Senior IT Security Administrator
PeoplesBank · Holyoke, MA · 2 wk ago
Information TechnologyFull-time
Essential Duties And Responsibilities
- Recommend, plan, and implement security measures to protect bank systems, per direction of AVP – Security Officer and under the guidance of the Risk Oversight Group and the bank’s Information Security Risk Program.
- Oversight of day-to-day firewall, anti-malware, Microsoft Purview and Security Admin Centers, MFA, and secure email gateway monitoring and updating.
- Works with the bank’s associated vendors as needed.
- Updates and makes recommendations to computer security policies and procedures which relate to the internal and external integrity of the Banks systems.
- Produces and maintains documentation and standard operational procedures.
- Provides guidance, training, set-up, and implementation of the bank’s IT security systems.
- Fulfills best practice standards for IT security (e.g., NIST, FS-ISAC, etc.).
- Oversees patch management process.
- Works with the Security team, Network Administrators and Helpdesk to review and apply/coordinate applicable software patches and upgrades to bank systems.
- Documents applied security patches, including the criticality and patch purpose.
- Reviews and responds to security events, documents, and works with Risk Oversight Group to provide guidance on incident analysis, root cause analysis, and problem resolution.
- Works with AVP - Security Officer to review IT security issues and incidents.
- Reviews the Bank’s computer and network security. Fully documents and reviews any concerns to management.
- Works with Risk Oversight Group to review user access and permissions as needed.
- Manages security system logs and alerts via a SIEM and/or other tools; works with Risk Oversight Group, Security Team, and vendor to ensure logs and alerts have been investigated, cleared, and addressed appropriately.
- Works with Security team, Risk Oversight Group, and Network team in developing and updating business continuity and disaster recovery protocols.
- Aids Risk Oversight Group with IT security components of the bank’s disaster recovery testing and documentation.
- Collaborates with Security Team and Risk Oversight Group to identify and plan for data security initiatives and implementation of solutions on the Bank’s network and systems.
- Stays current on emerging threats and vulnerabilities, proactively safeguarding bank systems from potential attacks.
- Provides informed recommendations based on evolving industry trends and best practices.
Education And Experience
- Bachelor’s degree or equivalent combination of education and experience PLUS Four (4) to Eight (8) years of relevant experience
- Required a thorough knowledge of the security field
Skills Required
- Excellent customer service skills.
- Excellent verbal and written communication skills.
- Organized with attention to detail.
- Able to develop and understand technical documents.
- Strong critical thinking skills.
- Demonstrated problem-solving and analytical skills.
- Thorough understanding of computer-related security systems including firewalls, email gateways, encryption, and password protection and authentication.
- Strong working knowledge of Active Directory and group policy security schemes.
- Experience with application/system IT Security assessments including internal/external penetration testing.
- Thorough understanding of vulnerability and patch management.
- Proficient with a broad array of security software applications and tools.
- Working knowledge of hardening host’s and guest operating systems in a virtualized environment
- Working knowledge of Microsoft 365, Azure, and Purview.
Education And Experience
- Security+ or equivalent certification required
- Computer / Technical Skills
- Knowledge of Information System Security
- Firewalls
- Siem
- Secure Email Gateway
- Intrusion detection / protections
- Related vulnerability assessment tools