Division: Information Services

Job Overview

The Information Security Officer (ISO) is accountable for ensuring appropriate controls are in place for the security of information assets. The ISO safeguards information by seeing that security risks are identified, assessed and accurately reported. Additionally, the ISO is charged with ensuring local procedures and activities comply with all regulatory requirements and internal policies, procedures, guidelines and standards. The ISO is the center of competence for Information Security providing an advisory services role and acting as the focal point for security compliance related activities and responsibilities.

Role

In the role, you will…

  • Diligently maintain IRIS’ Information Security Framework and underlying policies, procedures, standards and guidelines
  • Take the lead on developing, maintaining and updating the Information Security Strategy and Information Security Program
  • Actively ensure appropriate administrative, physical and technical safeguards are in place to protect IRIS’ information assets from internal and external threats
  • Meticulously identify, introduce and implement appropriate procedures, including checks and balances, are in place to test these safeguards on a regular basis
  • Thoroughly conduct and complete annual reviews and audits as required engaging both internal business partners across the organization and external resources
  • Make it a priority to see that disaster recovery and emergency operating procedures are in place and tested on a regular basis
  • Act as the committed owner of the security incident and vulnerability management processes from design to implementation and beyond
  • Passionately manage and assist in performing on-going security monitoring of information systems including assessing information security risk through qualitative risk analysis on a regular basis, conducting functional and gap analyses to determine the extent to which key business areas and infrastructure comply with statutory and regulatory requirements, evaluating and recommending new information security technologies and counter-measures against threats to information or privacy, and developing security reports and dashboards
  • Ensure effective staff training programs are in place to increase security awareness across IRIS
  • Maintain and encourage open and honest business relationships within the team and throughout the credit union
  • Collaborate with your peers and stakeholders to add to the collective innovative thinking that can drive new business ideas for IRIS
  • Actively participate in community events as part of IRIS’ overall commitment to Corporate Social Responsibility
  • Communicate in a fashion that is respectful and well understood
  • Perform other duties as we may need you to do
  • Demonstrate an in-depth knowledge of Information Security risk and industry best practices.
  • ISO reports on the status of security measures to the president often. In addition, it is obliged to promptly implement the security measure instructions from the president with priority.
  • ISO has an obligation to keep the status of virus software and Windows update always up-to-date. For that purpose always conduct an audit and we have to give guidance to employees as necessary.
  • Be willing to work flexible hours including evenings and weekends as the job demands and travel as required

 

 

Required Skills

  • Active Directory operation and management
  • Virus software operation and management (ESET, Kaspersky, etc)
  • Network

Router setting( Even better if you have Cisco-made knowledge)

 Firewall setting

UTM setting

VPN setting

Construction of internal network environment(LAN,Wi-Fi,etc)

  • WSUS(Windows server update services) operation and management.
  • Construction, operation and management of mail server

If you have “Outlook” skills it is very good.

Operation and management using Spam filter

  • Operation and management of Internet filtering software

 

 

Desired

  • University degree/College diploma in the field of computer science and/or information security
  • 3+ years’ security related work experience, preferably with a financial institution, that you bring to the table
  • Possess problem solving and negotiation skills
  • Be quick to respond to requests for service from all of your clients
  • Being flexible and adaptable to changing priorities
  • Openly share your knowledge with the team