INFORMATION SECURITY ANALYST

KEMBA Financial Credit Union • Columbus, OH, US • 3m ago

Title: Information Security Analyst

Reports to: Director of Information Security

Supervises: None

Status: Exempt

Objective

This Information Security Analyst position administers the enforcement of corporate, regulatory, and risk management policies and assists in developing, implementing, and maintaining corporate information security standards, technologies, processes, and procedures. This position coordinates, administers, monitors, and maintains security infrastructure. This includes, but is not limited to, intrusion prevention systems, content filtering systems, event management systems, Antivirus, and vulnerability assessment programs.

Duties And Responsibilities

Assumes responsibility for the effective performance of a security analyst:
- Performs risk assessments and testing of data processing systems
- Researches attempts to compromise security protocol and recommend solutions.
- Installs security measures and operates software to protect systems and information infrastructure, including firewalls, IDS/IPS, Anti-virus and data encryption programs.
- Performs tests and uncover network and systems vulnerabilities; remediate detected vulnerabilities to maintain a high-security standard.
- Establishes system controls by developing framework for controls and levels of access, recommending improvements.
- Establishes computer and terminal physical security by developing standards, policies, and procedures; coordinating with facilities security; recommending improvements.
- Uses Information System Security tools to investigate or identify any incidents of possible security related issues or events; document accordingly and remediate.
- Monitors server logs, firewall logs, intrusion detection logs, and network traffic for unusual or suspicious activity, and makes remediation recommendations based on those findings.
- Ensures that all KEMBA network and system assets are up to date with all security related patches in accordance with Patch Management Procedure.
- Implements products and services as required to maintain compliance with existing, new, or changing regulations and auditing recommendations
- Maintains security systems and administers security policies to control access to systems.
- Designs, implements, and reports on security system activity, and performs end-user activity audits.
Assumes responsibility for performing tasks and responsibilities associated with vendor and associate management:
- Works with business units to establish that all policies and procedures have been completed for onboarding new vendors and offboarding existing vendors.
- Performs regular audits of existing vender partnerships to ensure they fall in line or better than KEMBA’s Security posture.
- Works with vendors to arrange for upgrades, updates, patches and replacements on software and hardware.
- Ensures authorized access by investigating improper access; revoking access; reporting violations; monitoring information requests by new programming; recommending improvements
Assumes responsibility for maintaining effective business relations with end users and outside vendors:
- o Identifies opportunities to improve user satisfaction.
- Provides information, answers questions, and tracks and resolves problems promptly.
- Maintains supportive relationships with users to ensure that their needs are met.
- Preserves professional relationships with outside vendors when requesting upgrades, replacement parts and assistance.
- Projects and maintains the Credit Union’s reputation.
Assumes responsibility for establishing and maintaining effective communication and coordination with Company personnel and with management:
- Maintains regular contact with all departments to obtain information and to correct errors in network security operations; distributes materials on updated projects.
- Assists area personnel with computer operations; Develops security awareness by providing orientation, educational programs, and on-going communication; keeps users informed of the status of their requests.
- Informs management of area activities; notifies supervisor of system malfunctions and operating problems that cannot be corrected by routine procedures.
- Attends meetings as required.
- Completes records, reports and logs in a timely manner.
Additional duties may include:
- Creates, tests, and implements network disaster recovery plans.
- Trains staff on network and information security procedures.
- Develops company-wide best practices for IT security.
- Updates job knowledge by participating in educational opportunities; reading professional publications; maintaining personal networks; participating in professional organizations.
- Researches security enhancements and make recommendations to management.
- Stays current on IT security trends, security standards and news.
- Helps colleagues install security software and understand information security management.
Assists in other areas as directed by Credit Union management.

Required Qualifications

Strong verbal and written communication skills
Strong organizational skills and attention to detail
Knowledgeable in information security protection and programs, reporting, communication processes, and continuous improvement
Bachelor’s degree or equivalent, a minimum of 1-2 years of experience working in the networking and security field preferred, or 2-4 plus years in the information technology networking field with security responsibilities
Experience in developing and testing Disaster Recovery Plans
Experience working with 3rd party providers of security services
Knowledge of new and/or innovative initiatives that have improved efficiency, quality, security, and service levels within the technology arena
Strong analytical skills and demonstrated ability to systematically gather information, sort through complex issues, address root causes and make timely and well-thought-out decisions.
Ability to handle multiple tasks simultaneously
Professional demeanor
Ability to work well independently or as part of a team
Ability to work in a fast-paced environment

Desired Qualifications

A current security certification (within the past 14 months)

Physical Demands

The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of the job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

While performing the duties of the job, the employee is regularly required to sit; use hands to manipulate, handle, feel, and talk or hear. The employee is frequently required to reach with hands and arms. The employee is occasionally required to stand and walk. The employee must occasionally lift and/or move up to 15 pounds. Specific vision abilities required by this job include close vision, distance vision and ability to adjust focus.