to the development of the Security Awareness program content, coverage, and reach, fostering a culture of cybersecurity awareness across the organization.

+ **Develop and Maintain Cybersecurity Key Performance and Risk Metrics:** You will be responsible for developing and maintaining Cybersecurity key performance and risk metrics, as well as conducting associated reporting activities necessary to communicate cyber risk and performance, contributing to a data-driven approach to cybersecurity management.

+ **Support BECU Stakeholders and Requestors:** In this role, you will support engagement with BECU stakeholders and requestors regarding interpretation and application of Cybersecurity Governance processes, ensuring a clear understanding of standards, guidelines, and committee structure requirements and expectations across the organization.

+ **Adapt BECU Policies, Standards, and Guidelines:** Your responsibilities will include supporting the adaptation of BECU Policies, Standards, and Guidelines in response to a changing threat landscape, organizational changes, and evolution of technology, ensuring that cybersecurity measures are continuously aligned with the dynamic cybersecurity landscape.

+ **Perform Other Duties as Assigned:** You will actively contribute to the evolving landscape of the organization, seizing opportunities to make a significant, positive change in BECU’s journey, where your contributions are valued, and your growth is continually fostered.

**WHAT YOU’LL GAIN:**

+ Opportunity to contribute to the growth and success of BECU

+ Chance to elevate your career and skills while making a significant impact

+ Collaborative and innovative team environment

+ Chance to contribute to the robust technological landscape of BECU

**QUALIFICATIONS:**

**Minimum Qualifications:**

+ Bachelor’s degree in information security, Computer Science or related field, or equivalent work or education-related experience required. Advanced degree preferred.

+ One of the following certifications, or equivalent certifications, preferred: CISSP, CCSP, CISM, GIAC, CISA, CRISC.

+ Minimum seven years of cybersecurity experience or related experience in IT, Compliance, or Audit required.

+ Experience leveraging established GRC frameworks, such as SOC, PCI, NIST, and FFIEC in support of Cyber Governance buildout required.

+ Working knowledge of governance, risk, and compliance (GRC) tools and automation of risk evaluation, integration with enterprise risk functions, and reporting required.

**Desired Qualifications:**

+ Understanding of information and security systems to identify risk exposure, including third party-related cyber risk.

+ Ability to work independently, and as a team member, while using discretion in decision making and sound judgment in problem-solving.

+ Ability to set goals and objectives pertaining to training needs and lesson plans, effectively present programs, and provide training materials to individuals and groups.

+ Working knowledge of the role of firewalls, vulnerability management, penetration testing, server and desktop configuration and controls, and encryption.

+ Demonstrated ability to share knowledge and assist others in understanding technical and business topics.

**JOIN THE JOURNEY:**

Ready to make an indelible impact? Eager to be a part of a collaborative and innovative team where your ideas and contributions don’t just fill a role, but fuel the growth and success of BECU? Embrace the opportunity to grow with us. Apply now, bring your expertise to the table, and let’s achieve excellence together at BECU. Your journey of influence, innovation, and impactful contribution starts now. #BECU #YourGrowth #BECUJourney

**EEO Statement:**

BECU is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, veteran status, disability, sexual orientation, gender identity, or any other protected status.