Overview

PRIMARY PURPOSE: The security specialist is responsible for administering, coordinating, and evaluating security programs that support the strategy, policies, and standards established for the physical and logical safety of all data and applications at CBC. Compiles data and tracks tasks for audits, exams, and IT related tools in the security space. Assists with the development and execution of staff security training and awareness.

ESSENTIAL DUTIES:

  • Practice CBC core values:
    • Make It Right-CBC pledges to do the right thing for our credit union by providing the greatest benefit possible to our members and our community
    • Make It Easy-CBC pledges to provide easy financial solutions, convenient locations, efficient service, and simplified processes
    • Make It Personal-CBC pledges to nurture deep, personal relationships with members, based on their individual needs and preferences
  • Responsible for monitoring multiple platforms utilized to protect member’s data.
  • Prepare thorough and thoughtful weekly status reports.
  • Provide accurate and actionable reports to IT Management, Risk and Compliance, and auditors.
  • Support Information Security Program Administration
  • Support preparation of business proposals for presentation to multiple levels of team members at the credit union and/or committee members
  • Primary support individual for security-based incidents.
  • Investigate security-based incidents through multiple platforms utilized to diagnose impact of incident, resolution steps, risk for future incidents and advisement and implementation of long-term changes to better secure incident item
  • Provide suggestions for future deployments and configuration changes to enhance security aspects of hardware, software, and systems
  • Support administration of all systems utilized within the credit union to ensure security standards are met and optimization of use is possible within the credit union.
  • Train IT staff in the policies and procedures contained in the Information Security Program.
  • Assist in creating training materials, presentations and talking points related to security awareness
  • Assist in training credit union team members on security awareness.
  • Work with other members of IT Team jointly in reference to vulnerability assessments, remediation processes, new system deployments, new workstation, and server deployments.
  • Serve as security review of changes through change control platform
  • Perform other duties as assigned.


REQUIRED KNOWLEDGE, SKILLS, AND ABILITIES:
The requirements listed below are representative of the knowledge, skills and ability required of an individual to satisfactorily perform the essential duties of this job.

  • Should have working knowledge of financial industry IT regulations. Understand, support, and follow policies and procedures contained in the Information Security Program IT Handbook.
  • Ability to carryout instructions independently and exhibit strong problem‐solving and project management skills. Recommend solutions.
  • Knowledge of network infrastructure, Microsoft tools and services, and computer troubleshooting.
  • Develops, coordinates, and manages project plans; Must demonstrate flexibility while engaging in the planning process and be able to establish and maintain effective relationships with team members/vendors.
  • Must be able to clearly communicate orally and in writing. Must be able to read and interpret written information.
  • Understands business implications of decisions; Displays orientation to profitability. Aligns work with strategic goals.
  • Follows policies and procedures; Completes administrative tasks correctly and on time; supports organization’s goals and values; Benefits organization through outside activities; Supports affirmative action and respects diversity.
  • Develops strategies to achieve organizational goals; Understands organization’s strengths & weaknesses; Analyzes market and competition; Identifies external threats and opportunities; Adapts strategy to changing conditions.
  • Displays willingness to make decisions; Exhibits sound and accurate judgment; Supports and explains reasoning for decisions; Includes appropriate people in decision-making process; Makes timely decisions.
  • Demonstrates accuracy and thoroughness; Looks for ways to improve and promote quality; Applies feedback to improve performance; Monitors own work to ensure quality.
  • Adapts to changes in the work environment; Manages competing demands; Changes approach or method to best fit the situation; Able to deal with frequent change, delays, or unexpected events.
  • Knowledge of BSA/AML/OFAC regulations as they apply to this role. Must complete annual required training.
  • Balances team and individual responsibilities; Exhibits objectivity and openness to others’ views; Gives and welcomes feedback; Contributes to building a positive team spirit; Puts success of team above own interests; Able to build morale and group commitments to goals and objectives; Supports everyone’s efforts to succeed.
  • Treats people with respect; Keeps commitments; inspires the trust of others; Works with integrity and ethically; Upholds organizational values.
  • Should have working knowledge of cyber security systems and tools in a financial or highly sensitive data environment


EDUCATION and/or EXPERIENCE:
Bachelor’s degree OR equivalent combination of education and experience, and three to five years of related experience and/or training. Demonstrated excellence in providing service to others. Preferred certifications in relation to job duties or security systems/tools. Proven excellence in cyber incident investigations and remediations. Proven excellence in securing networks, systems, devices, and recommendations to improve security. Vulnerability remediation. Managing experience with outside resources to augment oversight of outsourced security resources available.


SUPERVISORY RESPONSIBILITIES:
This position has no supervisory responsibilities.


PHYSICAL REQUIREMENTS:
The physical demands described below are representative of those that must be met by an employee to successfully perform the essential duties of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential duties.

This position is of light physical activity performing non-strenuous daily tasks of a productive/technical nature. Requires the ability to frequently sit and frequently use both hands for fine manipulation. Occasionally requires the ability to walk, stand, bend neck and waist, squat, climb, kneel, and crawl. Occasionally required to carry up to 25 pounds and up to three feet in height. Manual dexterity sufficient to reach/handle items, work with the fingers and perceives attributes of objects and materials.

WORK ENVIRONMENT: Work area is a well-lighted, air-conditioned indoor office setting with adequate ventilation. The noise level is moderate. There is an occasional risk of electrical shock.

WORK SCHEDULE: Workweek will be 40 hours with some overtime as needed. Occasional attendance at meetings before or after scheduled hours may be required. Management reserves the right to change any employee’s work schedule to meet the operational needs of the Credit Union. Furthermore, management reserves the right to reassign any employee, either temporarily or permanently, to work at another credit union location.


TRAVEL:
Minimal overnight travel (up to 5%) by land and/or air.