IT Security Analyst
WFH Flexible Battle Creek, MI
Job Type
Full-time
Description

  

This position is responsible for monitoring the security posture of the credit union by leveraging internal and external third-party security tools. Analyze security events or other anomalies to ensure remediation within established guidelines. Provide support, guidance and assistance to Omni IT, Internal Compliance and Digital departments within established service level agreements. Responsible for metric collection and internal reporting. Manages all internal or hosted security systems and vendors communication.  Responsible for accurately performing risk assessments of networks and systems both scheduled or ad hoc as required.  Participates and identifies security weaknesses using industry best practices and in accordance with regulatory bodies such as FFIEC. Evaluates new and existing security tools, software, and methods. Keeps management well informed of problems and area activities. Requires after hours support as conditions require.  In addition to best in class health benefits, we offer you an award winning workplace, competitive pay, 401k, education assistance plan, telemedicine service, and weekly pay days. Come work with us!  

Requirements

  

Essential Duties and Responsibilities:

1. Security Posture and Event Management 

a. Administers enterprise security infrastructure including, but not limited to: Two-factor authentication platforms, firewalls, and enterprise logging systems. 

b. Coordinates with third-party security partners for event correlation and remediation.

c. Maintains close relationships with IT to communicate and guide security event remediation or security findings requiring attention.

d. Maintains the availability, patching, and operational functionality of assigned security systems. 

e. Manages Information Security Policy and Program (ISPP) controls to ensure the most update content is included and validated.

f. Validates ISPP controls to ensure compliance with COBIT and NIST standards.

g. Builds internal security documentation and procedures, incident response templates and vulnerabilities monitoring and remediation criteria.

h. Evaluates new security tools, products, and solutions as required.  

i. Makes recommendations regarding purchase of IT security products. 

j. Tests security systems and ensures software and hardware performs appropriately and as expected.

2. Security Risk Assessment 

a. Identifies risks, threats, and vulnerabilities to network, physical, logical and all information systems including cloud provided.  

b. Works in concert with internal audit and compliance to adhere to critical dates and milestones outlined in the internal audit program.

c. Provides audit data to internal compliance and audit as directed within communicated timelines.

d. Makes recommendations to eliminate or minimize risk. 

e. Keeps accurate and complete records of security risk assessments. Submits them in a timely manner. 

f. Compiles incident response metrics for leadership. 

g. Completes and presents monthly security reports to Risk Management and/or Technology Security Committee as required. 

3. Communication and Business Relationship 

a. Provide outstanding service to Omni staff and present a positive attitude at all times.

b. Ensures the Credit Union’s professional reputation is maintained both internally and externally. 

c. Ensures the appropriate levels of security and confidentiality are consistently maintained. 

d. Acts as a representative of the Credit Union with business and professional organizations and external IT contacts. Promotes the Credit Union’s interests. 

4. Related duties as required or assigned 

a. Maintain up to date knowledge of FFIEC, NIST, COBIT and ITIL standards and requirements.

b. Maintain knowledge of technology platforms, networking, audit standards and cloud computing.

c. Ensures Department work areas are clean, secure, and well maintained. 

d. Completes special projects as assigned.

SUPERVISORY RESPONSIBILITIES:

None.

PERFORMANCE STANDARDS:

1. Proactively and consistently ensure Credit Union IT infrastructure is well secured against inappropriate access. 

2. Works well independently in an organized fashion managing objectives by priority and sensitivity 

3. Security events are thoroughly identified and remediated within establish service level agreements.  

4. Security risk assessments are completed according to schedule and all findings are accurate.  

5. Security products are being leveraged to their full potential or seeking additional knowledge or expertise with security partners or vendors 

6. Management is consistently informed of area concerns or activities.

QUALIFICATION REQUIREMENTS:

To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skill, and/or ability required. Reasonable accommodation may be made to enable individuals with disabilities to perform the essential functions.

JOB KNOWLEDGE AND EXPERIENCE:

2-4 years’ experience working in information systems as system administrator or network

engineer.

2-4 years’ experience working with multiple operating systems and database 

variations.

1-4 years’ experience working with Microsoft products and directory services.

1-2 years’ experience working with industry standard security products and tools.

1-2 years’ experience building scripts to automate identification and remediation

of security events.

1-2 years’ experience working with security scanning tools such as Nessus or Qualys.

Experience working with an internal audit and compliance department. 

Experience with data collection and presentment to regulatory bodies as directed

Bachelor’s degree in Computer Science or equivalent work experience. 

CERTIFICATES, LICENSE, REGISTRATIONS:

Ability to be bonded.

CISA and/or CISSP or actively pursuing.

Through understanding of ITIL, COBIT and GLBA.

PHYSICAL DEMANDS:

The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. While performing the duties of this job, the employee is regularly required to sit, talk and hear. The employee is occasionally required to stand; walk; use hands to finger, handle, or feel objects, tools, or controls; reach with hands and arms; and stoop, kneel, crouch, or crawl. The employee must occasionally lift and/or move up to 20 pounds. Specific vision abilities required by this job include close vision, distance vision, color vision, and the ability to adjust focus.

WORK ENVIRONMENT:

All essential functions are performed in an office setting. Temperatures in the 

climate-controlled offices may fluctuate. Work area is sometimes noisy due to 

multiple member transactions. The noise level in the work environment is 

considered moderate. Due to the nature of our business, there is a risk of 

exposure to potentially hazardous conditions. 

MENTAL DEMANDS:

The mental characteristics necessary to competently perform this job include the frequent need to write or type, and the continuous need to be resourceful, persuasive and creative in all aspects of the loan documentation. In addition, the job holder requires imagination, concentration and negotiating skills to be successful in performing the job duties as well as a high aptitude for technology.

Salary Description
$70-90,000 depending upon qualifications