Job Description
About The Role
Recommends appropriate security solutions, security enhancements, and purchases. Monitors emerging products, technologies, or best practices that will improve security for the organization and its stakeholders. Stays up-to-date on the latest threat intelligence, in order to anticipate and defend again new security threats. Provides leadership and mentoring to other IT staff members to promote high levels of security knowledge and awareness. Provides senior level expertise in maintaining enterprise firewalls, securing public cloud infrastructure, intrusion detection/prevention, SIEM, and other security operations systems. Analyzes, researches, and reports on attempted efforts to compromise security controls. This includes reporting and researching deviations from GBCI policy, standards, IT risk management initiatives, and best practices. Performs or participates in security audits, identifies security gaps, and develops and implements risk mitigation solutions. The ability to motivate or influence internal or external senior level professionals is a critical part of the job, requiring a significant level of influence and trust. Obtaining cooperation and agreement on important outcomes via frequently complex, senior level dialogues, as well as a professional level of written communication skills are essential to the position. The ability to analyze, report, and make recommendations on the security posture of acquired financial institutions is also a critical part of the job.
| Description | % of Time Spent | ||
|---|---|---|---|
| • |
Assists in the development and proposal of information technology strategy and design solutions to provide a secure environment with high levels of user adoption. Researches and provides recommendations on areas of information security, privacy technologies, and best practices. Provides a high level of engineering, consulting, and expertise to various project teams, including InfoSec peers, for enterprise architecture and security strategy.
|
30%
|
|
| • |
Researches and develops methods of moving from simple Network Security Monitoring to Continuous Security Monitoring approach. Develops monitoring and reporting capabilities of the deployed SIEM. Assists in network and system investigations in response to information security event notifications, and alerts in accordance to the GBCI Incident Response Plan. Serves on Hunt Team to actively look for evidence of post-exploitation activity Completes network packet analysis review according to department policies and procedures and develops methods to research and resolve SIEM offenses in a timely manner.
|
25%
|
|
| • |
Analyzes, researches, and conducts short and medium-range planning for new security hardware/software products. Responsible for proactively advising IT management of information security risks and best practices. Helps ensure Information Security portion of IT audits and exams meet or exceed satisfactory ratings.
|
25%
|
|
| • |
Participates in the creation, and maintenance of the enterprise’s IT security awareness training program.
|
10%
|
|
| • |
Assists management with the creation and maintenance of security operations procedures, risk assessments, and security policies in accordance to GBCI policies and/or industry best practices. Creates and maintains security architecture diagrams and system configuration documentation.
|
10%
|
|
| • |
Must comply with all company policies and procedures and all applicable laws and regulations, including but not limited to, the Bank Secrecy Act, the Patriot Act, and the Office of Foreign Assets Control. Must complete the assigned online training courses and achieve a passing score by due date.
|
|
About You
|
Qualifications
To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
Education
Experience
|
Would an equivalent combination of relevant education and work experience be considered?: Yes
| Required/Preferred | License/Certification | Description | |
|---|---|---|---|
|
Required within 3 months of hire
|
Multiple Certifications
|
A combination of multiples IT Security certifications that demonstrate a high level of technical and managerial IT security skills, one of which would be considered as "Advanced". Examples include: CISM, GIAC, CEH, CCNP, CSX-P, Network+, Security+, CASP+, and CISSP. |
| • |
Employee must be trustworthy and possess a significant level of credibility, discretion, and diplomacy.
|
|
| • |
Employee must be capable of interacting calmly and professionally with a variety of people from diverse backgrounds at various levels within and outside of the organization.
|
|
| • |
Employee must be a team player with a passion for customer service and a proven ability to build rapport and work effectively with employees at all levels of the organization.
|
|
| • |
Employee must be a self-starter with ability to take ownership and accountability of all roles and responsibilities with minimal supervision.
|
|
| • |
Ability to communicate effectively, verbally and in writing. Ability to understand and follow complex written and oral instructions.
|
|
| • |
Ability to assess, research and deploy new security technologies and secure frameworks into existing enterprise security controls.
|
|
| • |
Ability to serve as cybersecurity subject matter expert on project teams.
|
|
| • |
Able to translate security policies and procedures into technical architectures.
|
|
| • |
Ability to serve as a backup for other staff members in a mutually supportive team work environment.
|
|
| • |
Employee must be capable of regular, reliable, and timely attendance.
|
| Environment: |
Indoors, a climate-controlled shared work area.
|
|---|---|
| Noise Level: |
Minimal noise.
|
| Lifting: |
|
Close visual acuity to prepare and analyze data and figures, view a computer terminal, and read the computer screen, printed materials, and handwritten materials.
|
|
|
|
| Physical Activities | Frequency | |
|---|---|---|
|
Balancing: Maintaining body equilibrium to prevent falling and walking, standing or crouching on narrow, slippery, or erratically moving surfaces. |
Infrequent – rare.
|
|
|
Climbing: Ascending or descending ladders, stairs, scaffolding, ramps, poles and the like, using feet and legs and/or hands and arms. |
Infrequent – rare.
|
|
|
Crawling: Moving about on hands and knees or hands and feet. |
Infrequent – rare.
|
|
|
Crouching: Bending the body downward and forward by bending leg and spine. |
Infrequent – rare.
|
|
|
Feeling: Perceiving attributes of objects such as size and shape, temperature or texture by touching with skin, particularly that of the fingertips. |
Infrequent – rare.
|
|
|
Fingering: Picking, pinching, typing or otherwise working primarily with fingers rather than with the whole hand as in handling. |
Daily.
|
|
|
Grasping: Applying pressure to an object with the fingers and palm. |
Occasional – now and then.
|
|
|
Kneeling: Bending legs at knee to come to a rest on knee or knees. |
Occasional – now and then.
|
|
|
Lifting: Raising objects from a lower to a higher position or moving objects horizontally from position to position. |
Occasional – now and then.
|
|
|
Pushing: Using upper extremities to press against something with steady force in order to thrust forward, downward or outward. |
Infrequent – rare.
|
|
|
Pulling: Using upper extremities to exert force in order to draw, haul or tug objects in a sustained motion. |
Occasional – now and then.
|
|
|
Repetitive Motion: Making substantial movements (motions) of the wrists, hands, and/or fingers. |
Daily.
|
|
|
Stooping: Bending body downward and forward by bending spine at the waist. |
Infrequent – rare.
|
What We Offer
COMPENSATION & BENEFITS: Starting salary is dependent upon relevant experience and may vary based on the geographic location of the position. We offer an extensive benefits package that includes, but is not limited to medical, dental, vision, and life insurance, a health savings account option, an Employee Assistance Program (EAP), a health rewards program, a 401(k) retirement savings plan, discounts on banking products and services, and paid sick, holiday, and vacation time.
Glacier Bank is owned by Glacier Bancorp, Inc., a publically traded regional bank holding company headquartered in Kalispell, Montana. Glacier Bank offers a full range of financial products and services including Personal and Business Deposit Accounts, Retirement and Investment Products, Home Equity and Consumer Loans, Home Mortgages, and Business Loans.