POSITION SUMMARY

The Security Administrator is responsible for the installation, configuration, and support of Y-12 FCU security related systems as well as the configuration and support of all systems related security controls for Y-12 FCU servers, networks, and infrastructure. Responsible for vulnerability and risks management of all Y-12 FCU systems. Manage, monitor, and respond to any security attacks and intrusions. The Security Administrator is responsible for threat identification and mitigations by closing off the security vulnerabilities identified by vulnerability scan, threat research, security audits, and other methods.

Reports to: VP, Infrastructure

Supervises: 0 (Direct) 0 (Indirect)

ESSENTIAL FUNCTIONS

• The Security Administrator should suggest security improvement measures and industry best practices. They must design various strategies and defensive systems against intruders. The Security Administrator monitors internal and external systems for any unusual activities. They conduct counteractive protocols and report incidents. They will examine and evaluate security strategies and defenses. They will also help setup and grant permissions and privileges to authorized users.
• Develop and define new security layers and update the security systems documentation. The Security Administrator must maintain IT security controls documentation. Recognize the security gaps and prepare an action plan, also suggest recommendation, create security policies, and ensure they are implemented with support and mitigation during implementation. The Security Administrator monitors emerging threats through the IDS/IPS systems. They create awareness about security policy and security issues. 
• Take care of the cyber security projects and work with external vendors to meet Y-12 FCU cyber security objectives. Will work in close coordination with IT and credit union stakeholders on Cyber Security related matters. Recognize cyber security issues, devise, and drive effective mitigation.
• Provide cyber security incident response. The specialist detects comprisable patterns, insecure features, and malicious activities in the infrastructure. They will have an in-depth understanding of OWASP and its related risks.
• Track vulnerabilities and collaborate with internal network teams to ensure closure of vulnerabilities. They must be well-versed with various security tools such as Burp Suite, Nmap, Nessus, Qualys, Rapid 7 Insight, etc.
• The Security Administrator takes care of the day-to-day operations and data structures by overseeing the operational systems performance. They configure security systems and consoles. Must have an in-depth understanding of vulnerabilities management systems and common security applications. They conduct software upgrades and explains performance criteria, documents configurations, and systems specifications.
• Conduct threat and risk analysis and provide essential suggestions. Help in performing research, testing, evaluation, and deployment of security procedures. Aid in designing security training materials and organizing training sessions for the other departments.
• The Security Administrator must design secure principles and optimize new technology services. Also offer technical support in areas of the cross-discipline team. They assist in research and development projects. They write procedures for the delivery of cybersecurity product and services.
• Perform other job-related duties as assigned.

EDUCATION/ EXPERIENCE

• 2 yr degree in Cyber Security, Computer Science, or Information Technology or equivalent experience.
• At least five years of experience in windows and network system support and management
• Certifications in the security field are desirable (CISSP, Security , Cloud , …)

OTHER SKILLS AND ABILITIES

• Knowledge of current security risks, best practices, controls, and protocols
• Good analytic and problem-solving skills
• Ability to troubleshoot configuration problems or system issues.
• Working knowledge of Active Directory.
• Working knowledge of Network Infrastructure. (Routing and Switching)
• Working knowledge of scripting and automation.
• Working knowledge of VmWare or other virtualization technology.
• Ability to work independently with some guidance from manager.
• Must be self-motivated with strong communication skills.
• Willingness to work on-call as needed to respond to emergency issues

PERFORMANCE MEASUREMENTS:

• Using IT ticketing system to support the organization and developing documentation and knowledge base articles to aid front line IT support team.
• Identifying reoccurring problems or errors and working with IT staff to develop resolutions.
• Accurate up-to-date records (e.g. device configuration and user accounts) are maintained to ensure system integrity.

SERVICE STANDARDS: 

• Own the Issue

o Build confidence that you will help through your words and actions. 

o Minimize the team/member’s effort. 

• Personalize the Experience

o Show that you care about the person and the issue. 

o Adapt to the team/member’s pace, style, and emotional tone. 

• Be Authentic

o Be genuine. 

o Be present in the conversation to avoid sounding mechanical. 

• Understand, then Solve

o Aim for one-call resolution. 

o Address the underlying issue vs. just the request. 

o Be crystal clear on next steps. 

• Be Curious to Exceed Expectations

o Pick up on cues and clues indicating other needs. 

o Engage in conversation to discuss broader needs. 

o Help the member access additional resources, products, and services to gain more value.

 PHYSICAL DEMANDS:

The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. While performing the duties of this job, the employee is regularly required to talk, hear, and sit. This position requires standing, walking, bending, kneeling, stooping, crouching. The employee may occasionally lift and/or move items over 15 pounds. Specific vision abilities required by this job include close vision, distance vision, color vision, peripheral vision, depth perception and ability to adjust focus.

WORK ENVIRONMENT:

Typical office – no hazardous or unpleasant conditions.

We are an EEO Employer

All descriptions have been reviewed to ensure that only essential functions and basic duties have been included.Peripheral tasks, only incidentally related to each position, have been excluded.Requirements, skills, and abilities included have been determined to be the minimal standards required to successfully perform the positions.In no instance, however, should the duties, responsibilities, and requirements delineated be interpreted as all-inclusive.Supervisors as deemed appropriate may assign additional functions and requirements.

In accordance with the Americans with Disabilities Act, it is possible that requirements may be modified to reasonably accommodate disabled individuals.However, no accommodations will be made which may pose serious health or safety risks to the employee or others or which impose undue hardships on the organization.

Job descriptions are not intended and do not create employment contracts. The organization maintains its status as an at-will employer. Employees can be terminated for any reason not prohibited by law.