1st Mid America Credit Union
Security Information Analyst
1st Mid America Credit Union, East Alton, Illinois, United States, 62024
Print
1st MidAmerica Credit Union
Structured Compensation - Job Description
Security Information Analyst
Role:
Assists in the development, implementation, monitoring and reporting of Information Security programs. Ensures all appropriate industry measures are taken to limit the risk of loss of member information and/or organizational proprietary data. Promote security awareness programs throughout the credit union.
Essential Functions & Responsibilities:
Maintains knowledge of and ensures compliance with IT security regulations.
Conducts a risk analysis that identifies and ranks risk to the network, network resources and stored data.
Establish and maintain information security standards and procedures in compliance with all regulatory agencies/groups and industry best practices.
Monitor an report on adherence to Information Security standards established internally and across the industry spectrum. Recommend changes to ensure secure and compliant technology operations.
Conducts periodic security audits.
Conducts firewall and IPS policy reviews.
Develops and implements security policies that outline users' security related roles and responsibilities.
Defines and communicates security violation response procedures and practices.
Develops, monitors, and reports on information security performance metrics (such as threat level, vulnerability level, problem resolution time, etc.).
Identifies areas of non-compliance and makes recommendations for achieving compliance.
Monitors traffic and access logs in order to verify compliance. Coordinates data destruction and secure disposal of hardware.
Coordinates data destruction and secure disposal of hardware.
Actively works to reduce risk levels for the Credit Union. Keeps updated on IT security regulation changes and new developments in the IT security environment.
Other duties as assigned.
Performance Measurements:
1. To follow all company policies and act as a role model to others in the following of these policies. This
includes, but is not limited to, providing exceptional internal and external service, championing credit union
values, representing the credit union with a high level of professionalism and support.
2. Maintain applicable industry knowledge and certifications.
3. Deliver Information Security related communications and training to multiple audiences with varying
degrees of technical savvy.
4. Self-motivated requiring minimal guidance on deliverable expectations.
Knowledge and Skills:
Experience Bachelor's degree in Computer Information Sciences, Information Technology,
Engineering or a related technical field or: An Associates degree in Computer Science or related field plus 2 years of relevant work
experience.
Three years to five years experience directly related to Information Security.
Applicable industry certifications would be desired: CompTIA Security +,, GSEC or SSCP.
Education (1) A bachelor's degree, or (2) achievement of formal certifications recognized in the
industry as equivalent to a bachelor's degree (e.g., information technology certifications in
lieu of a degree).
Interpersonal Skills Work involves much personal contact with others inside and/or outside the organization for
the purpose of first-level conflict resolution, building relationships, and soliciting
cooperation. Discussions involve a higher degree of confidentiality and discretion,
requiring diplomacy and tact in communication.
Other Skills Strong investigative skills to include ability to analyze and troubleshoot issues.
Practical application of FFEIC, PCI DSS and other industry related guidelines.
Active work in data loss prevention principles.
Experience working in an IT environment including strong change control and
configuration management practices.
Applied experience in risk assessments, vulnerability mitigations and compensating
controls.
Applied experience working with relevant third party tolls including intrusion detection,
firewall, patch management, etc.
Experience with logical and physical security investigations, mitigation and controls.
Physical
Requirements
Work Environment
Disclaimer:
Must be able to work and travel to different credit union locations as determined by management.This Job Description is not a complete statement of all duties and responsibilities comprising the position.
1st MidAmerica Credit Union
Structured Compensation - Job Description
Security Information Analyst
Role:
Assists in the development, implementation, monitoring and reporting of Information Security programs. Ensures all appropriate industry measures are taken to limit the risk of loss of member information and/or organizational proprietary data. Promote security awareness programs throughout the credit union.
Essential Functions & Responsibilities:
Maintains knowledge of and ensures compliance with IT security regulations.
Conducts a risk analysis that identifies and ranks risk to the network, network resources and stored data.
Establish and maintain information security standards and procedures in compliance with all regulatory agencies/groups and industry best practices.
Monitor an report on adherence to Information Security standards established internally and across the industry spectrum. Recommend changes to ensure secure and compliant technology operations.
Conducts periodic security audits.
Conducts firewall and IPS policy reviews.
Develops and implements security policies that outline users' security related roles and responsibilities.
Defines and communicates security violation response procedures and practices.
Develops, monitors, and reports on information security performance metrics (such as threat level, vulnerability level, problem resolution time, etc.).
Identifies areas of non-compliance and makes recommendations for achieving compliance.
Monitors traffic and access logs in order to verify compliance. Coordinates data destruction and secure disposal of hardware.
Coordinates data destruction and secure disposal of hardware.
Actively works to reduce risk levels for the Credit Union. Keeps updated on IT security regulation changes and new developments in the IT security environment.
Other duties as assigned.
Performance Measurements:
1. To follow all company policies and act as a role model to others in the following of these policies. This
includes, but is not limited to, providing exceptional internal and external service, championing credit union
values, representing the credit union with a high level of professionalism and support.
2. Maintain applicable industry knowledge and certifications.
3. Deliver Information Security related communications and training to multiple audiences with varying
degrees of technical savvy.
4. Self-motivated requiring minimal guidance on deliverable expectations.
Knowledge and Skills:
Experience Bachelor's degree in Computer Information Sciences, Information Technology,
Engineering or a related technical field or: An Associates degree in Computer Science or related field plus 2 years of relevant work
experience.
Three years to five years experience directly related to Information Security.
Applicable industry certifications would be desired: CompTIA Security +,, GSEC or SSCP.
Education (1) A bachelor's degree, or (2) achievement of formal certifications recognized in the
industry as equivalent to a bachelor's degree (e.g., information technology certifications in
lieu of a degree).
Interpersonal Skills Work involves much personal contact with others inside and/or outside the organization for
the purpose of first-level conflict resolution, building relationships, and soliciting
cooperation. Discussions involve a higher degree of confidentiality and discretion,
requiring diplomacy and tact in communication.
Other Skills Strong investigative skills to include ability to analyze and troubleshoot issues.
Practical application of FFEIC, PCI DSS and other industry related guidelines.
Active work in data loss prevention principles.
Experience working in an IT environment including strong change control and
configuration management practices.
Applied experience in risk assessments, vulnerability mitigations and compensating
controls.
Applied experience working with relevant third party tolls including intrusion detection,
firewall, patch management, etc.
Experience with logical and physical security investigations, mitigation and controls.
Physical
Requirements
Work Environment
Disclaimer:
Must be able to work and travel to different credit union locations as determined by management.This Job Description is not a complete statement of all duties and responsibilities comprising the position.