The Cybersecurity Specialist will provide oversight to ensure our network, hardware, software and related components are protected against cyber-attacks as well as internal threats. This individual will be responsible for providing specific security reports in various areas and aspects of the security posture on a regular basis. This position will be a primary contact with the credit union’s Security Service Providers, and work closely with the Systems, Core, and Network teams to ensure the appropriate security measure are in place. This position will have input on the development of the overall security strategy and policies.
The Cybersecurity Specialist is expected to interface with peers in within IT as well as with the leaders of the business units to solicit their involvement in achieving higher levels of enterprise security through information sharing and co-operation. Candidates should have strong IT skills and a deep understanding of cyber-security threats. Specifically, this position will have the following duties and responsibilities:
- Assist with the enforcement of policies, procedures, and associated plans for system security administration and user system access based on industry-standard best practices;
- Provide educational resources and training related to the cybersecurity landscape to peers and business leaders;
- Oversee the operations of the enterprise’s security solutions;
- Providing the AVP with recommendations on security modifications, updates or new solutions and lead security related projects and provide critical inputs on significant organizational initiatives;
- Research best practices and which ones will work best with the credit union’s infrastructure to provide the best security company-wide;
- Work with the System Administration team to help ensure servers vulnerabilities are identified and mitigated;
- Monitor all of the credit union’s security systems to quickly identify and research any suspicious or known malicious activity;
- Research all tickets and events reported by the security service providers, closing the tickets and events in an expeditious manner;
- Identify, as best possible, cyber attackers so the appropriate defensive measures can be added or updated;
- Work with all of the credit union’s security partners to research events and mitigate threats as they are identified or occur;
- When necessary, draft formal reports for review by the SVP--ITO for submission to authorities after an incident;
- Lead in identifying, prioritizing, and coordinating the protection of critical security services, architecture, supporting infrastructure and cloud resources.
- Perform system administration or guidance on specialized cyber defense applications and systems utilizing best practice hardening techniques to protect the organization’s digital ecosystem.
- Provide guidance and coordinate with Cybersecurity team to manage and administer the updating of rules and signatures; including but not limited to IDS/IPS, Firewalls, SIEM, EDR, PKI, web, related operating systems and supporting software.
- Read, interpret, write, modify, and execute simple scripts (e.g., Powershell, Python, SQL) on cyber defense applications and systems (e.g., those that perform tasks such as: parsing large data files, automating manual tasks, and fetching/processing remote data).
- Leverage vulnerability database sources to understand each weakness, its probability and remediation options, including vendor-supplied fixes and workarounds.
- Conduct continuous discovery and vulnerability assessment of enterprise-wide assets and provide in-depth analysis of vulnerabilities to other team members to assist with overall vulnerability remediation efforts.
- Understand the technical objectives of an adversary, model threats, and document how vulnerabilities are leveraged using OWASP, CVSS, and the MITRE ATT&CK framework to assess risk and implement/validate controls as necessary.
- Identify and respond to potential security events and triage requests through the team mailbox or ticketing system.
- Participate and provide support to business units launching new technology applications or services to verify that products offerings are not at risk of misconfiguration, compromise, or information leakage.
- Ensure cybersecurity-enabled products or other compensating security control technologies reduce identified risk to an acceptable level.
- Liaise with the security vendors to improve tool usage and workflow, as well as mature monitoring and response capabilities.
- Assist the SVP-ITO in the development of annual board of director security training
- Keep the SVP-ITO informed of the security posture of the credit union through regular reports;
- Help lead and participate in project planning for business initiatives and is relied upon to research and develop solutions/suggestions to streamline cybersecurity delivery of the roadmap.
- Liaise with key security vendors, partners and managed services providers on daily tasks and issues.
- Presents a helpful and positive attitude, focusing on solutions and always promoting a collaborative environment.
- Practices and brings to life with the team our “Yes And… culture.
- Comply with established regulations and law requirements.
- Perform various other duties as assigned.
Requirements
Required Experience
- Bachelor's degree from an accredited institution in cybersecurity, business, or related field with 4-6 years of relevant work experience OR demonstrated ability to meet the job requirements through a comparable number of years of applicable work experience and education.
- Security certifications such as ISACA Certified Information Security Manager, Microsoft Certified Systems Engineer, or Certified Information Systems Security Professional (CISSP) preferred.
- Experience in designing security architectures to mitigate threats to the enterprise.
Skills, Education and/or Certifications Required
- Must have good knowledge of networks, both LAN and WAN, Server and up and VMWare;
- Proficient in standard IT software, such as Windows, MS Office, MS Visio and security tools;
- Ability to communicate well both verbally and in writing;
- Proven ability to be perceptive in identifying elusive threats, display attention to detail, be able to solve difficult problems and conduct forensic research;
- Must have a desire to self-educate and stay up-to-date on threats, vulnerabilities and solutions to mitigate both;
- Credit Union or financial institution experience preferred;
- Requires an organized, detail-oriented self-starter who is able to work independently;
- Strong processing, analytical and problem solving skills;
- Strong listening and communication skills;
- Possess a strong work ethic and team player mentality;
- Highly developed sense of integrity and commitment to member satisfaction;
- Required to handle all member information in a confidential manner;
- Professional written and verbal communications skills;
Texas Trust Credit Union is an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status, or any other characteristic protected by law.