Manager of IT Security Operations

Company Description

Ent Credit Union exists to improve the financial quality of life of the people we serve. This mission drives us every day, but we are more than our mission. We're also individuals using our unique abilities to make our organization, and the communities we serve, better than they were yesterday. We're a not-for-profit that puts people above profits and actively invests in our community. Our rapidly growing team is expanding our reach to serve more people throughout Colorado. To spread our mission far and wide, we need people like you. If you're interested in a paycheck with a purpose, apply with us today. Our people make the difference, and we truly believe you are our greatest asset.

Job Description

The Manager of IT Security Operations supports the Director of IT Operations, IT departments, and Risk Management by researching technologies, remediating security vulnerabilities, oversight of system patching, and conducting security oversight functions. The Manager IT Security Operations is responsible for understanding a variety of technologies in place at Ent, as well as the regulations and guidelines which drive security requirements for the organization. The Manager IT Security Operations is responsible for leading IT during Security Incident Response issues, ensuring Security tools are maintained and kept up to date, developing and documenting procedures that comply with IT policies and industry best practices; completing tasks required for projects, maintenance, and support. The Manager IT Security Operations ensures that the team meets established Service Level Agreements, identifies trends/problems, allocates staff to meet business objectives, identifies and implements improvements in processes, ensures compliance with policies and procedures, creates and documents efficient and secure procedures, manages IT Security assets, manages vendor relationships, and coordinates team member participation in projects.

Essential Functions

• Management of IT Security Tactical Operations: Supervision of Security Analysts / Engineers for day to day tasks. Annual Staff performance reviews / mentoring / coaching. Budget / Purchase / Cost analysis. Manage all 3rd party service providers (SOCaaS) or technology providers (VAR) Preparation / Reporting of security activities to management. Diagnoses / recommends resolutions for security issues that may require extensive analysis. Analyzes, monitors and acts on information from enterprise security tools.
• Project Support: Provides support and expertise to projects that require security expertise. Typically consults to project teams addressing projects of moderate size and complexity and where the security issues are clearly evident and can be addressed using various approaches. May provide security expertise across multiple technical platforms.
• Strategic Direction of IT Security Systems and support: Begins to propose ideas and contribute to the development of security solutions. Researches opportunities to improve IT security architecture. Effectively contributes to the development of controls and processes improving information security services.
• Bank Secrecy Act: Remains cognizant of and adheres to Ent policies and procedures, and regulations pertaining to the Bank Secrecy Act.

Qualifications

Minimum Formal Qualifications for this Position

• Bachelor's Degree in Computer Science, Information Technology, or similar
• 6+ years' related IT experience
• 2+ years' team lead or management experience
• 3+ years' of security related administration (Preferred)
• 2+ years' financial industry security related administration (Preferred)
• 5+ years of leading technical staff in support, maintenance, or project activities (Preferred)

Each year of relevant work experience may be exchanged for a year in a relevant degree program or vice versa. For example, a requirement of a bachelor's degree in accounting and 2+ years of account experience could be substituted for a high school diploma and 6 years of relevant accounting work experience or a master's degree in accounting and 0 years of work experience.

Technical or Specialized Knowledge/Skills:

• Knowledge of SIEM systems and alerting: LogRhythm/Sentinel
• Knowledge of Endpoint Security systems (antivirus, threat hunting, EDR): Trellix/Datto (Infocyte)/Carbon Black/Windows Defender
• Knowledge of Email Security Gateways: Proofpoint
• Knowledge of Next Gen Firewalls: Checkpoint/Palo Alto
• Knowledge of Cloud Security: Azure PIM/access packages
• Knowledge of Vulnerability Management:
• Knowledge of WAF, Botnet, DDOS Protection: Cloudflare
• Kowledge of Credential Management: Secret Server
• Knowledge of vendor management practices and supplier or third-party management.
• Possesses a working knowledge of security principles, policies, tools and procedures along with an understanding of the overall technical architecture of the organization.
• Demonstrates breadth of knowledge in security with strong understanding in at least one security platform or technology.
• Follows standard procedures to follow up on security incidents, collecting and reporting appropriate information.
• Demonstrates understanding of the financial services industry.
• Maintains working knowledge of various business areas and the security applications that support it.
• Ability to assess the tradeoffs between business needs, technology requirements and costs.
• Communication skills (written, verbal, and listening).
• Demonstrated knowledge of data standards (both data exchange and storage).
• Proficiency with Word, Excel, PowerPoint, Microsoft Project, and Visio.
• (preferred) Strong knowledge of McAfee Anti-virus
• (preferred) Strong knowledge of Microsoft System Center Configuration Manager (SCCM)

Certifications Required:

• CISSP (Required)
• Either CCSP or Microsoft Azure Certified Security Engineer Associate AND one of the following: CISM, Certified SecOPs Professional, or Corexcel Security Operations Management (Required)

Environmental, Physical and Psychological Requirements

• Standing - Occasionally
• Walking - Occasionally
• Sitting - Frequently
• Lifting - Rarely (40 Lbs)
• Carrying - Rarely
• Pushing - Rarely
• Pulling - Rarely
• Balancing - Rarely
• Stooping - Rarely
• Kneeling - Rarely
• Crouching - Rarely
• Crawling - Rarely
• Reaching - Occasionally
• Handling - Occasionally
• Grasping - Occasionally
• Feeling - Occasionally
• Talking - Frequently
• Hearing - Frequently
• Repetitive Motions - Frequently
• Eye/Hand/Foot Coordination - Occasionally
• Noises louder than normal speaking volume - Occasionally
• Temperature Changes - Rarely
• Atmospheric Conditions - Rarely

 

Additional Information

Typical Pay Range: $104,104 to $136,630 per Year (I17)

This position is eligible for our corporate bonus program based on company performance.

Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities.

Benefits Summary Sheet - 2023

The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor's legal duty to furnish information. 41 CFR 60-1.35(c)