Description:

Under the direction of the Manager, responsible for day-to-day Information Security Operations activities as outlined below. Provides enterprise-wide, risk based security and continuity capabilities to meet changing internal and external security threats. If applicable or appropriate, assists in business unit’s compliance with applicable laws, regulations, regulatory requirements and Bank policies and procedures, including but not limited to those related to Fair Banking, Anti-Money Laundering laws and regulations, Bank Secrecy Act and USA PATRIOT Act.

Security Monitoring

• Monitors Information Technology (IT) security controls (Data Loss Prevention, IDS/IPS, Endpoint Protection, Email Security, SIEM, etc.).

• Monitors system security threat levels and develops appropriate alerting and reporting processes. Acts as an escalation point for security incidents. Leads team and document actions in incident response procedures for information security events.

• Logs and tracks security issues, responds to questions/support requests, and meets established service levels. Reports information security metrics and data to management. Provides detailed and thorough written analysis results for security incidents/events to appropriate parties.

• Assists with containment of threats and remediation of environment during or after an incident.

• Performs root cause analysis to determine incident attack chain and impact.

• Reports information security metrics on a regular basis to keep senior management informed of risk in the environment.

Security Operations Support

• Administers and supports IT security systems, including, but not limited to, system administration, configuration management, and vulnerability management.

• Implements security updates and enhancements and follows risk management guidelines and procedures to ensure compliance with applicable BOH policies.

• Assists in security system updates, and ensures processes are in place so similar updates are applied to underlying infrastructure and associated interfaces.

• Maintains documentation of security procedures, security system configuration standards, maintenance, upgrades, technical development, and subsequent revisions. Maintains knowledge of assigned products and services.

• Plans and executes security application and systems installations and upgrades, including security and program configuration and maintenance for business applications and databases in production, development, test, and disaster recovery environments.

Implementation

• Implements and maintains security systems as specified by a given set of requirements.

• Ensures systems configuration changes produced individually or by vendors adheres to the Bank’s standards and applicable business requirements.

• Maintains and enhances third-party software.

• Coordinates testing and implementation with business units and other IT groups to ensure production is not disrupted.

• Designs security applications recommendations based on industry best practices.

• Identifies gaps in security tools and architect recommendations for improvements to policies and settings. Researches and presents any additional technology needed to address gaps not covered by current tools.

Leadership

• Participates in team events and projects.

• Supports IT and business unit team members with new projects and information security initiatives.

• Educates users on security systems and processes, and acts as subject matter expert

• Provides cross training with other team members to maintain effective back-up.

• Participates in the evaluation and implementation of new security technology.

• Takes initiative to become educated and knowledgeable on security topics.

• Develops and communicates career goals to management, works with management to develop plan for achieving career objectives.

• Participates in interviews and selection of prospective new staff members.

Vendor Management

• Coordinates with and maintains highly collaborative relationships with vendors.

Performs all other miscellaneous responsibilities and duties as assigned.

This position requires use of a personal computer and other standard office equipment.

Skills:

Third party risk, Risk management, Security, Compliance, Risk assessment

Additional Skills & Qualifications:

Education: Bachelor’s degree in computer science or management information systems from an accredited institution or equivalent work experience.

Experience: Minimum of 10 years of related work experience in information technology.

Technical Skills: Demonstrated proficiency and expertise with personal computers in a networked environment and with Microsoft applications (Outlook, Word, Excel, Access, PowerPoint and SharePoint) or similar software. Knowledge of or ability to use Bank software and systems. In addition, should have most or all the following knowledge and experience:

• Microsoft, Cisco, ISC2, SANs, CompTIA certifications preferred, but not required.

• Microsoft Active Directory and Domain Administration.

• Strong Information Security Controls analysis (IDS/IPS, SIEM, System Forensics, DLP, EDR)

• Strong Knowledge and experience in Windows systems administration, systems monitoring, troubleshooting, installing and configuring Windows, and patching and securing the Windows Operating System

• Strong Networking Knowledge (Cisco IOS, routing, switching, firewalls)

• Strong Knowledge of server virtualization concepts, imaging, and configuration management.

• Strong Scripting and programming knowledge such as C, C++, Windows PowerShell, VBScript, and DOS.

• Strong Linux/Unix knowledge.

• Strong Virtual Environment knowledge.

• Strong Penetration/Vulnerability testing skills.

• Strong Threat hunting/gathering information skills.

• Reverse engineering skills (malware, scripts, applications)

• Information Security consulting and advising experience

• Risk Management knowledge

• Architecture and design skills based on information security best practices

• Knowledge and understanding of industry trends and new technologies and ability to apply this to day-to-day work activities.

Other Job Qualifications:

• Excellent oral and written communication skills.

Experience Level:

Expert Level

About TEKsystems:

We're partners in transformation. We help clients activate ideas and solutions to take advantage of a new world of opportunity. We are a team of 80,000 strong, working with over 6,000 clients, including 80% of the Fortune 500, across North America, Europe and Asia. As an industry leader in Full-Stack Technology Services, Talent Services, and real-world application, we work with progressive leaders to drive change. That's the power of true partnership. TEKsystems is an Allegis Group company.

The company is an equal opportunity employer and will consider all applications without regards to race, sex, age, color, religion, national origin, veteran status, disability, sexual orientation, gender identity, genetic information or any characteristic protected by law.