• Information Security Architect

    Category Information Technology
    Job Locations US-TN-Tullahoma
    Job ID
    2018-1531
    Type
    Active - Full Time Salary
  • Overview

    Information Security (InfoSec) professional with direct responsibility for securing the information systems of the credit union by developing and implementing a cohesive strategy to minimize internal and external security risks and to mitigate threats.  The effective strategy and execution will be carried out through the following: detailed and thorough information security requirements; planning, implementing, and continuous testing of internal and external security systems; documenting information security standards, policies, and procedures; staying apprised of current and developing security threats facing the credit union; and effective reporting and recommendations to senior executives regarding the security posture of the credit union and appropriate actions to prevent security incidents.

    Responsibilities

    • Determine information security requirements by evaluating business strategies and requirements, researching information security standards; conducting system security and vulnerability analyses and risk assessments, assessing industry architectures/platforms and relative security benefits, and identifying architecture/platform integration issues that prevent the strongest possible security posture.

     

    • In collaboration with Information Technology (IT), design and implement effective security systems by evaluating network and security technologies, developing requirements for local area networks (LANs), wide area networks (WANs), virtual private networks (VPNs), routers, firewalls, servers, operating systems, applications, vendor-provided systems, and any related security and network devices.

     

    • In collaboration with Information Technology (IT), implement security systems by specifying and recommending intrusion detection methodologies and equipment, directing equipment and software installation and calibration, preparing preventive and reactive incident response processes and escalations, creating, transmitting, and maintaining all encryption keys, providing technical support of InfoSec technologies as needed, and completing documentation.

     

    • Establish real-time, 24x7x365 information security systems verification and validation by developing and implementing test scripts and monitoring capabilities that ensure proper functionality and effectiveness of security systems. Act as primary point of contact to ensure that all managed security service provider (MSSP) scanning tools are properly configured, adequately identifying technology assets, and alerts are properly acted upon to mitigate identified threats.

     

    • Maintain security by monitoring and ensuring compliance to standards, policies, and procedures, conducting incident response analyses; developing and conducting training programs, and recommending architecture changes where necessary to increase the security posture of the credit union.

     

    • Ensure that all security systems are current and capable of protecting against the latest threats by keeping all systems on the latest versions, identifying information security gaps in tools or processes, and recommending necessary enhancements. Collaborate with IT to implement enhancements or upgrades in a timely manner, performing technical support where needed.

     

    • Prepare effective system security reports and recommendations to senior executives by collecting, analyzing, and summarizing data and trends. Deliver appropriate recommendations in order to prevent information security incidents.  

     

    • Maintain skills and InfoSec expertise by tracking and understanding emerging security practices and standards, participating in educational opportunities, reading professional publications, maintaining personal networks, and participating in professional organizations.

     

    • Serve as the primary liaison for audit activities related to all areas concerning information security. Ensure that the credit union accomplishes all goals and improvements related to audit findings and external security vulnerability scans/services.   Responsible for ensuring the credit union remains at or higher than its targeted security posture, and that the organization remains audit-ready at any time.

     

    Marginal Functions

     

    • Perform other duties as required and/or assigned.

    Qualifications

    • Four year college degree in Information Systems, Business, Computer Science or equivalent work experience.

     

    • Eight to Ten years of related work experience in IT and Information Security.

     

     

    • Designation of a Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM) required.

     

    • Willingness to update skills on a regular basis to keep abreast of rapidly changing technology.

     

    • A high level of problem solving skills and the ability to communicate in a clear, concise manner.

     

    • A high degree of poise and tact to represent the credit union positively when dealing with outside contacts and employees.

     

    • Must have experience in all areas of local and wide area networks management and administration including system configuration, setup, troubleshooting, implementation, and user support; experience installing and supporting Microsoft server technologies; experience in supporting telecommunications equipment.
    • Must have a working knowledge of local and wide area networks (LAN/WAN), Internet, e-mail systems, telecommunications and data communications; standard operating systems, software packages, and software utilities; proper records maintenance and storage for local and distributed environments.
    • Must have the skill and ability to maintain security within data networks and servers; assist with the day-to-day operation of securing networks and servers; implement LAN/WAN security protocols.
    • Must be able to communicate effectively in both oral and written form and explain technical concepts in non-technical terms to staff and prepare clear and concise written communications.
    • Must have the skill and ability to read, interpret and apply technical data processing manuals and related documents; keep current by reading, interpreting, and applying information on technological changes and updates; and research technical manuals and guides to respond to user questions;
    • Must be able to manage multiple projects/tasks concurrently; and prioritize requests and complete assignments within an estimated timeframe; and organize, schedule, and coordinate a variety of activities and projects.
    • Must have the ability to learn new software and hardware packages and adapt to changes in technology.
    • Must be self-starter and be able to use own judgment to undertake activities with minimal supervision. Must be work independently and as a team member.

     

     

     

    • Must be able to lift and carry boxes containing computer components, printer paper, etc.

     

    • Regular and reliable attendance is required.

     

    • Possession of a valid driver's license to operate a motor vehicle.

    Options

    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed