Information Security Analyst

Whitefish Credit Union - Kalispell, MT

posted 4 months ago

Full-time - Mid Level
Kalispell, MT
Credit Intermediation and Related Activities

About the position

The Information Security Analyst at Whitefish Credit Union is responsible for developing and managing the overall security program for the credit union. This role involves collaborating with various departments to ensure compliance with security policies and state and federal regulations. The analyst will oversee the remediation of vulnerabilities and the patching of software, devices, and appliances, while also responding to and resolving security incidents. Keeping abreast of current threats and proactively updating policies and procedures is essential to ensure the security and compliance of the credit union's employees, computer systems, and data. Additionally, the analyst will maintain physical security components such as cameras, badges, sensors, and access control systems, providing timely updates to the Information Security Manager (ISM) on ongoing projects. The position requires recommending and implementing changes to enhance system security and prevent unauthorized access. The analyst will provide direction, develop standards, and initiate processes related to information security. Responsibilities include updating, developing, and reviewing security policies and procedures, as well as maintaining, optimizing, and monitoring internal security systems like SIEM, CASB, DLP, IDS/IPS, and endpoint security solutions. The analyst will report, investigate, and resolve security incidents, manage SaaS and third-party applications with secure configurations, and develop data security standards and classifications. Furthermore, the role involves administering authentication and access controls, conducting risk and compliance assessments, and maintaining an effective vulnerability management program. The analyst will also coordinate with security vendors, aid in the configuration and maintenance of physical security systems, and oversee third-party technology service provider security compliance. Developing and administering information security training for IT personnel and credit union staff is also a key responsibility. The analyst will ensure that all system software is patched regularly and act as the main point of contact for computer security issues, providing feedback to senior IT management for necessary changes to security protocols. Strict adherence to the CIA triad (Confidentiality, Integrity, Availability) is expected in all aspects of the role.

Responsibilities

  • Develop and manage the overall security program for the credit union.
  • Work with various departments to ensure compliance with security policies and regulations.
  • Oversee vulnerability remediation and patching of software, devices, and appliances.
  • Respond to and resolve security incidents.
  • Keep up to date with current threats and proactively update policies and procedures.
  • Maintain physical security components such as cameras, badges, sensors, and access control systems.
  • Provide timely updates to the ISM on current projects.
  • Recommend and implement changes to enhance systems security and prevent unauthorized access.
  • Provide direction, develop standards, and initiate processes related to Information Security.
  • Update, develop, and review security policies and procedures.
  • Maintain, optimize, and monitor internal security systems (SIEM, CASB, DLP, IDS/IPS, and endpoint).
  • Report, investigate, and resolve security incidents.
  • Manage and implement SaaS and third-party applications with secure configuration and authentication technologies.
  • Develop and maintain data security standards and classifications.
  • Administer authentication and access controls, including oversight of provisioning and de-provisioning of user accounts.
  • Research security trends and techniques to preemptively eliminate system breaches.
  • Perform risk and compliance assessments and coordinate third-party risk assessments.
  • Maintain an effective vulnerability management program and recommend secure configurations and patches.
  • Review, assess, and mitigate penetration tests and vulnerability assessments.
  • Coordinate with security vendors and aid in the configuration of physical security systems.
  • Develop and administer information security training for IT personnel and CU staff.
  • Oversight and reporting of all system software patching.

Requirements

  • High school diploma or GED required.
  • Associate degree in Computer Science or related field, or 4+ years of relevant work experience.
  • 2+ years of experience in Information Security or 4+ years in an IT role.
  • Current security certification in CISSP, Security+, OSCP, or equivalent required.
  • Experience in Windows and Active Directory Security and system hardening.
  • Knowledge of best practices for securing data centers, networks, and server components.
  • Familiarity with securing Windows and Linux servers and clients.
  • Familiarity with firewall rule configurations.
  • Excellent communication, customer service, and documentation skills.
  • Strong attention to detail and organizational skills.

Nice-to-haves

  • Experience with IDS/IPS systems.
  • Knowledge of compliance frameworks such as PCI-DSS, HIPAA, or NIST.
  • Experience with cloud security solutions.

Benefits

  • Competitive salary range of $60.1K - $76.1K per year.
  • Opportunities for professional development and training.
  • Health insurance options.
  • Retirement savings plan options.
  • Paid time off and holidays.

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service