Security Administrator

The Security Administrator is responsible for executing the Credit Union’s Information Security Program and adherence to related procedures that equal or exceed the information security standards prescribed by National Credit Union Administration (“NCUA”) Rules and Regulations Part 748 and Part 749, and Federal Financial Institutions Examination Council (“FFIEC”) guidance. The Security Administrator will participate in efforts to implement, promote, and maintain high-level security standards that support the organization.

This individual will be responsible for configuring and maintaining the security infrastructure, analyzing, and resolving security vulnerabilities, responding to security incidents, and will serve as the backup to the Credit Union’s Information Security Officer.

Duties and responsibilities include:

• Participate and contribute to activities necessary to maintain an effective and efficient Information Security Program, designed to mitigate risk and support the organization’s business goals and objectives.
• Develop, configure, maintain, and monitor a security infrastructure for both on-premises, vendor hosted applications, and public hosted environments (Azure, Amazon Web Services, and Google) while supporting the organization’s disaster recovery and business resumption plans.
• Develop, implement, maintain, and oversee the enforcement of Credit Union policies, and procedures for system security administration and user system access based on industry-standard best practices.
• Develop, implement, maintain, and oversee a Vulnerability Management Program that identifies, assesses, prioritizes, and coordinates remediation of security vulnerabilities across enterprise systems, applications, and networks.
• Deploy, manage, and maintain security systems on premises and in the cloud, and their corresponding or associated software, including intrusion detection systems, application whitelisting, and anti-virus software.
• Develop, implement, maintain, and oversee a Security Awareness Training Program that educates employees on cybersecurity risks, safe handling of member information, phishing prevention, password security, and compliance expectations to help protect the credit union’s systems, data, and members.
• Monitor and review security alerts, examining network traffic for unusual or suspicious activities. Interpret activity and investigate any noted irregularities and make recommendations for resolution.
• Participate and provide guidance for security reviews related to vendor management onboarding processes, vendor management ongoing security reviews, and annual risk assessments.
• Participate and execute security, vulnerability, and penetration assessments in partnership with regulators and external security firms, as well as performing necessary internal security evaluations and remediation activities.
• Collaborate with stakeholders to assess and analyze business unit security operations ensuring governance compliance and making security recommendations that best support the organization’s strategic objectives.
• Recommend, schedule, and perform security improvements, upgrades, and assess the need for any security reconfigurations and execute them if required. Conduct research on emerging products, services, protocols, and standards in support of strategic security enhancement and development efforts.
• Keep abreast of current information security technologies, industry developments; maintain certifications and attend professional courses and seminars as required to support the organization.
• Participate as a member of the Incident Response and Disaster Recovery teams, participating as a key team member investigating and remediating information security incidents.
• Performs other duties and responsibilities as assigned.

No requirement.

Display excellent written and verbal communication skills when interacting with all personnel, members, auditors, and examiners. Maintain professional composure, objectivity and fairness when dealing with conflicts and sensitive matters. Display attention to detail, ability to multi-task and…