This job board retrieves part of its jobs from: Massachusetts Jobs | Tampa Jobs | California Jobs

Job Listings in Anaheim

To post a job, login or create an account |  Post a Job

  Jobs in Anaheim  

Bringing the best, highest paying job offers near you

previous arrow
next arrow

Information Security Architect

Wescom Central Credit Union

This is a Full-time position in Anaheim, CA posted April 1, 2021.

Information Security Architect-Wescom Credit UnionResponsible for designing, developing, operating, and managing an enterprise-wide security risk program, policies and standards, application security assessments, identity and access management, threat intelligence, vulnerability life-cycle management and remediation, evaluation of new security technologies, and contributes to security incident and event management. This position requires a technical leadership role in the information security program. This role will work closely with IT, Software Development, Enterprise Risk, and other business leaders to drive a security-minded culture and promote security best practices for the implementation of technology.ESSENTIAL POSITION FUNCTIONS:Design, develop, and drive the implementation of key information security programs such as Identity and Access Management, PCI Compliance, Threat Intelligence, Data Protection, and Incident ResponseProvide expertise for the organization and other team members on information security technical and non-technical solutionsParticipates in organization projects and acts as the subject matter expert (SME) for information security focused on secure design and protection of Wescom dataConduct and facilitate security reviews, threat modeling, and design reviews throughout the development lifecycleDevelops key performance indicators and key risk indicators for monitoring the effectiveness of security controls in the credit unionDefines minimum security baseline configurations for hardware and software following industry standardsDevelops monitor to measure compliance with the standardDevelop, implement, and maintain security and risk policies, standards, and procedures aligned with industry and PCI security complianceConduct third-party security assessments in support of Wescom’s Vendor Management ProgramIdentifies gaps in the environment through reviews, testing, and tabletop exercisesAct as a member of the incident response team by monitoring and responding to threats to the environmentEDUCATION, EXPERIENCE, SKILLS, AND ABILITIES:Bachelor’s Degree, HS Degree, or GEDThe relevant proven experience will be considered in place of a bachelor’s degreeCISSP and/or security certifications are strongly preferred5-7 Years of experience in a technology-related field, with a strong focus in performing Information Security or Risk Management related activitiesExperience in the Financial Sector is desired, but not requiredExperience designing, managing, and monitoring in one or more of the following areas: Identity and Access Management, Threat Intelligence, Data Loss Prevention, PCI ComplianceComprehensive understanding of regulations and frameworks including GLBA, FFIEC, NIST, PCI, and CISStrong interpersonal and negotiating skills. Ability to interface with all parts of the organization including executives, managers, and team membersStrong troubleshooting and analytical skillsExcellent written and verbal communication skillsProfessional image with a service-oriented approachAbility to influence change within the organization to support the implementation of new programs and initiativesAbility to conduct threat modeling, risk assessments, testing of controls, and designing of risk mitigation strategiesKnowledge of secure baseline configurations and how to implement and monitorKnowledge of secure application designAbility to perform penetration testing and vulnerability assessmentsKnowledge of network protocols, traffic log analysis, and network security architectureKnowledge and experience in managing web application firewalls, next-generation firewalls, IDS/IPS, content filtering solutions, and Network Access ControlAbility to audit firewall rules and make recommendations by best practicesKnowledge of applying secure configurations to hardware and softwareSkilled in configuring, deploying, and monitoring corporate security toolsFamiliarity with Incident Response processes and procedures.Ability to handle multiple tasks with attention to detail, and perform duties with minimal supervisionAbility to use discretion when handling confidential information.Self-motivated and frequently demonstrates initiative by going “above and beyond” performing what is required for the position