Manager - Information Security Investigations

TITLE: MANAGER – INFORMATION SECURITY INVESTIGATIONS
STATUS: EXEMPT
REPORT TO: DIRECTOR – INFORMATION SECURITY
DEPARTMENT: IT – INFO SEC ENGINEERING
JOB CODE: 11628

PAY RANGE: $137,300.00 - $155,000.00 ANNUALLY

GENERAL DESCRIPTION:

The Manager - Information Security Investigations supports the signal evaluation, cyber incident response programs and data analysis requirements within Golden1. This position is responsible for maintaining the confidentiality, integrity, and availability of all Credit Union data, as well as ensuring compliance with all privacy laws and best practices. This role will maintain, mature, and develop areas of, Privacy, Insider Threat, Threat Intelligence, Incident Response, Vulnerability Investigations, Red/Blue Team, and alert validation where applicable. Manages the information security analysts core team, and partners with all IT leaders in the area of signal creation, evaluation and response. This role will be in alignment with our incident response team and provide any data analysis to IT, business, risk, and privacy teams as required. The Manager, Information Security Investigations works with a wide variety of employees from different organizational units, collaborating to set up response workflows and data visualizations that reflect the security posture and proactive responses to current and future information security risks.

TASKS, DUTIES, FUNCTIONS:

1. Manage the information security investigations and analysis team.
2. Develop alert requirements and ensure these requirements have been captured, designed, built, and validated prior to deployment. Monitor ongoing compliance with these requirements through periodic testing with the engineering team.
3. Recommend appropriate information security monitoring and alerting solutions that protect Golden 1’s business activities.
4. Develop role-based training plans for analysts, and specialized roles for analysis that support a financial institution’s needs.
5. Maintain a thorough understanding of state and federal laws and regulations related to credit union compliance including bank secrecy and anti-money laundering laws appropriate to the position.
6. Foster a positive and engaging work environment for each team member by promoting skill development, coaching for improvement and growth, inspiring others through your words and actions, ensuring positive employee morale throughout Golden 1, and embracing our mission, vision, and core values.  
7. Monitor Information Security threat intelligence channels and partner with vulnerability engineering team to alert and if discovered, perform incident triage, analysis, response, and remediation.
8. Collaborate with Information Technology and other departments within Golden 1 to ensure information security risks in both ongoing and planned operations are properly considered and that all compliance matters are being adhered to as required.
9. Execute the monitoring/testing program to support ongoing compliance with information security policies. Monitor management’s risk mitigation strategies; assess reasonableness of any residual risks.
10. Manage and oversee a 24x7 Security Operations Center or Managed Security Service Provider (MSSP)
11. Oversee actions taken against alerts, investigations, and reporting for systems, processes and procedures and evaluates them against GLBA, federal and state information protection and privacy regulations, and other relevant regulations.
12. Keep Management updated of Information Security matters by developing action plans, budgets, schedules, and reports to improve Information Security at Golden 1.
13. Work with outside consultants as appropriate for independent security audits.
14. Monitor current and proposed laws, regulations, industry standards, and ethical requirements related to information security and privacy to proactively keep Golden 1 fully compliant in these new requirements.
15. Research emerging security investigation strategies for their application in Golden 1’s information security environments.
16. Develop and maintain an understanding of the pertinent regulatory requirements and risks inherent to job responsibilities, establish, and maintain control activities that mitigate those risks consistent with the Credit Union’s risk appetite, and ensure operational integrity and compliance with applicable regulations.
17. Handle other duties as may be assigned.

PHYSICAL SKILLS, ABILITIES, AND EXERTION UTILIZED IN THE PERFORMANCE OF THESE TASKS:

1. Effective oral and written communication skills required to assure the ongoing security and protection of Golden 1’s Information Technology and information assets.
2. Must possess sufficient manual dexterity to skillfully operate an on-line computer terminal and other standard office equipment, such as financial calculators, personal computer, facsimile machine, and telephone. 

ORGANIZATIONAL CONTACTS & RELATIONSHIPS:

1. INTERNAL: All levels of staff and management.
2. EXTERNAL: Volunteers, external auditors, professional and community organizations, and law enforcement agencies.

QUALIFICATIONS:

1. EDUCATION: Bachelor’s degree, preferably in a Management Information Systems, Information Security, Information Technology/Computer Sciences field, or equivalent job experience.
2. EXPERIENCE: At least 7 years’ combination experience in Information Security Incident Response, Information Security Engineering, or Information Security Privacy and Risk and 3 years direct supervisory experience.
3. KNOWLEDGE/SKILLS: Primary experience with implementing Information Security Frameworks (MITRE, NIST, etc) into a Security Operations Center. Developing standard operating procedures (SOPs) and a combination of cyber runbooks or playbooks. Experience with report writing and presentations to leadership. Using tools such as Word, Powerpoint, Excel and Visio to provide business justifications. Experience developing Information Security specialty programs, such as Threat Intelligence, Threat Hunting, or Incident Response. Experience with information security technologies, markets, and vendors (firewall, intrusion detection, assessment tools, encryption, web/application security, etc.). In-depth knowledge of information security technology. Proficient in network security design and architecture, capacity planning, network performance monitoring, end-point protection, patch-management, vulnerability management, penetration testing, intrusion detection, risk management, mobile device management, wireless management, and data loss prevention. Be familiar and versed in concepts and best practices including, but not limited to, security frameworks and guidelines established by the Federal Financial Institutions Examination Council (FFIEC), National Institute on Standards in Technology (NIST), the International Information Systems Security Certification Consortium (ISC)², International Standards Organization (ISO), and the Control Objectives for Information Technology (COBIT) established by the Information Systems Audit and Control Association (ISACA).

PHYSICAL REQUIREMENTS:

1. 1. Prolonged sitting throughout the workday with occasional mobility required.
   2. Corrected vision within the normal range.
   3. Hearing within normal range.  A device to enhance hearing will be provided if needed.
   4. Occasional movements throughout the department daily to interact with staff, accomplish tasks, etc.
   5. Unusually long work hours may be required to accomplish tasks.

LICENSES/CERTIFICATIONS:

Information Security Certification preferred:

One or more of the following preferred certifications (or similar relevant Cyber Security Certificates will be accepted; Certified Information System Security Professional (CISSP), Certified Information Security Manager (CISM) Certified Internal Systems Auditor (CISA), Certified Ethical Hacker (CEH), preferred.  Pursuit of at least one of these professional certifications required if job experience waives the initial requirement.

THIS JOB DESCRIPTION IN NO WAY STATES OR IMPLIES THAT THESE ARE THE ONLY DUTIES TO BE PERFORMED BY THIS EMPLOYEE.   HE OR SHE WILL BE REQUIRED TO FOLLOW OTHER INSTRUCTIONS AND TO PERFORM OTHER DUTIES REQUESTED BY HIS OR HER SUPERVISOR THAT ARE WITHIN HIS / HER KNOWLEDGE, SKILL AND ABILITY AS WELL AS HIS / HER MENTAL AND PHYSICAL ABILITIES.

REV. 4/12/2024