POSITION PURPOSE

To ensure all service requests are handled within established guidelines and owns all service requests and is responsible for ensuring all service requests are handled properly. To provide first level response and support for all service requests. To provide technical and operational support of credit union information systems including personal computers, peripheral devices, telecommunications, document imaging and storage and core processing systems. To perform maintenance, troubleshooting and repair of information technology hardware and software systems. To coordinate PC system configuration, licensing, hardware refresh processes and equipment disposal processes. To maintain the Cyber Security Program documentation and Cyber Security audits. To maintain Cyber Security related systems/services including but not limited to patch management, SIEM, anti-virus, and content filtering.

ESSENTIAL FUNCTIONS AND BASIC DUTIES

Assumes responsibility for supporting, demonstrating and promoting the Credit Union service culture.

Provides exceptional service to all customers by demonstrating, following, and supporting the Inspired Financial Service promises and standards, along with the Credit Union Mission, Vision and Values.

Assumes responsibility for supporting the following Cyber Security functions:

Performs and maintains documentation of cyber security assessments (ACET and applicable assessments)

System patch management for all systems, including servers, end user computing, firewalls, printers, and network devices. Runs the patch management program using software deployment system or applicable software.

Log and event management and SIEM (Security Incident and Event Management). Responsible for all log and event management / SIEM in accordance with NCUA guidelines.

Vulnerability scans, penetration testing, and security audit management as well as addressing security issues.

Management of Anti-Virus definitions, deployment, and scanning.

Maintains data loss prevention tools/systems, including but not limited to web content filtering, computer baseline images, and access controls required by NCUA.

Validation of user access controls and audits of access controls.

Maintains documentation to support the 5 security domains identified by the NCUA, ensuring monthly reports are completed. Ensures the credit union has adequate documentation to support NCUA audits of the cyber security program in alignment with the ACET.

Cyber risk management and oversight

Threat intelligence and collaboration

Cyber security controls

External dependency management

Cyber incident management and response

Performs or assists with the performance of monthly IT Risk assessments

Creates the following security reports

Log and event management report (SIEM)

Patch management report

Cyber security reports

Web content filtering reports

Data destruction certifications and reports

Cyber threat information, threat reviews and communications, and US Cert alerts

Application access control audits and reporting

Vulnerability assessment reports

Penetration testing reports

Incident reports

IT Security assessments

Firewall reports

Any additional reports or information supporting the information security program

Assumes responsibility for daily infrastructure security support

Analyze IT specifications to assess security risks

Design and implement safety measures and data recovery plans

Install, configure, and upgrade security software (e.g. antivirus programs)

Secure networks through firewalls, password protection and other systems

Inspect hardware for vulnerable points of access

Monitor network activity to identify issues early and communicate them to IT teams

Act on privacy breaches and malware threats

Serve as a security expert and conduct both ongoing and new staff IT security trainings.

Draft policies and procedures

Assumes responsibility for supporting the following systems/services:

Service desk, including management of the service desk ticketing system and all service desk processes or maintenance and management of the Help Desk ticketing system as it relates to security issues

Cyber security related systems including patch management system, BAE vulnerability scans, Symantec Anti-Virus, Orion LEM/SIEM, Baracuda web content filtering and email controls (or the replacement technology for any related systems)

Reporting of service desk performance

End user computing; including inventory management and licensing management.

End user systems and services.

As a system/service technical owner it is expected that this position will obtain sufficient technical knowledge to fully support and manage all assigned systems/services as it relates to security. Additional systems and services may be assigned to this position as the primary system technical owner. Refer to the department listing of system technical owners for more details.

Assumes responsibility for troubleshooting, analyzing problems, and making repairs on computers and peripheral equipment.

Coordinates the service desk ticketing system, including configuration, ticket classifications, ticket routing, and reporting.

Handles all service requests and ensures that they are routed to the appropriate personnel and that the service requests are being worked on.

Performs diagnostics, troubleshooting and repair of servers, personal computers, network infrastructure, telecommunications equipment and data storage equipment and performs root cause analysis of incidents and problems when applicable.

Responsible for effective delivery of the following services: Print, Scanning, Faxing, Phone, Desktop Computing; including but not limited to management of contracts, inventory management, lifecycle management, computer imaging, licensing, troubleshooting and repair.

Coordination and delivery of services for all end user profiles, system access control, system and service moves, adds and changes, and Employee Action Form processes.

Assists with backup and recovery operations.

Coordinates all moves, adds, changes, licensing and service management for telecommunication systems.

Assumes responsibility for performing preventive and diagnostic maintenance on computers, systems, and peripheral equipment.

Performs routine preventive and diagnostic procedures.

Tests software updates, upgrades, and new installations for compatibility with existing software or operating systems on end user computing devices.

Assumes responsibility for setting up and installing new systems, servers, computers, and equipment and for performing upgrades on existing equipment.

Sets up, assembles, and installs new systems and equipment.

Configuring test equipment to include network devices, routers, switches, firewalls, and IPS.

Responsible for troubleshooting of all security related issues, such as spam, phishing and suspicious emails on network.

Assumes responsibility for the appropriate use, maintenance, and storage of testing equipment, repair tools, and parts inventory.

Ensures the credit union have sufficient inventory to maintain a high level of service availability.

Performs testing to ensure equipment performs correctly.

Ensures the credit union has appropriate levels of service to support end user computing services.

Assumes responsibility for establishing and maintaining effective communication and coordination with Company personnel and management.

Provides a high level of customer service by ensuring proper customer communications occur for all service requests.

Coordinates activities such as end user computing upgrades, replacements or changes with department personnel.

Communicates effectively with all customers, suppliers, inside contacts and outside contacts.

Assumes responsibility for related duties as required or assigned.

Manages Service Desk responsible for configuration and maintenance of Help Desk ticketing system.

Participates in continuous learning activities including training, self study and hands on testing and trial of new technologies.

Additional duties and responsibilities may be assigned by management as deemed appropriate.

QUALIFICATIONS

EDUCATION/CERTIFICATION: Minimum Associates degree or equivalent experience. Certifications and experience may be substituted for education. MCP or other certifications are desired. ITIL Foundations certification (within 6 months of employment). Security Plus certification (within 6 months of accepting the position)

EXPERIENCE REQUIRED: Customer Service, General Symitar experience, General experience with end user computing and peripherals, ITIL, Basic Active Directory, Basic networking, and Service Delivery. General knowledge of NCUA audits, the ACET, the FFIEC and documentation required for the 5 cyber security domains.

REQUIRED KNOWLEDGE:Customer serviceService deliverySIEM (security incident and event management)Patch managementAnti-virus managementVulnerability assessment managementGeneral Cyber Security (policies, procedures, and governance)Knowledge of end user computing devices including hardware, operating systems and software.Strong knowledge of business practices such as ITIL foundations, project management, configuration management, incident management, and operational support.Must acquire knowledge of all systems/services for which they are assigned as a technical owner (within 12 months of accepting the position)

#J-18808-Ljbffr