Coordinate the formulation and definition of scope and objectives through research; fact-finding; and knowledge of business processes, technology, and industry requirements for information security. Lead the impetus and requirements for the information security design and operational specifications. Ensures that processes and information technology are aligned in order to make certain that there is system integrity. Coach and mentor less-experienced staff.
Lead the work with application business and IT owners to define and adjust application and data security guidelines and standards.
Coordinate the application development, infrastructure, and business units to implement security policies.
Perform security audits, risk assessments, and analysis. Make recommendations for enhancing systems security.
Analyze corporate environment to identify potential intrusion points, leaks, and breaches. Research attempted breaches in security and rectify security weaknesses.
Develop information security technical specifications as well as prepare test objectives in order to validate processes and system development and operations.
Provide additional information security assistance as required.
Lead the assessment of business units’ application and data security and authorization needs.
Coordinate the application development and infrastructure to implement security guidelines and standards.
Perform security audits, risk assessments, and analysis.
Make recommendations for enhancing systems security.
Investigate attempted breaches of security and identify security weaknesses.
Lead the formulation of security guidelines and procedures.
Coordinate security incident response activities.
· Six plus years’ experience in an Information Security Analyst role with working knowledge of information systems, business operations, requirements analysis, and integration/design solutions.
· Financial services industry experience preferred.
· Bachelor’s degree in related field (e.g., business, finance, or technical) or equivalent experience required.
· CISA, CISM, GSEC, CISSP, or other relevant GIAC certifications preferred.
Necessary Knowledge and Abilities:
· Knowledge of SDLC methodologies.
· Knowledge of ITIL and ITSM methodologies.
· Strong knowledge of Security Incident and Event Monitoring and management (SIEM).
· Strong knowledge of relevant government regulations and current information security trends.
· Strong knowledge of MS Office tools.
· Strong knowledge of perimeter security methodologies.
· Knowledge of physical and logical security standards.
· Skill in implementing and administering vulnerability scanning tools.
· Strong risk-assessment and measurement skills.
· Strategic thinking, planning, solution assessment, and validation skills.
· Strong collaboration, partnering, and teamwork skills.
· Strong communication, problem-solving, and systemic thinking skills.
· Ability to adapt.
· Ability to learn CM Group IT systems; methodologies and processes; and policies, products, etc., associated with the business.
· Ability to coach and mentor less-experienced staff.
Church Mutual is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran or disability status.
Church Mutual understands the unique challenges and needs of the customers we serve. We not only provide financial protection but also connect policyholders to a network of strategic partners not found with other carriers. Church Mutual began in 1897 and has enjoyed steady, stable growth for more than a century by providing worship centers of all denominations, schools, camps and senior living facilities with much more than an insurance policy. More than 1,000 employees across the country strive each day to help our customers prevent losses and to resolve claims as efficiently as possible so that our customers can return to their valuable work as quickly as possible. We call it, “Protecting the Greater Good.”™