Apply on Employer Site

Genisys Credit Union · 10 hours ago

IT Info/Security Manager

Auburn Hills, MI

Full-time

Onsite

Senior Level

5+ years exp

Genisys Credit Union is seeking an IT Info/Security Manager responsible for developing and delivering a comprehensive information and cybersecurity strategy. The role includes overseeing security systems, managing risks, and ensuring compliance with relevant regulations.

Finance

Responsibilities

Supervise and direct activities of the information security staff

Research and recommend the purchase of software and hardware used for managing security systems

Investigate, test and install new security software applications as warranted

Negotiate contracts and coordinate activities with Credit Union vendors with respect to hardware upgrades, system maintenance, system monitoring and replacement

Remain abreast of information/cyber security technology and trends for improvements in the Credit Union’s security infrastructure

Develop, document and implement credit union policies related to network security

Maintain procedures to analyze, triage, contain, and eradicate malicious activity

Monitor user adherence of Credit Union security policies

Lead the development of processes and procedures to improve incident response times, accurate analysis of incidents

Maintain regular contact with all departments to obtain information about possible security risks

Proactively communicates all incidents and possible security violations to the CIO and IT Security Committee

Maintaining a comprehensive risk management program using generally accepted security management standards

Oversee programs for risk assessment, threat modeling, vulnerability management, and incident prevention

Perform routine risk assessments and execute tests of data processing systems to ensure functioning of data processing security measures

Be the IT lead on external audits/exams working with 3rd party partners and the NCUA and State of Michigan ensuring these partners get the documentation they need to complete their audits

Maintain effective professional relations with vendors and service providers

Ensure strict compliance with relevant standards and regulations. These include NCUA (National Credit Union Administration) regulations, GLBA (Gramm Gramm-Leach-Bliley Act), and other state/federal mandates

Maintain a detailed incident response plan and conduct yearly table top testing

Serve as the IT lead for the Incident Response Team (IRT). Manage the lifecycle of a breach or security event, from detection to post-mortem analysis

Lead enterprise IT risk assessments

Ensure compliance with frameworks and requirements such as NIST

Evaluate the security posture of third-party vendors (FinTech partners, core processors) to ensure they meet the credit union’s security standards

Perform installation, configuration, maintenance, and troubleshooting of all aspects of security on the network

Plans and implements any security upgrades or workstation and servers on the network. Schedule critical systems downtime during non-business hours and weekends for least impacting to users and members

Setup, configure and support internal and external network security devices

Investigate, test and install new security software applications as warranted

Lead in the development and implementation of security best practices and users appropriate use

Lead detailed risk analysis and risk assessment to identify, mitigate, and control risks to infrastructure, information systems, and data; advocate security and risk management to key stakeholders in order to balance security and business needs

Setup, configure, and support the patch management software and maintain documentation

Setup, configure, and support the vulnerability management software and maintain documentation

Setup, configure, and support the SIEM log management and maintain documentation

Works closely with the CIO to develop, document and implement policies related to support, security, and maintenance of all facets of the security infrastructure

Assist with ongoing security awareness programs educating users with proper security practices

Perform other duties, as assigned by management

Qualification

Information SecuritySIEMFirewallVulnerability ManagementCISSPIncident ResponseNetwork SecurityAnalytical SkillsScripting KnowledgeReport WritingTeam Leadership

Required

Bachelor's Degree in Information Security, related degree, or equivalent relevant work experience

Minimum of 5–7 years in information security, with at least 2 years in a leadership or management capacity

Extensive experience with SIEM, IPS/IDS, Firewall, Log management and vulnerability scanning technologies

Investigative and analytical problem-solving skills required – very familiar with Windows, Linux, networking principles, cloud-based solutions, endpoint protection, Microsoft/Google security products and services

Experience performing network and application security penetration testing and/or vulnerability management, interpreting results, and remediating findings

Knowledge of best practice of information security, pertaining to Windows workstations and Windows Servers

Able to effectively manage workload in a fast-paced environment

Experience performing incident triage and response activities

Experience working as a team lead and training and mentoring teammates

Knowledge of VPN and functioning remotely to perform all aspects for networks and systems

Scripting knowledge and report writing

Experience supporting end users

Will quickly acquire thorough knowledge of Genisys Credit Union IT policies and procedures; including policies related to the Bank Secrecy Act (BSA), including Anti-Money Laundering

Experience working with BSA Manager to complete suspicious activity reports when required for items like website disruption or malicious activity that disrupts the network