IT Controls

2 months ago


Lancaster, United States Founders Federal Credit Union Full time
Job DescriptionJob Description

Relax... Join our TeamFounders Federal Credit Union helps our members attain their financial goals. Our innovative services, convenient locations, and friendly employees are dedicated to our members and their financial future. Founders Federal Credit Union is strongly committed to providing the highest level of quality service to our members. We realize our outstanding, dedicated employees make it all happen.

We are seeking a talented and motivated individual to join our strong organization and growing team as an IT Controls & Compliance Analyst located at our Corporate Headquarters in Lancaster, SC. The IT Controls & Compliance Analyst is responsible for the Information Security, Identity and Access Management, Information Security Policies, Controls and Compliance, Legal, Regulations, Compliance and Cyber Security Investigations.

Position is located on site at our Corporate Headquarters in Lancaster, SC. Remote work is not available.


Job Summary:

The IT Controls & Compliance Analyst provides strong analytical and process leadership within the Information Security Office to ensure the security of applications, computer systems, servers and network connections that enable the business to meet its corporate goals and objectives. Collaborates with CIO and GRC team in designing, developing, implementing, supporting and maintaining security, security standards and security risk mitigation strategies. The IT Controls and Compliance Analyst will support and participate in the FIT, LLC offerings.


Job Duties:

  • Validate and process workflows relating to IT General Controls.
  • Sustaining compliance and control processes while applying knowledge of the industry security and controls frameworks and experience to improve assessment processes.
  • Document and develop system incident response and recovery standards.
  • Participate as an Incident Response team member and ensure the team follows the security strategy, policies and procedures to properly respond to an information security incident.
  • Participate in information security and IT Framework organizations including but not limited to ISACA, Infragard and FSISAC.
  • Identify and monitor daily alerts and system review information for notification and tracking purposes.
  • Validate and monitor technical hardening and controls are being followed.
  • Monitor environment daily for malicious behavior or system anomalies utilizing a variety of security tools and take appropriate remediation action.
  • Participate in departmental project implementations and develop System Development Life Cycle processes.
  • Formalize the process methodologies and standards, and act as the primary advocate in communicating the process to all users and stakeholders, as well as owning the continuous process improvement of the security specialty process.
  • Validate procedures and controls to ensure compliance in IT systems and processes. Including but not limited to system access and patch management.
  • Oversee risk analysis and assessments for system upgrades and new implementations.
  • Work with Internal Audit and Enterprise Risk Management to track and remediate new and outstanding security-related issues.
  • Validate BCP objectives for IT department and newly implemented products.
  • Assist with Information Technology Risk Assessments and Vender Due Diligence review.
  • Ensure production change requests receive IT quality and compliance review.
  • Participate in FIT engagements as necessary to meet Client’s objectives.
  • Comply with Founders’ policies and procedures, as well applicable laws, regulations, and statutes issued by federal agencies such as NCUA and FFIEC, including, but not limited to, GLBA and BSA. Employees have legal and regulatory obligations to respect and protect the privacy of information and its integrity and confidentiality.


Job Specifications:

The Information Technology Controls & Compliance Analyst should demonstrate the ability to analyze, research, and resolve questions and possess the ability to learn quickly and adjust to technology changes. The ideal candidate will have the following skills & qualifications:

  • A minimum of five years’ work experience with IT Systems, back office processes and/or controls is required. An advanced degree in Computer Science or Information Systems is preferred.
  • ISACA Certified Information System Auditor or ISACA Certified Risk and Information System Control certification must be attained within 2 years of hire date.
  • Detail oriented and possess excellent oral and written communication skills.
  • Demonstrate the ability to analyze, research, resolve questions and/or concerns, and possess the ability to learn quickly and adjust to technology changes.
  • Communicate clearly, diplomatically and effectively at all levels of the organization and to audiences with varying degrees of process and technical knowledge.
  • Ability to understand and explain technical details and information to technical and non-technical audiences is required.
  • Ability to collaborate with cross functional teams.
  • Proficiency in system management and back-office processes is preferred.
  • Ability to operate with a high degree of independence in task and project management activities.
  • Must be a self-starter with the ability to manage multiple work assignments and priorities with urgent deadlines, maintain excellent service delivery, while working with a fast-paced team.
  • Lifting of equipment up to 50 pounds may be required during hardware inventory and sanitization process.

Due to the nature of project deadlines and system update requirements, evening and weekend work will be required based on department needs.

Due to the critical nature of data security, each employee has the responsibility to protect company data. Employees have legal and regulatory obligations to respect and protect the privacy of information and its integrity and confidentiality. Guidance is contained in the company information security policies. Violations of policy may result in disciplinary action, up to and including termination.

Adhere to the principle of least privilege to reduce the risk of unauthorized access to critical systems or sensitive data by maintaining account permissions to accounts, processes and programs only required to do the job assigned.

Follow the asset management lifecycle process and procedures to support the efforts in maintaining an accurate and efficient configuration management inventory.

Maintain a knowledge and understanding of the roles and responsibilities of the Incident Response teams defined in the Incident Response Plan.

Benefits:

The IT Controls & Compliance Analyst, an hourly paid position, will receive competitive compensation and benefits.

Benefits provided include the following:

  • Paid Holidays
  • Paid Time Off
  • Family-oriented culture that values work/life balance
  • Retirement Plan (401k with employer contributions + Pension Plan fully funded by FFCU)
  • Comprehensive Health and Dental Insurance
  • Life and Accidental Death & Dismemberment Insurance (at no cost to employee)
  • Voluntary Supplemental Life Insurance coverage for employee, spouse, and children
  • Health Care and Dependent Care Flexible spending accounts
  • Long Term Care Plan
  • Short-Term and Long-Term Disability Insurance
  • Tuition reimbursement to assist with furthering education
  • Certifications - Assistance with achieving and maintaining
  • Fit Founders Wellness Program

A pre-employment criminal background check, drug screen, consumer credit investigation, and previous employer reference check will be required.

EOE

#FoundersFCU

#ZR