SonicJobs Logo
Left arrow iconBack to search

Information Security Administrator

P1FCU
Posted 6 days ago, valid for 16 days
Location

Lewiston, ID 83501, US

Salary

Competitive

Contract type

Full Time

By applying, a Sonicjobs account will be created for you. Sonicjobs's Privacy Policy and Terms & Conditions will apply.

SonicJobs' Terms & Conditions and Privacy Policy also apply.

Sonic Summary

info
  • The Information Security Administrator (ISA) position is located in Warner Branch, Lewiston, ID, and is a full-time role within the Information Technology department.
  • Candidates must have five or more years of experience in information security, systems administration, or a related technology field.
  • The ISA will oversee the administration and enhancement of cybersecurity technologies, ensuring compliance and protection against internal and external threats.
  • Responsibilities include managing security operations, conducting vulnerability assessments, and providing support for security-related issues.
  • The position offers a competitive salary based on experience, with a focus on developing and maintaining a strong security posture for the organization.

Job DetailsJob Location: Warner Branch - Lewiston, ID 83501Position Type: Full TimeRole The Information Security Administrator (ISA) is a member of the Information Technology department and reports to the Information Security Manager (ISM).  The ISA is responsible for the administration, monitoring, and continuous improvement of the credit union's cybersecurity technologies and security controls. This role designs, implements, and maintains solutions that protect systems, networks, applications, and information assets from internal and external threats. The ISA serves as a technical security resource supporting security operations, incident response, vulnerability management, security testing, compliance activities, and the ongoing enhancement of the organization's overall security posture. Major Duties and Responsibilities Information Security Operations: Protect electronic information and infrastructure from external and internal threats, maintain compliance with statutory and regulatory requirements regarding information access, security and privacy. Install, configure, administer, automate, monitor, troubleshoot, and optimize security technologies including firewalls, IDS/IPS, SIEM, DLP, CASB, endpoint protection, email security, secure remote access, and other security infrastructure systems. Design, implement, test, and maintain security controls, configurations, automations, integrations, and architecture improvements to strengthen the credit union's security posture and support operational requirements. Develop and maintain scripts, automations, workflows, and integrations to improve security operations, monitoring, reporting, and response capabilities. Participate in the review and selection process for new information security solutions. Analyze security events, logs, alerts, and network activity to identify threats, suspicious behavior, and indicators of compromise. Investigate, escalate, contain, and resolve security incidents, participate in forensic analysis, and support recovery activities following security events. Perform vulnerability assessments, patch validation, and remediation activities. Analyze vulnerabilities for risk and work with infrastructure, application, and operational teams to implement corrective actions.  Conduct risk and compliance reviews and coordinate third-party assessments and audits. Provide security-related support to users and resolve any security-related issues they encounter. Administer, maintain, monitor, troubleshoot, and support electronic and physical security systems, including video surveillance, access control, alarm, environmental monitoring, and other security monitoring technologies. Participate as a technical lead or advisor on information security initiatives and other ad-hoc projects as assigned. Maintain detailed documentation of all security systems and procedures. Participate in the change and configuration management process, ensuring security-related changes are properly evaluated, documented, tested, and implemented in accordance with established procedures. Produce reports and presentations that outline findings, explain risk positions, and recommend improvements. Maintain records of security incidents, investigations, and outcomes. Conduct technical security assessments, control validation, and security testing to identify weaknesses and verify the effectiveness of implemented controls. Other duties as assigned by management Follows policy and procedures related to Bank Secrecy Act (BSA), Anti-Money Laundering (AML), Customer Identification Program (CIP) and Customer Due Diligence (CDD) daily to ensure compliance with current regulations. Follows policy and procedures related to SARs by reporting suspicious activity to the Compliance department. Responsible for filling out an incident report for detected computer intrusion of Credit Union computer systems per Bank Secrecy Act. Completes mandatory BSA/AML annual training via online web course. Programs, Policies and Plans: Participate in Business Continuity (BCP), Disaster Recovery (DR), and Incident Response (IR) exercises, tabletop scenarios, testing, and recovery activities. Assist with the execution, validation, documentation, and continuous improvement of resilience and recovery capabilities. Support the development, maintenance, and implementation of Cybersecurity and Information Security policies, standards, procedures, and programs that comply with applicable laws, regulations, and industry best practices. Collaboration:  Provide security guidance and input to technical reviews of proposed projects, services and vendors.  Provide security-related support to the IT department and other business units as needed. Work with application and operational teams to encourage a security mindset throughout product development processes from concept to testing and implementation. Coordinate with security vendors, service providers, and technology partners to support system administration, incident response, troubleshooting, upgrades, implementations, maintenance activities, and remediation efforts. Training and Awareness:  Contribute to the development and delivery of security awareness training for employees. Maintain awareness of changing and emerging information security and cyber security threats and provide subject matter expertise to management on a broad range of information security topics and standards. QualificationsKnowledge and Skills Experience a { text-decoration: none; color: #464feb; } tr th, tr td { border: 1px solid #e6e6e6; } tr th { background-color: #f5f5f5; } Five (5) or more years of similar or related experience in information security, systems administration, network administration, or a related technology field, including preparatory experience. Experience administering and supporting security technologies such as firewalls, IDS/IPS, SIEM, endpoint protection, DLP, email security, secure remote access solutions, or similar cybersecurity platforms. Knowledge of various security methodologies, frameworks, and technical security solutions. Knowledge of TCP/IP, computer networking, routing, and switching. Experience with network security technologies and system, security, and network monitoring tools. Experience investigating security incidents and analyzing security, system, and network logs. Fundamental understanding of risk management, cybersecurity frameworks, vulnerability management, and incident response processes. Thorough understanding of security principles, techniques, technologies, and protocols. Experience with security control implementation, system hardening, vulnerability remediation, and security testing methodologies. Familiarity with artificial intelligence (AI) technologies, AI security risks, AI governance principles, or AI security management tools is preferred Experience with scripting, automation, APIs, or systems integration is preferred. Strong analytical, problem-solving, interpersonal, and communication skills. Education/Certifications/Licenses A college degree in Information Technology, Computer Science, Cybersecurity, or a related field, or equivalent work experience, is preferred. Preferred certifications include Security+, CySA+, SSCP, SANS GSEC, SANS GISF, SANS GCIA, or similar cybersecurity certification Interpersonal Skills A significant level of trust, credibility and diplomacy is required. In-depth dialogues, conversations and explanations with customers, direct and indirect reports and outside vendors can be of a sensitive and/or highly confidential nature. Communications may involve motivating, influencing, educating and/or advising others on matters of significance. ADA Requirements Physical Requirements Is able to bend, sit, and stand in order to perform primarily sedentary work with limited physical exertion and occasional lifting of up to 50 lbs. Must be capable of climbing / descending stairs in an emergency situation. Must be able to operate routine office equipment including computer terminals and keyboards, telephones, copiers, facsimiles, and calculators. Must be able to routinely perform work on computer for an average of 6-8 hours per day, when necessary. Must be able to work extended hours or travel off site whenever required or requested by management. Must be capable of regular, reliable and timely attendance. Working Conditions Must be able to routinely perform work indoors in climate-controlled shared work area with minimal noise. Mental and/or Emotional Requirements Must be able to perform job functions independently or with limited supervision and work effectively either on own or as part of a team. Must be able to read and carry out various written instructions and follow oral instructions. Must be able to complete basic mathematical calculations, spell accurately, and understand computer basics. Must be able to speak clearly and deliver information in a logical and understandable sequence. Must be capable of dealing calmly and professionally with numerous different personalities from diverse cultures at various levels within and outside of the organization and demonstrate highest levels of customer service and discretion when dealing with the public. Must be able to perform responsibilities with composure under the stress of deadlines / requirements for extreme accuracy and quality and/or fast pace. Must be able to effectively handle multiple, simultaneous, and changing priorities. Must be capable of exercising highest level of discretion on both internal and external confidential matters.




Learn more about this Employer on their Career Site

Apply now in a few quick clicks

By applying, a Sonicjobs account will be created for you. Sonicjobs's Privacy Policy and Terms & Conditions will apply.

SonicJobs' Terms & Conditions and Privacy Policy also apply.