Coordinate the formulation and definition of scope and objectives through research; fact-finding; and knowledge of business processes, technology, and industry requirements for information security. Lead the impetus and requirements for the information security design and operational specifications. Ensures that processes and information technology are aligned in order to make certain that there is system integrity. Coach and mentor less-experienced staff.
DUTIES AND RESPONSIBILITES
- Lead the work with application business and IT owners to define and adjust application and data security guidelines and standards.
- Coordinate the application development, infrastructure, and business units to implement security policies.
- Perform security audits, risk assessments, and analysis. Make recommendations for enhancing systems security.
- Analyze corporate environment to identify potential intrusion points, leaks, and breaches. Research attempted breaches in security and rectify security weaknesses.
- Develop information security technical specifications as well as prepare test objectives in order to validate processes and system development and operations.
- Provide additional information security assistance as required.
ESSENTIAL FUNCTIONS
- Lead the assessment of business units’ application and data security and authorization needs.
- Coordinate the application development and infrastructure to implement security guidelines and standards.
- Perform security audits, risk assessments, and analysis.
- Make recommendations for enhancing systems security.
- Investigate attempted breaches of security and identify security weaknesses.
- Lead the formulation of security guidelines and procedures.
- Coordinate security incident response activities.
Required Skills
- Knowledge of SDLC methodologies.
- Knowledge of ITIL and ITSM methodologies.
- Strong knowledge of Security Incident and Event Monitoring and management (SIEM).
- Strong knowledge of relevant government regulations and current information security trends.
- Strong knowledge of MS Office tools.
- Strong knowledge of perimeter security methodologies.
- Knowledge of physical and logical security standards.
- Skill in implementing and administering vulnerability scanning tools.
- Strong risk-assessment and measurement skills.
- Strategic thinking, planning, solution assessment, and validation skills.
- Strong collaboration, partnering, and teamwork skills.
- Strong communication, problem-solving, and systemic thinking skills.
- Ability to adapt.
- Ability to learn CMIC IT systems; methodologies and processes; and policies, products, etc., associated with the business.
- Ability to coach and mentor less-experienced staff.
Required Experience
- Six plus years’ experience in an Information Security Analyst role with working knowledge of information systems, business operations, requirements analysis, and integration/design solutions.
- Financial services industry experience preferred.
EDUCATION
- Bachelor’s degree in related field (e.g., business, finance, or technical) or equivalent experience required.
- CISA, CISM, GSEC, CISSP, or other relevant GIAC certifications preferred.
Church Mutual is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran or disability status.