| About Us Chevron Federal Credit Union (CFCU) is one of the largest and most financially sound credit unions in the United States, dedicated to providing great rates and personal service to members for more than 75 years. Headquartered in Oakland, California, the Credit Union operates branches in five states under two brands — CFCU and Spectrum Credit Union. CFCU offers competitive compensation packages, including incentive pay for all regularly scheduled employees, as well as an excellent benefits program which currently includes: 401(k) with a generous match and an annual employer contribution Paid Time Off (PTO) starting at a minimum of 18 days per year and growing to 38 days per year Paid sabbaticals Medical, dental, and vision insurance for employees and their dependents Short- and long-term disability insurance Life/AD&D insurance Flexible Spending Plan Tuition reimbursement after six months Four weeks paid sabbatical! If you are a reliable job candidate who subscribes to the Credit Union’s focus on teamwork, integrity, professionalism, and service orientation, please apply! Overview Responsible for preparing contingency plans for the organization’s systems, software, hardware, applications, processes and services. Responsible for ensuring the organization’s business resumption plans are up to date and adequately address the organization's needs. Responsible for technical security planning, testing, verification, and risk analysis in accordance with FFIEC, NCUA, and CFCU requirements. Assist in defining, deploying and monitoring risk management, compliance, and information security programs. Functions as primary IT disaster recovery coordinator. Responsibilities Documentation Authors and maintains the enterprise’s information security policies, standards, guidelines and procedures. Assists in documenting CFCU’s internal systems, including network architecture, security architecture and defense in depth. Security Monitoring Monitors the security of critical systems (e.g., e-mail servers, database servers, web servers, etc) and changes to highly sensitive computer security controls to ensure appropriate system administrative actions, investigate and report on noted irregularities. Regularly conducts network vulnerability assessments using tools to identify system vulnerabilities and develops remediation plans and assists with hardening procedures as appropriate. Conducts security control assessments, and/or risk assessments as required. Evaluates attack vectors and designs appropriate remediation strategies. Assists in organizational compliance with CFCU information security program. Manage the SIEM (Security Information and Event Management) infrastructure. Conducts routine Social Engineering tests and clean-desk audits. Disaster Recovery Collaborate with business units to determine business continuity requirements and strategy, and conduct Business Impact Analysis for vital business functions. Document recovery priorities of the key business processes, applications and data. Establishes disaster recovery testing methodologies. Plans and coordinates the testing of recovery support and business resumption procedures in different functional areas. Assures that recovery procedures are effective for the restoration of key corporate IT resources and for the resumption of critical systems. Ensures Sungard hardware and software inventory are updated quarterly. Coordinates/conducts routine tests of backup circuits and systems. Security Strategy Researches new developments in IT security and recommends new solutions. Works to continually develop, enhance and support organization’s IDS, IPS and security measures. Define, establish and manage Information Security Risk Metrics and report on effectiveness. Evaluate and design criteria for security initiatives for IT. Provides reports to supervisors regarding effectiveness of data security and make recommendations for the adoption of new procedures. Keeps abreast of evolving external and internal threats and proposes mitigation strategies. Lead the credit union’s IT infrastructure change management process, including hardware, systems, and release updates. Provide top-tier Windows XP/Windows 7/2k8/2k12 and/or *nix system administration as required. Stay abreast and maintain a working knowledge of frameworks and standards such as COBIT, ITIL, PCI-DSS, ISO 27001 Assist with after-hours system failures and emergencies. Within reason, maintain availability for such emergencies at all times except while on PTO via CFCU-issued PDA. Other duties as assigned. Qualifications To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. EDUCATION and EXPERIENCE: Bachelor's degree or equivalent in Computer Science or MIS from accredited four‑year college plus four years related experience and/or training, or equivalent combination of education and experience required. Master’s degree highly desirable. Knowledge and experience of MS Active Directory required. A strong understanding of MS Windows systems and networking required. A strong understanding of security architecture required. Knowledge of segmented, distributed architectures required. A strong understanding of firewalls and firewall management required. Some combination of CCNA/MCSE/CISSP/CISM certification desired. Knowledge of internal control frameworks such as COBIT, ITIL, NIST, and ISO 27001 desired. Knowledge of PIX/ASA a plus. Experience with VMware is a plus. LANGUAGE SKILLS: Ability to write clear, thorough, and accurate policies, procedures, and work instructions, using correct spelling and grammar. Ability to read and interpret information on systems and documents such as account information, written agreements, vendor contracts, and procedure manuals. Ability to write routine reports and correspondence, including email, using correct spelling and grammar. Ability to speak clearly, tactfully, and effectively to members, volunteers, and employees at all levels of organization. MATHEMATICAL SKILLS: Ability to add, subtract, multiply, and divide in all units of measure, using whole numbers, common fractions, and decimals. Ability to compute rates, ratios, and percentages and to produce and interpret graphs. COMPUTER SKILLS: Proficient in the use of basic applications in a Windows-based environment. Ability to effectively use all applicable banking and loan systems. Ability to effectively utilize Outlook and employee Intranet. Internet research skills. |
