Information Security/Network Administrator

GENERAL JOB DESCRIPTION

The Information Security/Network Administrator supports the technology infrastructure of the Credit Union which includes operations, maintenance, support of the in-house data center facilities, network, servers, storage, desktop, security environment and level 3 support for the branch and corporate computing environment, risk analysis, monitoring of the network, vulnerability testing and patching, cyber security training, policy administration and vendor management.

DUTIES & RESPONSIBILITIES:

  • Install, configure, monitor, and administer system and network hardware/software
  • Work with vendors to maintain the internal network and devices
  • Implement, manage, and monitor solutions for the following:
    • New or unknown hosts to ensure they are authorized to connect to the internal network
    • Malicious or unauthorized system or network activity
    • Vulnerability identification and management
    • Threat identification and management (viruses, malware, ransomware)
    • Data backups
    • Network and system performance
    • Asset inventory and criticality classification
  • Ongoing risk analysis to Identify new and emerging threats
    • Compliance analysis (such as the FFIEC and NCUA’s Cybersecurity Assessment Tool)
    • Ongoing IS and system audits
    • Network device rule reviews
    • System hardening configuration reviews
    • Employee access reviews
    • Ongoing penetration testing
    • Internal network
    • External network
    • Wireless network
  • Administer cyber-security training for all credit union employees
  • IS POLICY ADMINISTRTION
    • Draft, review, and revise the credit union’s Information Security policies such as Incident Response to ensure clarity, accuracy of the content, and enforcement to so that the appropriate parties are aware of the requirements
  • VENDOR DUE-DILLIGENCE
    • Review Information Security related vendor due-diligence packets on a regular basis (SSAE16, SOC-1, SOC-2) and communicate any concerns to the appropriate parties
  • REMEDIATION
    • Work with fellow team members and service providers to ensure vulnerabilities, deficiencies, or other concerns are documented and addressed promptly for resolution and mitigation
  • ACCOUNTABILITY
    • Provide regular updates on the state of Information Security to fellow team members, management, committees, and the Board of Directors
  • CHANGE MANAGEMENT
    • Ensure that a change management process is in place and followed so that changes are documented, reviewed, tested, and implemented

ESSENTIAL JOB REQUIREMENTS: 

  • College graduate or high school graduate with 6+ years of experience in technology
  • Strong oral and written communication skills
  • Detail oriented
  • Strong organizational and planning skills
  • Ability to work occasional evening and weekends
  • Ability to manage multiple tasks in a fast paced environment
  • Provides friendly, prompt, professional and accurate service and support to all members and associates
  • Maintains a dependable record of attendance and timeliness
  • Knowledge of MCCU products and services

SKILLS/ABILITIES: 

  • Knowledge of social engineering
  • Experience in IT and Security audits
  • Experience in identifying vulnerabilities and applying corrective actions
  • Experience in network integrity and potential risk improvement
  • Knowledge of regulatory rules and changes
  • Ability to facilitate meetings and projects across the organization
  • Experience using Terminal Services / Virtual Desktop
  • Strong understanding of TCP/IP,DHCP, DNS, and WINS
  • Strong understanding of Internet DNS domains and name resolution
  • Basic understanding of PKI and use of SSL certificates
  • Knowledge of implementing Active Directory Group Policies, including software, security, login and logout
  • Knowledge of Microsoft IIS Server including SSL
  • Knowledge and use of Windows Server Security best practices
  • Experience using operating system imaging technology
  • Working knowledge of Microsoft Server
  • Strong understanding of network routing/switching and firewalls (Cisco preferred), including LAN and WAN
  • Experience using SNMP for system monitoring/alerting
  • Practical experience with Intel based servers, storage and data management products
  • Minimum of 3 hours of MCCU approved volunteer hours.