Division: Information Services
The Information Security Officer (ISO) is accountable for ensuring appropriate controls are in place for the security of information assets. The ISO safeguards information by seeing that security risks are identified, assessed and accurately reported. Additionally, the ISO is charged with ensuring local procedures and activities comply with all regulatory requirements and internal policies, procedures, guidelines and standards. The ISO is the center of competence for Information Security providing an advisory services role and acting as the focal point for security compliance related activities and responsibilities.
In the role, you will…
- Diligently maintain IRIS’ Information Security Framework and underlying policies, procedures, standards and guidelines
- Take the lead on developing, maintaining and updating the Information Security Strategy and Information Security Program
- Actively ensure appropriate administrative, physical and technical safeguards are in place to protect IRIS’ information assets from internal and external threats
- Meticulously identify, introduce and implement appropriate procedures, including checks and balances, are in place to test these safeguards on a regular basis
- Thoroughly conduct and complete annual reviews and audits as required engaging both internal business partners across the organization and external resources
- Make it a priority to see that disaster recovery and emergency operating procedures are in place and tested on a regular basis
- Act as the committed owner of the security incident and vulnerability management processes from design to implementation and beyond
- Passionately manage and assist in performing on-going security monitoring of information systems including assessing information security risk through qualitative risk analysis on a regular basis, conducting functional and gap analyses to determine the extent to which key business areas and infrastructure comply with statutory and regulatory requirements, evaluating and recommending new information security technologies and counter-measures against threats to information or privacy, and developing security reports and dashboards
- Ensure effective staff training programs are in place to increase security awareness across IRIS
- Maintain and encourage open and honest business relationships within the team and throughout the credit union
- Collaborate with your peers and stakeholders to add to the collective innovative thinking that can drive new business ideas for IRIS
- Actively participate in community events as part of IRIS’ overall commitment to Corporate Social Responsibility
- Communicate in a fashion that is respectful and well understood
- Perform other duties as we may need you to do
- Demonstrate an in-depth knowledge of Information Security risk and industry best practices.
- ISO reports on the status of security measures to the president often. In addition, it is obliged to promptly implement the security measure instructions from the president with priority.
- ISO has an obligation to keep the status of virus software and Windows update always up-to-date. For that purpose always conduct an audit and we have to give guidance to employees as necessary.
- Be willing to work flexible hours including evenings and weekends as the job demands and travel as required
- Active Directory operation and management
- Virus software operation and management (ESET, Kaspersky, etc)
Router setting( Even better if you have Cisco-made knowledge)
Construction of internal network environment(LAN,Wi-Fi,etc)
- WSUS(Windows server update services) operation and management.
- Construction, operation and management of mail server
If you have “Outlook” skills it is very good.
Operation and management using Spam filter
- Operation and management of Internet filtering software
- University degree/College diploma in the field of computer science and/or information security
- 3+ years’ security related work experience, preferably with a financial institution, that you bring to the table
- Possess problem solving and negotiation skills
- Be quick to respond to requests for service from all of your clients
- Being flexible and adaptable to changing priorities
- Openly share your knowledge with the team