Summary
The person who fills this role will be responsible for the protection of the company’s physical and non-physical Information Technology assets. This includes monitoring, vulnerability management, security architecture, and IT security controls in relation to corporate policy and industry regulation. Security domain includes network equipment, servers, desktop and laptop computers, software, and electronic information. In the event of a security incident, this individual will determine the root cause, damage, identify the methods utilized by intruder, and ascertain the ongoing potential risk and exposure to the breached system and to the greater client environment. The IT Security Manager will be responsible for the overall IT Security program, the Security Awareness Program, project management of security initiatives, writing security policy, producing security guidelines for IT operations, producing metrics for upper management, and hosting internal security governance meetings. The IT Security Manager must have technical knowledge of Windows Operating Systems, Switches, Routers, Firewalls, Wireshark/Ethereal network captures, and log correlation using SIEM tools.
Responsibilities
- Experience with information security policies, intrusion response procedures, disaster recovery procedures, risk analysis, and significant experience administering the operations of a complex security infrastructure.
- Experience performing Security Audits, Enterprise IDS implementation and testing.
- Experience with System security and controls including Attack and penetration security, Firewall, Identity management, Encryption technology, Assessment of network vulnerability, Network configuration and administration, Virus software, Security auditing techniques.
- Firewall and router configuration, switches, secure network architecture, VPNs, Cisco, sniffer technologies.
- Advanced understanding of Microsoft Active Directory, especially Group Policy Objects.
- Banking or Credit Union experience a plus but not required.
- Strong understanding of: Information Security policies and architectures, Wireless Security auditing and policies, Program change control, System development life cycle, Backup and recovery, Entity Level IT controls - IT Governance, risk assessment, System Security (Windows, Unix, Mac), Application Controls.
- Effective communication skills to translate technical risks and exposures to a business perspective - formal reports and/or presentations.
Qualifications
- Excellent analytical, troubleshooting & interpersonal skills.
- Must hold at least one of the following or be able to achieve certifications within 6 months: CISSP, GSEC, CEH, GCFA, GCIH, Cisco CCNA, SANS
- In-depth understanding of IP networking, networking protocols and security-related technologies. These include encryption, IPsec, PKI, RADIUS, VPN's, firewalls, proxy services, DNS, PGP, SSL, digital signature and digital rights management.
- Penetration Testing-Network, Host, Applications.
- Vulnerability Assessments-Network, Host, Applications.
- Ability to work with internal clients on projects and initiatives to ensure robust IT security elements are planned for.
About the Organization
Marine Credit Union is a member-owned financial cooperative headquartered in La Crosse, Wisconsin which serves more than 90,000 customers across Wisconsin, Iowa, and Minnesota. Marine believes in providing access to quality financial solutions to those in financial need with the mission to help advance their financial journey to a place of ownership.
How to Apply
Marine Credit Union