Security Administrator

The Security Administrator supports the Bank's risk management efforts and works closely with the Information Security and Technical Services teams on the development, maintenance and documentation of all information security controls and toolsets. The individual in this role is responsible for conducting security related analysis on activities pertaining to threats, events, and security incidents and keeping abreast of emerging threats and security related events.

ESSENTIAL FUNCTIONS:

Information Security System Administration:

• Administers the Identify Access Management (IAM) program and reporting.

• Works with the Information Security and Technical Services teams to develop and maintain information security access controls for the following environments:

• On-premise

• Multi-cloud

• Exchange and Sharepoint

• Data transfer/data collaboration (e.g., Sharefile)

• Collaborates with Information Security and Technical Services teams to develop, maintain, and provide system administration and documentation for the Bank's toolsets including:

• Data classification

• Data Loss Prevention (DLP)

• Privileged Access Manager (PAM)

• Security Password Manager (aka Secret Server)

• Security Awareness Training (SATE)

• Email and archive service

• Works on internal investigation, e-discovery, or litigation hold requests as directed by the Information Security Officer or authorized designee.

• Works with Managed Security Operations Provider (SOC) in collaboration with Information Security and Technical Services teams to identify and triage security alerts as directed.

• Deploys Managed Detection and Risk (MDR) agents as needed in support of the Security Operations Provider (SOC) program.

• Develops and maintains the Managed Risk (MR) toolset along with documentation currently provided by the managed Security Operations Provider (SOC) to identify CVSS high risk score vulnerabilities. Collaborates with Information Security staff and Technical Services to remediate CVSS high score vulnerabilities.

• Maintains and provides system administration (including documentation) on the banks email hygiene, Anti-malware, DNS Filtering and web security (filtering) environment in collaboration with the Information Security team and Technical Services.

• Implements security projects as assigned by the Senior Security Administrator or the Information Security Officer.

• Provides FIS core hosted security consultation as needed.

• Provides Online Banking (OLB) provider consultation as needed.

• Responds to information security related support tickets from the Bank's Help Desk and other technical services staff.

• Troubleshoots and resolves network problems as it pertains to information security controls.

• Perform special projects and research as assigned.

MINIMUM QUALIFICATIONS:

Core Job Specific Competencies:

• Analytical Thinking: Divides an object or issue into its component parts in order to understand how they interrelate; recognizes cause and effect relationships; considers several explanations/plans and makes logical conclusions.

• Accountability: Shows commitment, dedication, and dependability in all aspects of the job; fulfills commitments made to peers, co-workers, and management; accepts responsibility for actions and results.

• Attention to Detail: Accomplishes tasks with concern for all areas involved; shows concern for all aspects of the job; accurately checks for processes and tasks and follows up in a timely manner.

• Continuous Learning: Takes responsibility for own learning and development by acquiring and refining technical and professional skills; proactively seeks performance feedback and makes improvements.

• Customer Service: Provides internal and external customers with the products and services that match their needs in a timely, efficient manner. Follows up on complaints, questions, and requests.

• Flexibility/Adaptability: Understands that the work environment is constantly changing and adjusts own approach and behavior accordingly; adapts to new ideas and initiatives; recognizes and responds quickly to shifting priorities.

• Initiative: Contributes more than is required or expected to enhance service, avoid problems, or develop opportunities; plans ahead for upcoming problems and opportunities and takes appropriate action; demonstrates a sincere positive attitude toward getting things done.

• Planning/Organizing: Coordinates resources effectively and develops courses of action that support strategic goals and objectives; anticipates potential problems and takes proactive steps to avert or overcome them.

• Problem Solving: Develops actionable recommendations based on an understanding of trade-offs; commits to action after identifying alternative methods that are based on logical assumptions and information; takes into consideration resources, constraints, bank values, and changing environments.

• Teamwork: Works cooperatively with others as part of a formal or informal team to accomplish Bank goals

• Verbal Communication: Expresses ideas effectively and attentively listens to others to gather data and paraphrase meaning to verify understanding.

• Written Communication: Uses correct English grammar, punctuation, and spelling; communicates information in a succinct and organized manner; produces written technical material that is appropriate for the intended audience.

Knowledge, Skills and Abilities:

• Knowledge of network including LAN, VoIP, VPN access, connections and services

• Knowledge in Windows Server, Active Directory, Exchange Server and SQL Server

• Knowledge of Microsoft Operating System

• Knowledge of Microsoft Visio Diagramming

• Knowledge of ITSM software Knowledge of ITIL and Agile project methodologies

• Knowledge of all system utility applications

• Experience with VMware (latest version)

• Familiarity with scripting languages such as Powershell and Python

• Knowledge in troubleshooting and root cause analysis in computer hardware and software including responding to information security incidents

• Knowledge of computer network operations in a complex Microsoft Windows, Cisco, Ethernet, TCP/IP, and AS/400 environment with Internet access

• Knowledge of information security principles and procedures

• Knowledge of intrusion detection and prevention systems

• Knowledge of financial institution operations and environment preferred

• Skills operating a personal computer including word processing, spreadsheet and presentation software

• Ability to handle multiple priorities simultaneously

• Ability to work flexible hours when required

Licenses and Certifications

• Comp TIA Security + (preferred, not required)
• Other Information Security and Technology related certifications helpful

Physical Requirements:

• Ability to stand, bend, stoop, sit, walk, twist and turn

• Ability to lift up to 50 pounds occasionally

• Ability to use a computer keyboard and calculator

• Work environment is indoors, majority of the time is spent sitting or standing at a desk

Education and Experience:

A combination of education and experience equivalent to a bachelor's degree in Information Technology or related field; and knowledge typically gained through a minimum of two years of experience in Information Technology.

Compensation:

The hiring range for this position is $38.85 to $48.57 per hour. The compensation offered will fall within this range, commensurate with the candidate's applicable experience, education and skills.

Who We Are

Established in 1890, Exchange Bank is one of the most unique community banks in the United States because of our history, ownership and legacy. Our employees enjoy a work environment that values a work/family balance, encourages community involvement and provides a competitive compensation and benefit package.

Our Mission

• From generation to generation, we invest in people, business and community to build a strong future.

Our Core Values

• Commitment, Respect, Integrity, Teamwork