Family Trust FCU logo

IT Security & Network Manager

Family Trust FCU
Full-time
On-site
Rock Hill, South Carolina, United States

Job Summary:


The IT Security and Network Manager is responsible for managing relationships with various high risk IT vendors related to network, firewall, and cybersecurity management. This role involves overseeing the Managed Detection Response (MDR) vendor, administering security systems, and providing support for the organization’s network and security infrastructure.


The position also includes responsibilities for system documentation, patch management, system hardening, and participation in security assessments and disaster recovery planning.


Key Responsibilities:


Vendor Management:


·        Manage relationships with IT vendors related to network, firewall, and cybersecurity management.


·        Serve as the primary contact for the vendor managing the corporate firewall, ensuring optimal configuration and security.  Responsible for the submission and management of requests for firewall changes.  Firewall changes must be approved by the VP of IT.


·        Oversee the Managed Detection Response (MDR) vendor to ensure they are operating with current and complete configuration information, collecting and analyzing security data, and generating regular reports and security alerts.


·        Take prompt action on alerts to investigate anomalies and abnormal behavior and communicate risks to the Information Systems Security Officer (ISSO).


·        Responsible for the approval of low risk change requests associated with network, firewall and cybersecurity vendors.


·        Perform annual vendor assessments and maintain records in the Vendor Management System.


Vulnerability Management:


·        Administer the Vulnerability Management system to ensure the discovery, management, and remediation of vulnerable assets across the enterprise.


·        Communicate vulnerability findings to the ISSO and assist in remediation efforts, providing guidance on criticality and necessary actions.


Security System Administration:


·        Administer Anti-virus, Anti-Malware, and Anti-SPAM and Anti-Phishing systems to ensure optimal detection and protection of corporate resources.


·        Develop and communicate status reports to the ISSO regarding these systems.


·        Manage, monitor, and report on the patch management system for Microsoft and third-party systems and applications.


·        Apply operating system updates, configuration changes, and performance tuning as required.


·        Manage the operation and maintenance of the Endpoint Protection systems, including anti-virus, malware, threat detection, and firewalls.


·        Develop and implement system hardening efforts for workstations, servers, and network and mobile devices.


Network and Security Infrastructure:


·        Provide support and oversight for the organization’s network and security infrastructure, including PCs, servers, and applications.


·        Participate in the planning, implementation, maintenance, and troubleshooting of network and system hardware and software during and after normal business hours.


Documentation and Reporting:


·        Create and maintain system and application documentation of environments, processes, and procedures, recommending and updating changes as needed.


·        Participate in annual IT assessments, penetration testing, and examination events with the VP of IT to provide information regarding the IT security posture and systems.


·        Work with assessors to review finding reports and enter these into the audit management system for tracking and remediation.


Compliance and Security Awareness:


·        Assist with employee security awareness training programs and educational efforts.


·        Ensure compliance with all applicable laws and regulations, including the Bank Secrecy Act, the Patriot Act, and the Office of Foreign Assets Control, as well as company policies.


Business Continuity and Disaster Recovery:


·        Participate in the Business Continuity and Disaster Recovery plans and execute tests to validate system recovery within prescribed guidelines.


General Requirements:


·        Direct and oversee significant projects, manage high risk vendors, and assist in preparing budgets related to IT systems.


Qualifications:


·        A bachelor’s degree in computer science, Information Systems or 5 years’ experience in cyber security and networking required.


·        Certifications such as Network+, CCNA, Security+, CEH, PenTest+, CISA, and VMware are highly desirable.


·        Proven experience in managing IT vendors, particularly in network and firewall security.


·        Strong knowledge of vulnerability management, system hardening, and endpoint protection.


·        Excellent communication skills, with the ability to convey technical information to non-technical stakeholders.


·        Ability to work outside normal business hours as needed.


Preferred Skills:


·        Strong problem-solving skills and the ability to handle multiple tasks and projects simultaneously.


·        Familiarity with disaster recovery and business continuity planning.


·        Experience in creating and maintaining technical documentation.


·        Must be able to lift 50 lbs.