Reports to: Information Security Manager
Functions Supervised: None.
Primary Functions: Information security analysts plan and carry out security measures to protect the credit union's computer networks and systems. Primary functions in this position would be a broad range of tasks, including the day-to-day administration of information and event management (SIEM) and may include significant responsibilities for the security administration of a variety of IT systems across the enterprise. Additionally, as legal and regulatory compliance drivers continue to grow, many of the security administrator's tasks may also support audit functions.
The individual in this position will interact closely with product vendors and service providers, personnel from various IM departments, and with business departments. In-depth knowledge of Alaska USA's operating systems and security applications, as well as a working knowledge of basic network protocols and tools, will also be required.
Duties and Responsibilities:
1. Information Security Analyst II duties and responsibilities.
2. Provide direction, develop standards, and initiate processes related to identity and access management.
3. Manage the implementation and development process for security solutions.
4. Manage the Data Loss Prevention (DLP) Program, coordinate the remediation efforts, generate reports and provide metrics on the effectiveness of the DLP program.
5. Monitor system logs, SIEM tools, and network traffic for unusual or suspicious activity. Interpret such activity and make recommendations for resolution.
6. Research threats and vulnerabilities and, where appropriate, take action to mitigate threats and remediate vulnerabilities.
7. Review, assess, and mitigate penetration tests and vulnerability assessments on information systems and infrastructure.
8. Perform threat and vulnerability assessments, in some cases followed by appropriate remedial action, to ensure systems are protected from known and potential threats, and free from known vulnerabilities.
9. Assist and train junior team members in the use of security tools, the preparation of security reports, and the resolution of security issues.
10. Research, recommend, evaluate and implement information security solutions, which identify and/or protect against potential threats, and respond to security violations.
11. Conduct audits and reviews of endpoint, network, system security controls, and manage remediation efforts.
12. Conduct security reviews of the network security architecture to identify accesses and assess the risk to these changes.
13. Assist in the management of firewalls, intrusion detection systems, switches and routers, which will include researching, designing, formulating, and documenting firewall rules.
14. Report unresolved network security exposures, misuse of resources, or noncompliance situations using defined escalation processes.
15. Develop and maintain documentation for security systems and procedures.
16. Coordinate the Monitoring and Response Program, identify new threats, develop and tune rules to monitor, generate reports, and provide metrics for the program.
17. Coordinate incident response activities, gather evidence, conduct forensic analysis on incidents, evaluate security controls, and make recommendations to improve them.
18. Perform other duties as assigned.
Education: Bachelors degree in Computer Science, Management Information Systems or related technical field.
Creditable Experience in Lieu of Education: Minimum of six years of Information Security experience Equivalent technical training and/or IT certifications required.
Experience/Skills: One of the following industry security certifications is required: Certified Information Systems Auditor, Certified Information System Security Professional, Certified Identity and Access Management, any Level 4 GIAC Certification or other advanced level certification. Six years demonstrable experience managing and implementing enterprise systems/networks. Six years direct experience in an Information Security role. Excellent verbal and written communication, organizational, and interpersonal skills required. Strong time and project management skills required. Experience and knowledge with information security principles, including risk assessment and management, threat and vulnerability management, incident response, and identity and access management. Technical proficiency with security-related systems and applications, especially Firewalls, IDS/IPS, Vulnerability Assessment tools, Endpoint solutions, Proxy servers, Security Incident and Event Management Systems, Data Loss Prevention, Active Directory, Identity and Access Management and Permissions Management desired. Demonstrated ability to successfully manage and coordinate multiple time-sensitive activities. Strong analytical and problem-solving skills to enable effective security incident and problem resolution. Proven ability to work under stress in emergencies, with the flexibility to handle multiple high-pressure situations simultaneously. Ability to work well under minimal supervision. Strong written and verbal communication skills. Experience in developing, documenting and maintaining security procedures.
Tenure: Assignment to the Information Security Analyst I category 10, Information Security Analyst II category 09, Information Security Analyst III category 08 or Senior Information Security Analyst category 07 will be determined by the candidate’s education or experience. Advancement requires management recommendation and will be based on the candidate’s certifications and/or performance.