Corporate Information Security Engineer II

Company: Foothills Bank
Location: Missoula
Posted on: May 21, 2023

Job Description:

About The RoleRecommends appropriate security solutions, security enhancements, and purchases. Monitors emerging products, technologies, or best practices that will improve security for the organization and its stakeholders. Stays up-to-date on the latest threat intelligence, in order to anticipate and defend again new security threats. Provides leadership and mentoring to other IT staff members to promote high levels of security knowledge and awareness. Provides senior level expertise in maintaining enterprise firewalls, securing public cloud infrastructure, intrusion detection/prevention, SIEM, and other security operations systems. Analyzes, researches, and reports on attempted efforts to compromise security controls. This includes reporting and researching deviations from GBCI policy, standards, IT risk management initiatives, and best practices. Performs or participates in security audits, identifies security gaps, and develops and implements risk mitigation solutions. The ability to motivate or influence internal or external senior level professionals is a critical part of the job, requiring a significant level of influence and trust. Obtaining cooperation and agreement on important outcomes via frequently complex, senior level dialogues, as well as a professional level of written communication skills are essential to the position. The ability to analyze, report, and make recommendations on the security posture of acquired financial institutions is also a critical part of the job.This is a Corporate position which may be located at an available bank division location across our eight state footprint in AZ, CO, ID, MT, NV, UT, WA, or WY.The entry level for this position is $92,705.86 / per year (calculated for Missoula, MT).All compensation offers are analyzed individually and take into consideration multiple factors including but not limited to geographic location, years of experience, and educational background.Duties and ResponsibilitiesDescription% of Time Spent---Assists in the development and proposal of information technology strategy and design solutions to provide a secure environment with high levels of user adoption. Researches and provides recommendations on areas of information security, privacy technologies, and best practices. Provides a high level of engineering, consulting, and expertise to various project teams, including InfoSec peers, for enterprise architecture and security strategy.30%---Researches and develops methods of moving from simple Network Security Monitoring to Continuous Security Monitoring approach. Develops monitoring and reporting capabilities of the deployed SIEM. Assists in network and system investigations in response to information security event notifications, and alerts in accordance to the GBCI Incident Response Plan. Serves on Hunt Team to actively look for evidence of post-exploitation activity Completes network packet analysis review according to department policies and procedures and develops methods to research and resolve SIEM offenses in a timely manner.25%---Analyzes, researches, and conducts short and medium-range planning for new security hardware/software products. Responsible for proactively advising IT management of information security risks and best practices. Helps ensure Information Security portion of IT audits and exams meet or exceed satisfactory ratings.25%---Participates in the creation, and maintenance of the enterprise's IT security awareness training program.10%---Assists management with the creation and maintenance of security operations procedures, risk assessments, and security policies in accordance to GBCI policies and/or industry best practices. Creates and maintains security architecture diagrams and system configuration documentation.10%---Must comply with all company policies and procedures and all applicable laws and regulations, including but not limited to, the Bank Secrecy Act, the Patriot Act, and the Office of Foreign Assets Control. Must complete the assigned online training courses and achieve a passing score by due date. About YouQualificationsTo perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.EducationRequired/PreferredEducation LevelDescriptionRequiredBachelor's DegreeInformation Technology, preferably in Information Assurance or Information Security.ExperienceRequired/PreferredExperience LevelDescriptionRequired5 yearsExperience in IT, specializing in Information Security Operations.RequiredAdvanced ExperienceOperation security technologies such as firewalls, intrusion detection/prevention, SIEM, and other security systems.RequiredAdvanced ExperienceNetwork packet analysis and vulnerability analysis while creating an action plan to resolve issues or incidents that are discovered.RequiredAdvanced ExperienceSecuring public cloud services like Azure or AWS.RequiredAdvanced / Specialized KnowledgeNetworking principles, technologies and devices, Internet Protocols and address schemes, the ISO-OSI architectureRequiredKnowledge OfCommon information security management frameworks such as ISO 27001, ITIL, COBIT, NIST, and CSIS 20 Critical Security Controls.RequiredKnowledge OfOperating systems such as Microsoft Windows, Active Director, and Linux.Would an equivalent combination of relevant education and work experience be considered?: YesLicense/CertificationRequired/PreferredLicense/CertificationDescriptionRequired within 3 months of hireMultiple CertificationsA combination of multiples IT Security certifications that demonstrate a high level of technical and managerial IT security skills, one of which would be considered as "Advanced". Examples include: CISM, GIAC, CEH, CCNP, CSX-P, Network+, Security+, CASP+, and CISSP.Required Skills and Abilities---Employee must be trustworthy and possess a significant level of credibility, discretion, and diplomacy.---Employee must be capable of interacting calmly and professionally with a variety of people from diverse backgrounds at various levels within and outside of the organization.---Employee must be a team player with a passion for customer service and a proven ability to build rapport and work effectively with employees at all levels of the organization.---Employee must be a self-starter with ability to take ownership and accountability of all roles and responsibilities with minimal supervision.---Ability to communicate effectively, verbally and in writing. Ability to understand and follow complex written and oral instructions.---Ability to assess, research and deploy new security technologies and secure frameworks into existing enterprise security controls.---Ability to serve as cybersecurity subject matter expert on project teams.---Able to translate security policies and procedures into technical architectures.---Ability to serve as a backup for other staff members in a mutually supportive team work environment.---Employee must be capable of regular, reliable, and timely attendance.Additional RequirementsTravelUp to 15% travel required: (e.g. 3.5 days/month) by automobile (as driver and passenger), commercial airlines, rental vehicles and public transportation and be able to lodge in public facilities. Travel will be necessary to conduct the duties of this job, and the employee must have the ability to drive and have proper licensing.Working ConditionsEnvironment:Indoors, a climate-controlled shared work area.Noise Level:Minimal noise.Lifting:Medium work: Exerting up to 50 pounds of force occasionally, and/or up to 25 pounds of force frequently, and/or up to 10 pounds of force constantly to move objects.VisionClose visual acuity to prepare and analyze data and figures, view a computer terminal, and read the computer screen, printed materials, and handwritten materials.Physical ActivitiesFrequencyBalancing: Maintaining body equilibrium to prevent falling and walking, standing or crouching on narrow, slippery, or erratically moving surfaces.Infrequent - rare.Climbing: Ascending or descending ladders, stairs, scaffolding, ramps, poles and the like, using feet and legs and/or hands and arms.Infrequent - rare.Crawling: Moving about on hands and knees or hands and feet.Infrequent - rare.Crouching: Bending the body downward and forward by bending leg and spine.Infrequent - rare.Feeling: Perceiving attributes of objects such as size and shape, temperature or texture by touching with skin, particularly that of the fingertips.Infrequent - rare.Fingering: Picking, pinching, typing or otherwise working primarily with fingers rather than with the whole hand as in handling.Daily.Grasping: Applying pressure to an object with the fingers and palm.Occasional - now and then.Kneeling: Bending legs at knee to come to a rest on knee or knees.Occasional - now and then.Lifting: Raising objects from a lower to a higher position or moving objects horizontally from position to position.Occasional - now and then.Pushing: Using upper extremities to press against something with steady force in order to thrust forward, downward or outward.Infrequent - rare.Pulling: Using upper extremities to exert force in order to draw, haul or tug objects in a sustained motion.Occasional - now and then.Repetitive Motion: Making substantial movements (motions) of the wrists, hands, and/or fingers.Daily.Stooping: Bending body downward and forward by bending spine at the waist.Infrequent - rare. What We OfferCOMPENSATION & BENEFITS:Starting salary is dependent upon relevant experience and may vary based on the geographic location of the position. We offer an extensive benefits package that includes, but is not limited to medical, dental, vision, and life insurance, a health savings account option, an Employee Assistance Program (EAP), a health rewards program, a 401(k) retirement savings plan, discounts on banking products and services, and paid sick, holiday, and vacation time.Visit our website for more details!COMPANY OVERVIEW: We are a family of banks whose unique local presence reflects the communities we serve. We welcome the opportunity to grow and change as our customers and communities do the same. Read our story, learn about our banks, and experience life at Glacier Bancorp, Inc. all from our website. Check it out! We are an Equal Opportunity Employer and qualified applicants or employees will receive consideration for employment without regard to race, color, religion, national origin, sex (including pregnancy), sexual orientation, gender identity, mental or physical disability, genetic information, protected veteran status, or any other category protected by applicable federal, state or local laws.Glacier Bancorp, Inc. does not sponsor applicants for work visas. All applicants must be legally authorized to work in the US.No Recruiters or unsolicited agency referrals please.

Keywords: Foothills Bank, Missoula , Corporate Information Security Engineer II, Engineering , Missoula, Montana