Job Description:
Role

Supports and coordinates information security activities throughout the organization. Acts as a focal point for communications related to information security, both with internal staff and third parties. Works with internal department heads to manifest controls that reflect workable compromises, as well as proactive responses to current and future information security risks. In addition, this position provides support for threat management, analyzing security events, and defining action items for reducing risk in the IT environment. Configures, administers and manages a variety of security applications . Responsible for managing access control and identity processes to ensure appropriate permissions and access levels are granted. Makes independent decisions on matters of moderate complexity, utilizing knowledge of security best practices and good judgment. Gathers input from peers and management on complex situations. Uses appropriate discretion in handling of confidential information, such as employee terminations.

Essential Duties & Responsibilities

• Work with business process owners to define and maintain application security. Consults on and administers appropriate security settings for users, following a least-privilege framework.
• Assists with the development, implementation and maintenance of information security policies, standards and guidelines.
• Manages security-related applications by maintaining, deploying, upgrading, troubleshooting, and monitoring them. Performs tasks following established policies and procedures, with a strong attention to detail. Performs other duties as assigned.
• Participate in proactive team efforts to achieve departmental and company goals.
• Must comply with current applicable laws, regulations and bank policies and procedures. Comply with all safety policies, practices and procedures. Report all unsafe activities to supervisor and/or Human Resources.

Experience

Five to eight years of similar or related experience, including preparatory experience.

Education/Certifications/Licenses

It is recommended the IT Security Analyst position possess one or more of the following certifications: GIAC Security Essentials Certification (GSEC), CompTIA Security+ or Certified Information Systems Security Professional (CISSP).

Skills

• A working knowledge Microsoft Word, Excel, Outlook, Active Directory, Firewalls, Intrusion Detection, Whitelisting, Endpoint Protection, Multi-Factor Authentication and security best practices is imperative.
• A significant level of trust and diplomacy is required to be an effective subject matter expert in the position. In-depth dialogues, conversations and explanations with customers, direct and indirect reports and outside vendors of a sensitive and/or highly confidential nature is a normal part of the day-to-day experience. Communications can involve motivating, influencing, educating and/or advising others on matters of significance.

CapFed® is an equal opportunity employer.