Responsible for conducting periodic audits SAFE’s information systems and networks to ensure compliance with established security policies and application standards. Monitors all internet activity on a daily basis to ensure enforcement of the IT security policy. Provides day-to-day support, installation, and maintenance of security infrastructure components, such as server and computer anti-virus, email filters, web content filters, backup, firewalls, intrusion detection/prevention systems, patch management, data leakage, and access lists. Assists in the development of Information Technology policies and Information Technology security awareness programs by creating security-related articles for the credit union newsletters and provides recommendations on current or potential security threats to the credit union’s computing environment.
ESSENTIAL FUNCTIONS AND BASIC DUTIES
- Perform daily auditing and monitoring of all security logs, including internet usage, for unauthorized transactions and intrusions.
- Responsible for carrying out SAFE’s Patch Management program to ensure latest security patches are installed; identify material risks.
- Monitor system and network security, take corrective measures to ensure zero loss of data, and make recommendations for purchases and upgrades.
- Respond to security issues, troubleshoot, interact with vendors, open trouble tickets, and tracks and resolves trouble tickets assigned to the Security Team.
- Identifies any foreseeable information security risks to comply with privacy and information security policies and procedures.
- Conduct periodic vulnerability and security risk assessments of the assets of the company, open trouble tickets and track issues through resolution.
- Assists in development of information security policies and standards as needed to maintain the security of the Credit Union’s computing environment.
- Work with other credit union teams and vendors regarding security-related functions such as business continuity and privacy practice implementation.
- Actively promote system security awareness programs within the credit union.
- Participate in IT projects to ensure that new applications and procedures will comply with established security policies and standards.
- Audit system access requests to ensure compliance with established security policies and application standards.
- Evaluate and recommend solutions to current or potential security threats as they relate to the credit union’s computing environment.
- Ensure operational procedures are up-to-date and followed.
- Document procedures and incorporate them into the department’s Standards and Procedures Manual.
- Ensure compliance with the credit union’s security policies, procedures, and standards.
- Maintain awareness of new technologies.
- Assist internal and external auditors as required.
- Complete other duties as assigned.
Fifth year college or university program certificate; or three to five years related experience and/or training; or equivalent combination of education and experience.
- Microsoft Certified Systems Engineer (MCSE) certification.
- Cisco Certified Network Associate (CCNA) certification.
- Certified Information Systems Security Professional (CISSP) certification.
Sound understanding of network operating systems, network equipment, and networking protocols. Working knowledge of Windows XP/Vista/Win 7/Win 2000/2003/2008; Linux, HP Unix, SQL, and Oracle; endpoint security tools (Symantec, McAfee, Trend Micro, etc.); SIEM, Data Leakage, and vulnerability assessment technologies. Knowledge and experience with various network protocols, firewalls, penetration testing tools, remote access, network operating systems and vulnerabilities, PC operating systems and vulnerabilities, and network management tools.
To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
- Strong interpersonal analytical, problem-solving, and written/verbal communication skills.
WORK ENVIRONMENT/PHYSICAL DEMANDS SUMMARY
- Ability to read, analyzes, and interprets general business periodicals, professional journals, technical procedures, or governmental regulations.
- Ability to write reports, business correspondence, and procedure manuals.
- Ability to effectively present information and respond to questions from groups of managers, clients, members, and the general public.
MATHEMATICAL SKILLS AND REASONING ABILITY
- Ability to work with mathematical concepts such as probability and statistical inference, and fundamentals of plane and solid geometry and trigonometry.
- Ability to apply concepts such as fractions, percentages, ratios, and proportions to practical situations.
- Ability to apply common sense understanding to carry out instructions furnished in written, oral, or diagram form.
- Ability to deal with problems involving several concrete variables in standardized situations.
PHYSICAL DEMANDS AND WORK ENVIRONMENT
The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job.
- While performing the duties of this job, the employee is regularly required to sit and talk or hear, and use hands to finger, handle, or feel objects, tools, or controls.
- The employee is occasionally required to stand; walk; reach with hands and arms; and stoop, kneel, crouch, or crawl.
- The employee must occasionally lift and/or move up to 10 pounds.
- Specific vision abilities required by this job include close vision.
- The noise level in the work environment is usually moderate.
INTENT AND FUNCTION OF JOB DESCRIPTIONS
This is not necessarily an all-inclusive list of job-related responsibilities, duties, skills, efforts, requirements or working conditions. All descriptions have been reviewed to ensure that only essential functions and basic duties have been included. Peripheral tasks, only incidentally related to each position, have been excluded. Requirements, skills, and abilities included have been determined to be the minimal standards required to successfully perform the positions. While this is intended to be an accurate reflection of the current job, management reserves the right to revise the job or to require that other or different tasks be performed as assigned.
In accordance with the Americans with Disabilities Act, it is possible that requirements may be modified to reasonably accommodate disabled individuals. However, no accommodations will be made which may pose serious health or safety risks to the employee or others or which impose undue hardships on the organization.
Job descriptions are not intended as and do not create employment contracts. The organization maintains its status as an at-will employer. Employees can be terminated for any reason not prohibited by law.