Cybersecurity Administrator
Job Description
About BFSFCU:
Bank-Fund Staff Federal Credit Union (BFSFCU) is a full-service financial cooperative that was organized and chartered in 1947 as a convenient place for employees of the World Bank Group and International Monetary Fund and their families to save and to obtain credit. Located in Washington, DC, BFSFCU maintains three full-service branches in downtown as well as a full-service Lending Center near Farragut West metro station.
Summary:
As a member of the IT Security Team the Systems Security Administrator primary focus is to identify, implement and enforce the remediation needed to improve the security posture of BFSFCU. Performs constant monitoring, detection, update and maintenance of tools for systems hardening and patching of software and firmware of systems across BFSFCU enterprise networks. Follows procedures and collaborates with other technical and non-technical staff across Business Units and within Systems group to minimize BFSFCU exposure to threats. The position also requires periodical works on shift and after hours as necessary for testing prior to implementation of changes in production.
Responsibilities:
Requirements
Minimum Qualifications or Knowledge, Skills and Abilities Required
Minimum Qualifications or Knowledge, Skills and Abilities Required
Certifications:
For internal purposes, this position is graded as NE-13
Bank-Fund Staff Federal Credit Union (BFSFCU) is a full-service financial cooperative that was organized and chartered in 1947 as a convenient place for employees of the World Bank Group and International Monetary Fund and their families to save and to obtain credit. Located in Washington, DC, BFSFCU maintains three full-service branches in downtown as well as a full-service Lending Center near Farragut West metro station.
Summary:
As a member of the IT Security Team the Systems Security Administrator primary focus is to identify, implement and enforce the remediation needed to improve the security posture of BFSFCU. Performs constant monitoring, detection, update and maintenance of tools for systems hardening and patching of software and firmware of systems across BFSFCU enterprise networks. Follows procedures and collaborates with other technical and non-technical staff across Business Units and within Systems group to minimize BFSFCU exposure to threats. The position also requires periodical works on shift and after hours as necessary for testing prior to implementation of changes in production.
Responsibilities:
- Administers security tools to ensure compliance with organizational policies and procedures as they pertain to systems hardening, software patching and fixes.
- Performs routine and ad-hoc maintenance of services and systems that facilitate the monitoring and enforcement of the Credit Union's collective information and data security-related policies.
- Ensures the successful, timely performance of all processes and procedures necessary to maintain the confidentiality, integrity and availability of information system assets and to protect systems from intentional or inadvertent access or destruction.
- Maintains a schedule of those activities that are to be performed on a regular basis and institutes a process to ensure the activities are accomplished on a timely basis. Documents monitoring activities/actions in a systematic format.
- On a continuing basis, researches, identifies, recommends and deploys solutions and data security applications that may strengthen or improve the overall security posture of the Credit Union.
- Keep abreast of new trends and the state of the security landscape. Adheres to popular bulletin boards and subscription to threat and vulnerability notification
- As appropriate, coordinates and/or assists in the application of security policies and procedures for servers, application systems, messaging systems, e-commerce services, firewalls, remote access, and networks.
- Coordinates with the Information Security Officer as needed to respond to reported or detected incidents of attempts to penetrate or compromise systems and/or services. Ensures proper written procedures are in place for incident response and escalation and ensures appropriate personnel are trained to use the procedures when responding to an incident.
- Monitors and maintains the integrity and accuracy of the routine maintenance schedule in database and performs routine updates to related tables and associated data.
- Monitors and measures performance vs. the established Operational Level Agreements ("OLA") and Service Level Agreements ("SLA") that serve as primary instruction guides for patching schedules with Systems support teams. Ensures timely resolution and/or diligent follow-up for prompt resolution of detected vulnerability
- Participates with technical staff in periodic tests of the Patches and Fixes deployment Plan. Documents in detail the processes that are necessary to re-establish compliance with security policies for systems and services that are rebuilt or restored at alternate facilities.
- Participates with technical staff in specifying and building hardened systems and planning for replication of proven process to provide tested systems standards
- Distributes prompt, accurate status information and feedback on problems to staff and management. Facilitates proactive communication with staff to ensure that service maintenance to remediate vulnerability are in line with OLA and SLA standards
- Writes and distributes documentation and reports to ensure the implementation of solutions and standard support practices are consistent with management's vision.
- Participate in annual Bank Secrecy Act (BSA) and Office of Foreign Assets Control (OFAC) training and demonstrate knowledge and understanding of the BSA and OFAC, including the immediate reporting of unusual or suspicious activity to the Risk Management Department. Undertake additional training specific to daily responsibilities and as required to ensure continued compliance with all applicable regulations.
- Ensures the Credit Union's safe harbor protections as allowed by the BSA. Understands that if confronted with knowledge of existence of a Suspicious Activity Report (SAR), an obligation exists to preserve the confidentiality of that SAR, as well as any information that may reveal the existence of a SAR. Maintains awareness of, and immediately reports to the Compliance Officer, any unauthorized disclosure of a SAR, or unauthorized disclosure of information related to a SAR. Understands that failure to do so is a violation of federal law and may lead to both civil and criminal penalties for SAR disclosure violations.
- Successfully participate in annual Information Security refresher training. Comply with the Information Security Policy, including the immediate reporting of unusual or suspicious activity to management and the Information Security Officer. Follow all procedures to protect company computers from viruses, and to maintain the security and confidentiality of Credit Union data.
- Produces reports to the CIO, IT Director, IT Security Manger and Information Security Officer on the effectiveness of the Hardening and Patching of Information Systems and Supporting the security policies and procedures.
- Provides on-the-job training to new Security staff members and cross-training with other member of the Security team.
- Participates in ad-hoc projects and undertakes other work-related duties as assigned by the Supervisor, Service Desk.
Requirements
Minimum Qualifications or Knowledge, Skills and Abilities Required
- B.S. Degree in technology field or an equivalent combination of education and experience.
Minimum Qualifications or Knowledge, Skills and Abilities Required
- Four to eight years of previous IT experience.
Certifications:
- CISSP - Certified Information Systems Security Professional desired
- GSEC - Security Essentials from SANS or
- GISF - Information Security Fundamentals
- GCIA - Certified Intrusion Analyst
- GCED - Certified Enterprise Defender
- GCDA - Certified Detection Analyst
- GCWN - Certified Windows Security Administrator
- A+ security
For internal purposes, this position is graded as NE-13
Date Posted
08/22/2022
Views
5
Positive
Subjectivity Score: 0.8
Similar Jobs
Regional Director Public Sector Sales DOW - Chainguard
Views in the last 30 days - 0
The job seeks a Regional Director with sales expertise and security clearance to lead public sector initiatives and build partnerships Responsibilitie...
View Details2025 Sensor Modeling and Simulation Analysis Engineer - The Aerospace Corporation
Views in the last 30 days - 0
The Aerospace Corporation is a trusted partner to the nations space programs providing technical expertise and innovative solutions across satellite l...
View DetailsManager, Customer Success - Bold Penguin
Views in the last 30 days - 0
Bold Penguin a leading digital solution platform for small commercial insurance is seeking a Manager of Customer Success The role involves leading a t...
View DetailsManager, Project Manager - Capital One
Views in the last 30 days - 0
Capital One a Fortune 500 company and one of the nations top 10 banks is seeking a Manager Project Manager The role involves leading critical and stra...
View DetailsPrincipal Project Manager, Commercial Bank - Capital One
Views in the last 30 days - 0
Capital One a Fortune 500 company and one of the nations top 10 banks is seeking a Principal Project Manager for its Commercial Bank The role involves...
View Details