Security Administrator

Northwest FCU
This individual is responsible for overseeing security procedures that ensure the confidentiality, integrity, and availability of information systems technology.

JOB OVERVIEW

The Information System Security Administrator is a full-time position and reports to the Vice President of IT Security. The Security Administrator (SecAdmin1) is responsible for helping to maintain an enterprise wide information security program to assure information assets are appropriately protected.  The SecAdmin1 must be knowledgeable of Information Security best practices and regulatory and compliance requirements that impact security for the Credit Union.   The SecAdmin1 must have a good knowledge of how information security systems function and be involved with the support of the security technology deployed throughout the enterprise.  This individual is responsible for overseeing security procedures that ensure the confidentiality, integrity, and availability of information systems technology.

DUTIES & RESPONSIBILITIES

  • Be knowledgeable of the overall Security Program, and make suggestions for improvements as needed
  • Be knowledgeable of a broad range of Information Security standards and best practices across the industry
  • Lead the test and evaluation of existing IT Security controls, to assure compliance with policies.
  • Administer a broad range of security applications and systems (e.g. perform daily and ad-hoc duties on such systems as patch management, endpoint protection, disk encryption, e-mail gateway, web gateway, AlienVault SIEM, and Multi-Factor Authentication).
  • Assist in developing, and assuring compliance with, policies for data security, management, monitoring, and audit to assure information security and reporting.
  • Assist in developing, and assuring compliance with, audit procedures and work with information security and development teams to assure security events are captured and appropriate actions taken to secure the environment.
  • Understand existing IT Security controls, and periodically assist in testing and evaluation to assure compliance with policies.
  • Help to gather business relevant metrics to measure the efficiency and effectiveness of the program, facilitate appropriate resource allocation and increase the maturity of the security program.
  • Prepare reports on a quarterly basis to executive management on the effectiveness of the Information Security Program, including policy violations, security risks, progress of all security-related remedial actions and metrics.
  • Assist with research and development of new security techniques, tool deployments, and methods to assess risk across the credit union.
  • Actively seek to participate in cross-Credit Union working groups and projects while continuing to work across the IT department, coordinating and leveraging resources when needed
  • Understand the elements of vendor management and vendor evaluation
  • Understand and be knowledgeable of Risks and Controls that affect IT
  • Protect the confidentiality and integrity of financial sensitive information and maintain the technical mechanisms of legitimate access and release of the data to meet the requirements of the Gramm-Leach Bliley Act (GLBA).
  • Adhere to Bank Secrecy Act (BSA) regulations and all related Credit Union policies and procedures.
  • Performs other related duties as assigned.

REQUIREMENTS

  • Bachelor's degree in CompSci, Information Systems or other related field, or commensurate experience
  • 5+ years of experience with Information Systems Administration and good understanding of Financial Services systems is preferred
  • Security+, CEH preferred
  • Understanding of security applications and systems such as endpoint protection, disk encryption, e-mail gateway, web gateway, firewalls, and forward proxies
  • Ability to work both independently and within a team environment, to build good working relationships and effectively manage multiple tasks
  • Possess excellent customer service and communication skills, and strong analytic and problem solving skills.
  • The ability to assist in authoring and reviewing security policy, standards, and procedures.
  • Capable of applying common sense understanding to carry out instructions furnished in written, oral or diagram form, dealing with problems involving several concrete variables in standardized situations, and comprehending and documenting a complex legacy application.

WORK ENVIRONMENT

This job operates in a professional office environment. This role routinely uses standard office equipment such as computers, phones, and photocopiers. This role also requires the ability to stand/sit for extended periods of time.