Job Description
OVERALL PURPOSE:Under the guidance of the manager, this position is responsible for, monitoring, managing and maintaining the companys network security infrastructure; monitoring, analyzing, and responding to network security alerts; identification and analysis of problems; and driving the investigation of solutions, new approaches and techniques for implementation. If applicable or appropriate, ensures business units compliance with applicable laws, regulations, regulatory requirements and Bank policies and procedures, including but not limited to those related to Anti-Money Laundering laws and regulations, Bank Secrecy Act and USA PATRIOT Act. In addition, this position is responsible for demonstrating the Excellence in Sales/Service (ESS) philosophy by participating in and practicing ESS disciplines and behaviors.
Information Security Systems Analysis and Administration
Demonstrates a thorough understanding of internal and external corporate security policies and procedures.
Provides input and assists in developing security policies and procedures; acts as consultant by providing input and guidance regarding security policy to technical staff and end users.
Performs network security event alert monitoring analysis, remediation, and resolution.
Provides system administration, maintenance, analysis, and response support for other systems as assigned.
Acts as information security subject matter expert and consultant to IMSG and business units regarding risks associated with projects and internal initiatives.
Drives systems and/or process analysis and design to meet functional and organizational requirements, individually and/or through assigned staff.
Provides input and recommends alternatives while costing, estimating, or validating solutions, individually and/or through assigned staff.
Incorporates Bank of Hawaii Information security policies and procedures into all system designs.
Incorporates the reuse of existing components within designs where feasible and efficient.
Ensures that systems designs align with Bank of Hawaiis business and technical strategies.
Drives continuous review to ensure that systems meet changing business and regulatory conditions.
Manages full systems life cycles which include hardware or software replacement and redesign.
Leadership
Leads and participates in team events and projects.
Works with all levels of staff and management to address concerns and resolve issues.
Coordinates and communicates status on issues, projects and other business activities to management and business partners as appropriate.
Challenges the status quo and shares information.
Provides feedback to others; addresses people issues quickly and directly.
Drives assigned tasks through to completion.
Provides technical leadership, assistance, and review of work for junior and peer staff members and vendors.
Provides appropriate staff mentoring and coaching to foster a strong team atmosphere.
Provides input for performance management and development opportunities for junior staff.
Responsible for their own learning; stays abreast of current information security vulnerabilities, issues, and trends.
Educates IMSG and business leaders on the direction of information security trends and emerging issues and defenses.
Takes the initiative to become educated and knowledgeable on topics that pertain to general information technology and the banking industry.
Ensures cross training between team members to maintain effective back up.
Educates the IT organization on the direction of the business, emerging technologies and their cost/benefit.
Investigates and facilitates the development of new approaches and techniques for possible implementation individually or through staff.
Works closely with management to ensure that all systems are in line with the IMSG technology strategy and information security requirements.
Looks for alternative solutions to improve information security posture and operating efficiency.
Accountable for developing and communicating career goals to management.
Develops plan for achieving established career objectives.
May assist with the leadership of a team or section including staffing, scheduling, performance management and development.
Production Maintenance
Provides support of the production environment; logs and tracks problems, responds to questions and support requests and ensures the production environment meets the service levels established with business units.
Drives analysis of problems, ensures corrective actions through resolution takes steps to improve production support, implements preventative measures and ensures status updates are provided to those impacted in support of the IMSG Service Level Agreement.
Initiates and facilitates meetings with Business Units and technical staff to address issues as required.
Drives outstanding problems to resolution and ensures priorities and deadlines are met.
Performs regular follow-up according to procedures, and confirms resolution with user prior to closing the problem reports.
Confirms impact of user problems are communicated via the various communication channels.
Maintains knowledge of products and services supported as assigned.
Develops and improves monitoring capabilities.
Initiates communication with vendor or escalates with appropriate vendor management for problem resolution.
Implements program/system updates and enhancements in accordance with corporate policies and Information Management and Systems Group (IMSG) standards.
Manages application system updates to current revision levels and ensures that processes are in place such that similar updates are applied to the underlying infrastructure and associated interfaces.
Drives other technical teams to identify, research, and resolve IT security problems with application systems, their associated interfaces, and underlying infrastructure.
Maintains documentation of IT security procedures, system configuration standards, maintenance and upgrades.
Follows risk management guidelines and procedures.
Ensures compliance with applicable BOH policies.
Business Partnership
Improves positive business relationships with business units and partners.
Ensures technical staff is working with business users to identify and analyze their needs and define business requirements of new or existing systems.
Ensure technical staff and business partners work towards alternatives and solutions to meet agreed requirements.
Analyze business partner operations to determine opportunities to streamline and automate business process.
Supports planning and prioritization of process engineering and related activities.
Understands changing business conditions and their impact on existing processes and operations.
Contributes to business decisions where information security or information technology may be leveraged or impacted, ensuring that all IT implications are considered.
Ensures that the design and integration of proposed systems, software, and hardware solutions lead to the development and growth of business through effective use of technology.
Directs efforts and proactively communicates project status, schedules and risk assessment.
Testing
Reviews and/or develops test plans assuring that appropriate Corporate Testing Standards and industry standards are used in plan development.
Reviews test environments and processes and makes recommendations for improvement.
Oversees the testing process and to end.
Oversees the partnership with the business unit as it relates to acceptance testing.
Directs design and pre-implementation walkthroughs.
Ensures that test environment is available.
Ensures test results are documented and approvals are received prior to implementation.
Individually or through assigned staff ensures development and validity of a disaster recovery plan for assigned applications.
Defines interface requirements and methodology.
Recommends business testing requirements.
Oversee disaster recovery process for assigned applications.
Vendor Management
Has an understanding of contractual agreements. Implements and oversees processes for fulfillment of terms.
Manages vendor relationships in accordance with Bank of Hawaii policies and procedures including the completion of annual scorecards where applicable.
Drives to resolution issues and concerns with vendor performance especially where there is impact to production and project deliverables.
Functions as a primary vendor contact responsible for implementing the vendor relationship strategies and able to communicate corporate standards and requirements to better align vendor support delivery.
Participates in contractual negotiations and leads as appropriate changes based on corporate IT standards and support requirements.
Participates in the budget process. Continually seeks optimal value in service from vendors, reviewing and monitoring performance and return-on-investment metrics.
Drives the development of Request for Information (RFIs), Request for Proposal (RFPs) and business cases.
Drives the evaluation of vendor proposals and performance taking into account corporate strategy and IT architecture standards.
Drives vendor to identify opportunities for innovation, cost reduction, and improved functionality and efficiencies with provided solutions.
Drives the assessment of vendor solution options, identifying risks, cost/benefits, and on-going support considerations.
Performs other job related duties as assigned.
This position requires use of a personal computer and other standard office equipment (fax, copier, calculator, telephone).
Job Requirements
MINIMUM QUALIFICATIONS:Education: 4 year college degree from an accredited educational institution or equivalent work related experience. CISSP, CISM, CISA, and/or CEH certifications desirable.
Experience: Seven to ten years of information security-related work experience, including general information security concepts as well as specific vulnerability related issues and trends. Experience in supervising technical professionals. Effective project management experience preferably in a lead role. Experience leveraging both IT solutions and business process improvements.
Technical Skills: Possesses analytical skills, knowledgeable of information security systems architecture, awareness of new approaches and techniques in information security technology. Knowledgeable of and/or hands-on experience administering information security systems, including firewall, IDS, antivirus, web filtering, data loss prevention, and security events incident management skills required. Experience in identifying, analyzing, and responding to information security incidents.
Other Job Qualifications: Excellent oral and written communication, analytical and problem solving skills. Effective interpersonal skills and collaborative management style to include teamwork and team building ability. Effective conflict management, negotiating and problem solving skills.
Country: USA, State: Hawaii, City: Honolulu, Company: Bank of Hawaii.
Комментариев нет:
Отправить комментарий