What are the responsibilities and job description for the Information Security Manager position at BluPeak Credit Union?
Overview:
Imagine embarking on a career where you can bring your big ideas to the table. At BluPeak, we are constantly on the lookout for purpose-driven individuals who are passionate about creating extraordinary experiences for our members and want to have fun while doing it! Come help us deliver on our everyday promise to empower people to achieve peak financial wellness.
Position Summary
The Information Security Manager is responsible for developing and ensuring proper execution of our Information Security Policy and Program. The Policy and Program safeguards member data and other sensitive computer files, in addition to ensuring the integrity, confidentiality, and availability of all USE technology systems including computers, databases, storage systems, web sites, custom software development, and secure data transfers. In this role, the Information Security Manager is people-focused, understands our business operations, and partners with management as administrator of the Information Security Committee.
Finally, the Information Security Manager is service-focused and models the following attributes: leadership, service excellence, models our core values, and meets stated commitments.
Responsibilities:
CERTIFICATES, LICENSES, REGISTRATIONS
OTHER QUALIFICATIONS
BluPeak Credit Union is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex including sexual orientation and gender identity, national origin, disability, protected Veteran Status, or any other characteristic protected by applicable federal, state, or local law.
Employment may be contingent upon BluPeak Credit Union’s receipt of an acceptable and job-related background check, drug screen, credit check and vaccine verification, as applicable and permissible by law. BluPeak Credit Union is committed to the safety and wellbeing of our employees and their families; our members and visitors; and the community at large. In accordance with our duty to provide and maintain a workplace that is free of known hazards, we are requiring that employees must have received or be willing to receive the COVID-19 vaccine.
PM17
Min: USD $97,789.60/Yr. Max: USD $146,684.40/Yr.
Peak Performer Wanted!
Imagine embarking on a career where you can bring your big ideas to the table. At BluPeak, we are constantly on the lookout for purpose-driven individuals who are passionate about creating extraordinary experiences for our members and want to have fun while doing it! Come help us deliver on our everyday promise to empower people to achieve peak financial wellness.
Position Summary
The Information Security Manager is highly collaborative and performs exceptionally well in a team environment. The individual demonstrates proven technical security skills and is responsible for maintaining existing security capabilities, implementing appropriate up-to-date security technologies, and contributes to enhancing and extending our security architecture. The Security Administrator supports BluPeak’s security initiatives by researching technologies, and partnering with Enterprise Technology & Architecture; as well as all other areas of our credit union to continually improve our information security posture. A critical position within our Risk Management team, the IT Security Administrator is responsible for understanding a variety of technologies in place at USE, as well as regulations, standards, and guidelines that influence the security program for our organization, such as the Gramm Leach Bliley Act (GLBA), FDIC, NCUA, CIS, NIST, PCI, and Sarbanes-Oxley.
The Information Security Manager is responsible for developing and ensuring proper execution of our Information Security Policy and Program. The Policy and Program safeguards member data and other sensitive computer files, in addition to ensuring the integrity, confidentiality, and availability of all USE technology systems including computers, databases, storage systems, web sites, custom software development, and secure data transfers. In this role, the Information Security Manager is people-focused, understands our business operations, and partners with management as administrator of the Information Security Committee.
Finally, the Information Security Manager is service-focused and models the following attributes: leadership, service excellence, models our core values, and meets stated commitments.
- Develops and maintains information security program related policies and procedures for review and approval by the Information Security Committee
- Drafts annual report to the Board of Directors on the status of the Information Security Program
- Reviews vendor’s SOC1 and SOC2 reports, and ensures entity user controls are in place
- Coordinates the Security Incident Response Program
- Manages the development and execution of approved security framework, such as CIS Critical Security Controls, or NIST Cybersecurity Framework
- Manages employee security awareness training program, including education, testing, monitoring, and reporting
- Monitors enterprise antivirus system for malware or client issues
- Manages the vulnerability management program, including scanning and oversight of remediation efforts
- Manages the response and remediation efforts for third party security testing
- Manages Security Incident and Event Management system (SIEM) by managing the relationship with our Managed Security Software Provider (MSSP) and monitoring and responding to security events
- Performs Active Directory security audits
- Monitors and responds to unauthorized hardware or software installations
- 7/24 ‘on call’ availability; occasionally required to work outside of normal business hours
- Conducts security risk assessment of critical systems and applications
- Able to align business goals with security requirements; then formulate requirements and recommendations for Risk Management, the Information Security Committee, or to the Senior Leadership Team
- Recommends, monitors, and implements new reporting capabilities and processes for management review
- Evaluates security initiatives & leads research endeavors
- Champions and explains security concepts and procedures outlined in Credit Union policies
- Participates in special projects and performs additional duties as required
- As a participating committee member, regularly reports to the Information Security Committee
- Ensures security principles are being addressed; this may include, but is not limited to validation of compliance to server and PC hardening guidelines, patching process, adequate firewall rules are in place, incidents are being addressed in a timely fashion; technology deployments do not put the company at risk, etc.
- Ability to work with highly confidential information in a discretionary manner
- Adheres to BluPeak’s core values in serving others in our “Better Together” culture
- Other duties may be assigned.
EDUCATION and/or EXPERIENCE
- Four (4) year degree in a technology related field or a suitable equivalent such as the following:
- Two (2) year degree plus five (5) years demonstrated experience; or
- Six (6) or more years of demonstrated IT experience in the areas of network administration or cybersecurity
CERTIFICATES, LICENSES, REGISTRATIONS
- CISSP, CISA, CISM, or GIAC preferred
- SANS or other security training
OTHER QUALIFICATIONS
- Must possesses a sound technology background.
- Experience working in security administration programs preferred.
- Knowledge of networking systems, LAN/WAN, Microsoft server operating systems, telephony systems, security appliances, Active Directory, DHCP, VPN, routers, switches, and firewalls is required
- Demonstrated excellence in network and data security practices and policies
- Superb analytical skills
- Excellent customer service
- Strong communication skills (written, verbal, and listening); ability to communicate effectively with staff of varying technical expertise
- High level of organization and prioritization
- Financial, Medical, DOD, or other highly regulated experience required
- May occasionally require an adjusted work schedule, overtime, and evening/weekend hours.
- May occasionally move from one work location/branch to another.
- Frequent computer use at a workstation up to two hours at a time.
- The noise level in the work environment is usually moderate.
BluPeak Credit Union is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex including sexual orientation and gender identity, national origin, disability, protected Veteran Status, or any other characteristic protected by applicable federal, state, or local law.
Employment may be contingent upon BluPeak Credit Union’s receipt of an acceptable and job-related background check, drug screen, credit check and vaccine verification, as applicable and permissible by law. BluPeak Credit Union is committed to the safety and wellbeing of our employees and their families; our members and visitors; and the community at large. In accordance with our duty to provide and maintain a workplace that is free of known hazards, we are requiring that employees must have received or be willing to receive the COVID-19 vaccine.
BluPeak Credit Union continues to monitor the pandemic following CDC guidelines, federal state and local laws. Policies continue to be adjusted as new information emerges. BluPeak Credit Union is committed to working and provide reasonable accommodation to applicants with physical, mental disabilities and sincerely held religious beliefs. For more information, contact Human Resources.
PM17
Salary : $146,684
Security Site Manager
Securitas Security Services -
San Diego, CA
Security Operations Manager
Securitas Security Services -
San Diego, CA
Security Account Manager – Special Events Security
Securitas Security Services USA, Inc. -
San Diego, CA
