Information Security Engineer I

Company: BayPort Credit Union
Location: Newport News
Posted on: March 17, 2023

Job Description:

POSITION SUMMARY:

This position is responsible to the Information Security Officer for supporting functions of the credit union's Information Security Program. Under the direction of the ISO, this position is an expert of vendor management systems, reports, processes, regulations and documentation. Additionally this position maintains components of security awareness training and performs application audits.

ESSENTIAL FUNCTIONS:

• Develop expertise of BayPort's vendor management program
• Track all vendors used by the credit union using designated applications and network storage locations
• Identify and obtain missing compliance documentation for vendors, including contracts, agreements, security reports, financials, etc.
• Configure vendor ongoing monitoring oversight tasks in designated application for scheduling and reporting
• Produce various vendor management reports for self, management, and executives to review and analyze
• Understand and relay information regarding third-party risks ADDITIONAL RESPONSIBILITIES:
  • Establish strong relationships with managers and employees in business units that use applications and services
  • Assists with onboarding new vendors and perform some of the vetting tasks
  • Engage and mentor business unit owners to manage their vendor ongoing monitoring responsibilities
  • Review and edit vendor management and information security related guidelines, procedures, standards and supporting documentation
  • Work with third-party vendors to review and resolve issues
  • Identify and analyze access and permissions to applications to align with employee positions and roles (least privilege principle)
  • Research and configure security awareness training materials
  • Post security awareness communications to company intranet
  • Assist in maintenance of security awareness poster rotation program; includes research, selection, creation, distribution, and tracking
  • Track security awareness training results and participation levels
  • Work with employees as tasks related to delivery of security awareness training and education
  • Learn appropriate software applications used and supported by the organization
  • Exhibit willingness to learn new methods and participate in training
  • Exhibit willingness to share knowledge with others. QUALIFICATIONS:
    
    Position Requirements
    
    Knowledge:
    • Practical knowledge of information security principles, concepts and techniques
    • Working knowledge of technology
    • Excellent understanding of the organization's goals and objectives Education:
      • Education equivalent to a Bachelor's degree or experience in the field or related area. Certifications:
        • Certification related to Vendor Management, Risk Management, Information Security or Technology (preferred)
          
          • Compliance Education Institute, ISACA, CompTIA, Microsoft, ISC2, etc. Preferred Knowledge & Experience
            • Information security or technology equivalent work experience: 5-10 years
            • Financial institution experience: 5+ years
              
              • Or vendor management experience in a regulated industry
              • Microsoft Office applications
              • Excellent analytical and problem-solving abilities
              • Ability to effectively prioritize and execute tasks
              • Display use of logic and efficiency
              • Proven experience with vendor management and information security principles and methodologies
                
                We are proud to be an EEO/AA employer M/F/D/V. We maintain a drug-free workplace and reserve the right to perform pre-employment substance abuse testing.

Keywords: BayPort Credit Union, Newport News , Information Security Engineer I, Engineering , Newport News, Virginia