Information Security Specialist

Description

Employment Type: Full-Time, Hybrid #LI-HYBRID

This Information Security Specialist position starts at $66,365.06 annually with an annual award opportunity based off individual and credit union performance. We also offer the following benefits for all employees: 401k, Paid Holidays, Paid Time Off, Paid Volunteer Hours, and an Advia Sponsored Wellness Program.

What you should know about the role

Information Security Specialist implements, tests, maintains, monitors and reports on the organization's Information Security and IT Compliance to protect the credit union's assets and maintain regulatory compliance of the information technology areas. They partner with the IT, Audit, and Risk Management departments to ensure compliance and robust application of security technologies, strategies, and policies. They assist with the implementation of business systems to ensure high security standards. They drive results toward strategic business plans. This is accomplished by providing outstanding service to both internal and external members as defined by living and demonstrating the core values of the credit union; Act with Integrity, Drive Progress, Build & Strengthen Relationships and Keep People at the Core.

• The Information Security Specialist implements, tests, maintains, monitors and reports on the organization's information security in order to protect the credit union's assets and prevent unauthorized access to credit union systems. This includes implementing strategies which mitigate risk to IT systems from internal and external exposures.
• Work closely with vendors, fellow employees, and management to provide timely statuses on network security, project implementations and aid resolutions.
• Utilize the vulnerability management system to identify and resolve hardware and software system risks. Utilize computer investigative techniques and forensic methods to identify operating or potential vulnerabilities. Conduct penetration testing and audits to ensure adequate protection of the organization's assets.
• Conduct regular security monitoring and reporting of systems to ensure adequate security defenses, systems and settings are in place to protect against intrusion, theft, destruction or misuse of credit union information.
• Aid the business and technology teams to cover infrastructure security, disaster recovery, management of data, network architecture and design, user access management, and management of third parties. Monitor regulations and trends that affect financial institutions and establish effective restrictions to cybercrime. Provide ad hoc aid on special Information Security hot topics for the business.
• Provide assistance to IT Audits. Assist management in preparation for audits and assisting with remediation on established timelines. Assist with coordination of information security efforts with the Internal Audit and Risk Management departments.
• To maintain IT Compliance and Information Security standards in adherence with federal, state, information security and risk management policies, standards and guidelines. Maintain IT Security policies, procedures, manuals and guidelines ensuring they are updated, compliant. Complete forms and documentations that aids the policies and procedures for compliance, security, and maintenance of IT systems. Maintain the necessary documentation for the organization to ensure secure operations.
• Strictly adhere to and enforce system security policies and follow all company standards. Must comply with applicable laws and regulations, including but not limited to, the Bank Secrecy Act, the Patriot Act, and the office of Foreign Assets Control, in addition to all company policies.

• Strong understanding of the function of IT infrastructure technologies including OS, Data Storage, Servers, Networks, Telephony, Web, Cloud, Technical Architecture and Performance Optimization techniques
• Strong understanding of IT Security strategies, including incident response, attacker methodologies, vulnerability management, security information and event monitoring, system hardening, encryption technologies, and endpoint security management.
• Ability to analyze and understand how various IT equipment and software programs interrelate and interface with IT security systems, and the ability to identify and solve IT security issues.
• A high level of interpersonal and verbal communication skills necessary to relate to other people at their systems knowledge level.
• Ability to organize and prioritize work without direction from supervisor in situations where dramatic changes frequently occur. Required to operate with great latitude with independent judgment and initiative.
• Ability to manage multiple projects and support multiple support requests.
• Ability to effectively interact and direct the efforts of various IT vendors and suppliers.
• Ability to analyze complex situations and problems and do the necessary research using multiple sources of information to arrive at innovative solutions.
• Ability to work after hours on occasion to maintain or repair technical systems with and without short notice.