Corporate Information Security Engineer II
Company: Foothills Bank
Location: Missoula
Posted on: May 21, 2023
|
|
Job Description:
About The RoleRecommends appropriate security solutions,
security enhancements, and purchases. Monitors emerging products,
technologies, or best practices that will improve security for the
organization and its stakeholders. Stays up-to-date on the latest
threat intelligence, in order to anticipate and defend again new
security threats. Provides leadership and mentoring to other IT
staff members to promote high levels of security knowledge and
awareness. Provides senior level expertise in maintaining
enterprise firewalls, securing public cloud infrastructure,
intrusion detection/prevention, SIEM, and other security operations
systems. Analyzes, researches, and reports on attempted efforts to
compromise security controls. This includes reporting and
researching deviations from GBCI policy, standards, IT risk
management initiatives, and best practices. Performs or
participates in security audits, identifies security gaps, and
develops and implements risk mitigation solutions. The ability to
motivate or influence internal or external senior level
professionals is a critical part of the job, requiring a
significant level of influence and trust. Obtaining cooperation and
agreement on important outcomes via frequently complex, senior
level dialogues, as well as a professional level of written
communication skills are essential to the position. The ability to
analyze, report, and make recommendations on the security posture
of acquired financial institutions is also a critical part of the
job.This is a Corporate position which may be located at an
available bank division location across our eight state footprint
in AZ, CO, ID, MT, NV, UT, WA, or WY.The entry level for this
position is $92,705.86 / per year (calculated for Missoula, MT).All
compensation offers are analyzed individually and take into
consideration multiple factors including but not limited to
geographic location, years of experience, and educational
background.Duties and ResponsibilitiesDescription% of Time
Spent---Assists in the development and proposal of information
technology strategy and design solutions to provide a secure
environment with high levels of user adoption. Researches and
provides recommendations on areas of information security, privacy
technologies, and best practices. Provides a high level of
engineering, consulting, and expertise to various project teams,
including InfoSec peers, for enterprise architecture and security
strategy.30%---Researches and develops methods of moving from
simple Network Security Monitoring to Continuous Security
Monitoring approach. Develops monitoring and reporting capabilities
of the deployed SIEM. Assists in network and system investigations
in response to information security event notifications, and alerts
in accordance to the GBCI Incident Response Plan. Serves on Hunt
Team to actively look for evidence of post-exploitation activity
Completes network packet analysis review according to department
policies and procedures and develops methods to research and
resolve SIEM offenses in a timely manner.25%---Analyzes,
researches, and conducts short and medium-range planning for new
security hardware/software products. Responsible for proactively
advising IT management of information security risks and best
practices. Helps ensure Information Security portion of IT audits
and exams meet or exceed satisfactory ratings.25%---Participates in
the creation, and maintenance of the enterprise's IT security
awareness training program.10%---Assists management with the
creation and maintenance of security operations procedures, risk
assessments, and security policies in accordance to GBCI policies
and/or industry best practices. Creates and maintains security
architecture diagrams and system configuration
documentation.10%---Must comply with all company policies and
procedures and all applicable laws and regulations, including but
not limited to, the Bank Secrecy Act, the Patriot Act, and the
Office of Foreign Assets Control. Must complete the assigned online
training courses and achieve a passing score by due date. About
YouQualificationsTo perform this job successfully, an individual
must be able to perform each essential duty satisfactorily. The
requirements listed below are representative of the knowledge,
skill, and/or ability required. Reasonable accommodations may be
made to enable individuals with disabilities to perform the
essential functions.EducationRequired/PreferredEducation
LevelDescriptionRequiredBachelor's DegreeInformation Technology,
preferably in Information Assurance or Information
Security.ExperienceRequired/PreferredExperience
LevelDescriptionRequired5 yearsExperience in IT, specializing in
Information Security Operations.RequiredAdvanced
ExperienceOperation security technologies such as firewalls,
intrusion detection/prevention, SIEM, and other security
systems.RequiredAdvanced ExperienceNetwork packet analysis and
vulnerability analysis while creating an action plan to resolve
issues or incidents that are discovered.RequiredAdvanced
ExperienceSecuring public cloud services like Azure or
AWS.RequiredAdvanced / Specialized KnowledgeNetworking principles,
technologies and devices, Internet Protocols and address schemes,
the ISO-OSI architectureRequiredKnowledge OfCommon information
security management frameworks such as ISO 27001, ITIL, COBIT,
NIST, and CSIS 20 Critical Security Controls.RequiredKnowledge
OfOperating systems such as Microsoft Windows, Active Director, and
Linux.Would an equivalent combination of relevant education and
work experience be considered?:
YesLicense/CertificationRequired/PreferredLicense/CertificationDescriptionRequired
within 3 months of hireMultiple CertificationsA combination of
multiples IT Security certifications that demonstrate a high level
of technical and managerial IT security skills, one of which would
be considered as "Advanced". Examples include: CISM, GIAC, CEH,
CCNP, CSX-P, Network+, Security+, CASP+, and CISSP.Required Skills
and Abilities---Employee must be trustworthy and possess a
significant level of credibility, discretion, and
diplomacy.---Employee must be capable of interacting calmly and
professionally with a variety of people from diverse backgrounds at
various levels within and outside of the organization.---Employee
must be a team player with a passion for customer service and a
proven ability to build rapport and work effectively with employees
at all levels of the organization.---Employee must be a
self-starter with ability to take ownership and accountability of
all roles and responsibilities with minimal supervision.---Ability
to communicate effectively, verbally and in writing. Ability to
understand and follow complex written and oral
instructions.---Ability to assess, research and deploy new security
technologies and secure frameworks into existing enterprise
security controls.---Ability to serve as cybersecurity subject
matter expert on project teams.---Able to translate security
policies and procedures into technical architectures.---Ability to
serve as a backup for other staff members in a mutually supportive
team work environment.---Employee must be capable of regular,
reliable, and timely attendance.Additional RequirementsTravelUp to
15% travel required: (e.g. 3.5 days/month) by automobile (as driver
and passenger), commercial airlines, rental vehicles and public
transportation and be able to lodge in public facilities. Travel
will be necessary to conduct the duties of this job, and the
employee must have the ability to drive and have proper
licensing.Working ConditionsEnvironment:Indoors, a
climate-controlled shared work area.Noise Level:Minimal
noise.Lifting:Medium work: Exerting up to 50 pounds of force
occasionally, and/or up to 25 pounds of force frequently, and/or up
to 10 pounds of force constantly to move objects.VisionClose visual
acuity to prepare and analyze data and figures, view a computer
terminal, and read the computer screen, printed materials, and
handwritten materials.Physical ActivitiesFrequencyBalancing:
Maintaining body equilibrium to prevent falling and walking,
standing or crouching on narrow, slippery, or erratically moving
surfaces.Infrequent - rare.Climbing: Ascending or descending
ladders, stairs, scaffolding, ramps, poles and the like, using feet
and legs and/or hands and arms.Infrequent - rare.Crawling: Moving
about on hands and knees or hands and feet.Infrequent -
rare.Crouching: Bending the body downward and forward by bending
leg and spine.Infrequent - rare.Feeling: Perceiving attributes of
objects such as size and shape, temperature or texture by touching
with skin, particularly that of the fingertips.Infrequent -
rare.Fingering: Picking, pinching, typing or otherwise working
primarily with fingers rather than with the whole hand as in
handling.Daily.Grasping: Applying pressure to an object with the
fingers and palm.Occasional - now and then.Kneeling: Bending legs
at knee to come to a rest on knee or knees.Occasional - now and
then.Lifting: Raising objects from a lower to a higher position or
moving objects horizontally from position to position.Occasional -
now and then.Pushing: Using upper extremities to press against
something with steady force in order to thrust forward, downward or
outward.Infrequent - rare.Pulling: Using upper extremities to exert
force in order to draw, haul or tug objects in a sustained
motion.Occasional - now and then.Repetitive Motion: Making
substantial movements (motions) of the wrists, hands, and/or
fingers.Daily.Stooping: Bending body downward and forward by
bending spine at the waist.Infrequent - rare. What We
OfferCOMPENSATION & BENEFITS:Starting salary is dependent upon
relevant experience and may vary based on the geographic location
of the position. We offer an extensive benefits package that
includes, but is not limited to medical, dental, vision, and life
insurance, a health savings account option, an Employee Assistance
Program (EAP), a health rewards program, a 401(k) retirement
savings plan, discounts on banking products and services, and paid
sick, holiday, and vacation time.Visit our website for more
details!COMPANY OVERVIEW: We are a family of banks whose unique
local presence reflects the communities we serve. We welcome the
opportunity to grow and change as our customers and communities do
the same. Read our story, learn about our banks, and experience
life at Glacier Bancorp, Inc. all from our website. Check it out!
We are an Equal Opportunity Employer and qualified applicants or
employees will receive consideration for employment without regard
to race, color, religion, national origin, sex (including
pregnancy), sexual orientation, gender identity, mental or physical
disability, genetic information, protected veteran status, or any
other category protected by applicable federal, state or local
laws.Glacier Bancorp, Inc. does not sponsor applicants for work
visas. All applicants must be legally authorized to work in the
US.No Recruiters or unsolicited agency referrals please.
Keywords: Foothills Bank, Missoula , Corporate Information Security Engineer II, Engineering , Missoula, Montana
Click
here to apply!
|