Please reference the schedule and minimum qualifications listed below before applying. If you need assistance with filling out our application form or during any phase of the application, interview, or employment process, please notify our Human Resources Team at option 1 or email and every reasonable effort will be made to accommodate your needs in a timely manner.
Job Summary Responsible for deploying and supporting automated security assessment systems and ensures information security compliance.
Job Description LOCATION Mountain America Center - Hybrid:
9800 S Monroe St
Sandy, UT 84070
SCHEDULE Full Time
To be effective, an individual must be able to perform each job duty successfully.
- Maintains and updates an IT network security architecture to meet a strong information security posture, data security requirements, business objectives, and regulatory requirements
- Designs security for complex clusters of networked computers (Physical Servers, VM's to cluster ratios, SAN usage, Networking Equipment)
- Works in conjunction with additional security engineers on system infrastructure and security
- Assists in designing a secure and highly scalable and redundant network to support the future growth
- Engineers and administers technical solutions in accordance with security policies and procedures; knowledge of Information Security standards, best practices, methodologies and process associated with the information risk management industry
- Understands encryption at rest and in transit including SSL certificates
- Assists in the implementation and review of Active Directory, GPOs, DNS, DHCP, SQL, and Email
- Assists in the design evaluations of current and potential server and storage systems
- Researches, tests and deploys additional security processes and products
- Assess potential items of risk and opportunities of vulnerability in the enterprise including periodic security audits
- Reviews code for security vulnerabilities (OWASP Top 10) and maintain PCI Compliance
- Works closely with development teams on secure coding practices
- Reviews the security of new and implemented applications
- Assists in the design, implementation, and review of Data Loss Protection and Information Rights Management
- Updates job knowledge by participation in educational opportunities, reading professional publications, maintaining personal networks and participation in professional organizations
- Interfaces periodically with third parties to coordinate independent risks assessments, vulnerability and penetration testing
- Automates vulnerability scanners and monitoring controls processes to provide better metrics
- Performs other duties as assigned
KNOWLEDGE, SKILLS, and ABILITIES The requirements listed are representative of the knowledge, skills, and/or abilities required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential job functions.
Experience - Five years minimum experience in Information Technology
- Five to eight years of similar or related experience in Information Security
- In-depth understanding of large-scale networks. Credit Union or Banking experience is a plus.
- Exceptional experience and very detailed technical knowledge in at least two of the following areas: security engineering, web vulnerability system and network security, authentication and security protocols, applied cryptography, security vulnerabilities and remediation techniques (e.g. penetration testing)
- Strong scripting skills (e.g., Perl, Python, Ruby, Shell script, JavaScript, PowerShell)
Education Four-year college degree or equivalent experience and certifications (CISSP, CISA, GIAC, or CEH)
Licenses, Certificates, Registrations Certifications from recognized Security Body - CISSP, CEH, CISA/CISM, GIAC, or CCNP/CCNA with a strong security background; CISSP preferred
Computer/Office Equipment Skills Advanced skills in Microsoft Office including Outlook, Word, PowerPoint, and Excel
Managerial Responsibility Has no supervisory/managerial responsibilities
Other Skills and Abilities Ability to prioritize, organize and effectively communicate verbally as well as written; penetration testing experience, data and network security architecture experience, PCI, application layer security testing, secure coding experience, kali, and other security tools. Strong understanding of secure networking principles for operating systems security, cloud security, and virtualization.
PHYSICAL ABILITIES / WORKING CONDITIONS Physical Demands Ability to sit, talk, and hear consistently
Ability to use hands to handle or reach frequently
Vision Requirements Closer vision (clear vision at 20 inches or less)
Distant vision (clear vision at 20 feet or more)
Color vision (ability to identify and distinguish colors)
Ability to adjust focus (ability to adjust the eye to bring an object into sharp focus)
Weight Lifted or Force Exerted Ability to lift up to 10 pounds consistently
Ability to lift up to 50 pounds occasionally
Environmental Must be able to endure cold non-weather conditions occasionally, and risk of electrical shock consistently
Noise Environment Moderate noise (business office with computers and printers, light traffic)
This Job is not eligible to be performed in Colorado or Connecticut, either remotely or in-person.
Mountain America Credit Union is an EEO/AA/ADA/Veterans employer.