POSITION PURPOSE
To ensure all service requests are handled within established guidelines and owns all service requests and is responsible for ensuring all service requests are handled properly. To provide first level response and support for all service requests. To provide technical and operational support of credit union information systems including personal computers, peripheral devices, telecommunications, document imaging and storage and core processing systems. To perform maintenance, troubleshooting and repair of information technology hardware and software systems. To coordinate PC system configuration, licensing, hardware refresh processes and equipment disposal processes. To maintain the Cyber Security Program documentation and Cyber Security audits. To maintain Cyber Security related systems/services including but not limited to patch management, SIEM, anti-virus, and content filtering.
ESSENTIAL FUNCTIONS AND BASIC DUTIES
Assumes responsibility for supporting, demonstrating and promoting the Credit Union service culture.
Provides exceptional service to all customers by demonstrating, following, and supporting the Inspired Financial Service promises and standards, along with the Credit Union Mission, Vision and Values.
Assumes responsibility for supporting the following Cyber Security functions:
Performs and maintains documentation of cyber security assessments (ACET and applicable assessments)
System patch management for all systems, including servers, end user computing, firewalls, printers, and network devices. Runs the patch management program using software deployment system or applicable software.
Log and event management and SIEM (Security Incident and Event Management). Responsible for all log and event management / SIEM in accordance with NCUA guidelines.
Vulnerability scans, penetration testing, and security audit management as well as addressing security issues.
Management of Anti-Virus definitions, deployment, and scanning.
Maintains data loss prevention tools/systems, including but not limited to web content filtering, computer baseline images, and access controls required by NCUA.
Validation of user access controls and audits of access controls.
Maintains documentation to support the 5 security domains identified by the NCUA, ensuring monthly reports are completed. Ensures the credit union has adequate documentation to support NCUA audits of the cyber security program in alignment with the ACET.
Cyber risk management and oversight
Threat intelligence and collaboration
Cyber security controls
External dependency management
Cyber incident management and response
Performs or assists with the performance of monthly IT Risk assessments
Creates the following security reports
Log and event management report (SIEM)
Patch management report
Cyber security reports
Web content filtering reports
Data destruction certifications and reports
Cyber threat information, threat reviews and communications, and US Cert alerts
Application access control audits and reporting
Vulnerability assessment reports
Penetration testing reports
Incident reports
IT Security assessments
Firewall reports
Any additional reports or information supporting the information security program
Assumes responsibility for daily infrastructure security support
Analyze IT specifications to assess security risks
Design and implement safety measures and data recovery plans
Install, configure, and upgrade security software (e.g. antivirus programs)
Secure networks through firewalls, password protection and other systems
Inspect hardware for vulnerable points of access
Monitor network activity to identify issues early and communicate them to IT teams
Act on privacy breaches and malware threats
Serve as a security expert and conduct both ongoing and new staff IT security trainings.
Draft policies and procedures
Assumes responsibility for supporting the following systems/services:
Service desk, including management of the service desk ticketing system and all service desk processes or maintenance and management of the Help Desk ticketing system as it relates to security issues
Cyber security related systems including patch management system, BAE vulnerability scans, Symantec Anti-Virus, Orion LEM/SIEM, Baracuda web content filtering and email controls (or the replacement technology for any related systems)
Reporting of service desk performance
End user computing; including inventory management and licensing management.
End user systems and services.
As a system/service technical owner it is expected that this position will obtain sufficient technical knowledge to fully support and manage all assigned systems/services as it relates to security. Additional systems and services may be assigned to this position as the primary system technical owner. Refer to the department listing of system technical owners for more details.
Assumes responsibility for troubleshooting, analyzing problems, and making repairs on computers and peripheral equipment.
Coordinates the service desk ticketing system, including configuration, ticket classifications, ticket routing, and reporting.
Handles all service requests and ensures that they are routed to the appropriate personnel and that the service requests are being worked on.
Performs diagnostics, troubleshooting and repair of servers, personal computers, network infrastructure, telecommunications equipment and data storage equipment and performs root cause analysis of incidents and problems when applicable.
Responsible for effective delivery of the following services: Print, Scanning, Faxing, Phone, Desktop Computing; including but not limited to management of contracts, inventory management, lifecycle management, computer imaging, licensing, troubleshooting and repair.
Coordination and delivery of services for all end user profiles, system access control, system and service moves, adds and changes, and Employee Action Form processes.
Assists with backup and recovery operations.
Coordinates all moves, adds, changes, licensing and service management for telecommunication systems.
Assumes responsibility for performing preventive and diagnostic maintenance on computers, systems, and peripheral equipment.
Performs routine preventive and diagnostic procedures.
Tests software updates, upgrades, and new installations for compatibility with existing software or operating systems on end user computing devices.
Assumes responsibility for setting up and installing new systems, servers, computers, and equipment and for performing upgrades on existing equipment.
Sets up, assembles, and installs new systems and equipment.
Configuring test equipment to include network devices, routers, switches, firewalls, and IPS.
Responsible for troubleshooting of all security related issues, such as spam, phishing and suspicious emails on network.
Assumes responsibility for the appropriate use, maintenance, and storage of testing equipment, repair tools, and parts inventory.
Ensures the credit union have sufficient inventory to maintain a high level of service availability.
Performs testing to ensure equipment performs correctly.
Ensures the credit union has appropriate levels of service to support end user computing services.
Assumes responsibility for establishing and maintaining effective communication and coordination with Company personnel and management.
Provides a high level of customer service by ensuring proper customer communications occur for all service requests.
Coordinates activities such as end user computing upgrades, replacements or changes with department personnel.
Communicates effectively with all customers, suppliers, inside contacts and outside contacts.
Assumes responsibility for related duties as required or assigned.
Manages Service Desk responsible for configuration and maintenance of Help Desk ticketing system.
Participates in continuous learning activities including training, self study and hands on testing and trial of new technologies.
Additional duties and responsibilities may be assigned by management as deemed appropriate.
QUALIFICATIONS
EDUCATION/CERTIFICATION: Minimum Associates degree or equivalent experience. Certifications and experience may be substituted for education. MCP or other certifications are desired. ITIL Foundations certification (within 6 months of employment). Security Plus certification (within 6 months of accepting the position)
EXPERIENCE REQUIRED: Customer Service, General Symitar experience, General experience with end user computing and peripherals, ITIL, Basic Active Directory, Basic networking, and Service Delivery. General knowledge of NCUA audits, the ACET, the FFIEC and documentation required for the 5 cyber security domains.
REQUIRED KNOWLEDGE:Customer serviceService deliverySIEM (security incident and event management)Patch managementAnti-virus managementVulnerability assessment managementGeneral Cyber Security (policies, procedures, and governance)Knowledge of end user computing devices including hardware, operating systems and software.Strong knowledge of business practices such as ITIL foundations, project management, configuration management, incident management, and operational support.Must acquire knowledge of all systems/services for which they are assigned as a technical owner (within 12 months of accepting the position)
#J-18808-Ljbffr
Privacy Policy Contact US
Copyright © 2023 Employ America All rights reserved.