Mohela is a not-for-profit student loan servicer with about 1.8 million borrowers, $38 billion worth loans in combined portfolios owned by federal government, special entities, and itself. We are a contracted servicer with the Department of Education. We currently have around 500 employees and we are conveniently headquartered in Chesterfield valley ,with an operation center in Columbia, Missouri, and an office in Washington, DC . We have been actively providing financial support and other support to Missouri's higher education programs in the past more than 30 years.
Mohela is looking for a passionate and skillful Security Analyst to protect our customers' confidential information.
Mohela offers competitive salary and a benefit package that includes paid personal and vacation time-off, insurances for medical, dental, life, short-term disability, 401K plan with dollar-for-dollar match up to 8% of salary, defined benefit pension plan, and tuition assistance.
General Statement of Duties:
Leads or assists in administration, maintenance, development and/or implementation of policies and procedures for ensuring the security and Leads or assists in administration, maintenance, development and/or implementation of policies and procedures for ensuring the security and integrity of all Information Systems and business functions. Performs regular operational security functions and plays key role in supporting security audit and ongoing compliance-related activities.
Essential Duties and Responsibilities:
1. Network Analysis & Vulnerability Management – Assists in maintaining network security policy, standards, processes, and procedures. Provide ongoing management of Information Security procedures, specifications, and diagrams for improving strategies and continued organizational enhancement. Performs regular vulnerability assessments, providing specific guidance to infrastructure personnel on exposures and remediation requirements.
2. Security Tools Administration – Maintain existing security tools, including, but not limited to Firewalls, Security Information and Event Management (SIEM), vulnerability scanning tools, e-mail gateways/spam filters, File Integrity Monitors (FIM), Identity and Access Management, and anti-virus/malware. Evaluate new products and strategies, and make recommendations for improvements where possible.
3. Security Audits – Provide coordination for performing security audits and creation of documentation and remediation plans. Document and report on existing controls to support internal and external audit activities.
4. System Logs – Perform system log monitoring and reporting. Monitor system logs and alerts and provide first level response in determining the severity of alerts and escalating them to management.
5. Risk Management – Facilitate risk assessments of functional areas to identify areas of risk and vulnerabilities, and to recommend alternative strategies.
6. Incident Response – Work as part of an Incident Response Team to respond to, assess, and remediate security incidents as needed..
7. Project Management – When assigned, serve as technical lead for small technical security projects. This includes communicating across technical organizations and creating discrete design, testing, and deployment plans.
8. Training - Develops security awareness by providing orientation, training, and on-going communication. Create documentation and provide training to different teams to enhance awareness of vulnerabilities and other security related issues in an effort to reducing those risks.
9. Documentation Maintenance – Provide ongoing support for maintaining security-related policy, plan, and procedure documentation.
This list of duties and responsibilities is not intended to be all-inclusive and can be expanded to include other duties or responsibilities that management deems necessary.
Education/Experience: Bachelor's degree in Computer Science, Information Security, or related field from a four year college or university required. 5+ years of combined IT and application, operating system, or database security work experience with a broad range of exposure to systems analysis, configuration, diagnostics and administration of computer systems. 3+ years of security related experience with various security tools or configuring security related hardware. Knowledge and understanding of regulatory compliance standards, particularly Federal Information Security Management Act (FISMA), including the NIST 800 series and Federal Information Processing Standards (FIPS) is highly desired.
Reasoning Ability: Working knowledge of documentation provided by technology vendors and commercial software products. Experience applying, supporting or creation of controls associated with Sarbanes-Oxley, SSAE-18, PCI or Federal Security standards. Familiarity and experience with interpreting state or federal requirements/regulations and providing specific guidance for integration into operational environment. Working knowledge of IT functions, specifically understanding system production structure/controls, change management and software development processes. Capable of identifying management, IT system, and operational issues and trends and developing solutions including creating materials, documentation, systems, processes/procedures, and policies.
Computer Skills: Familiarity and knowledge of current technology used within midsized enterprises, including infrastructure, commercial products, and intranet/Internet and SQL databases. Basic to mid-level systems administration or developmental capabilities in Windows and Linux environments.
Certificates and Licenses: CISSP or other relevant security certifications (CISA, GSEC, Security+, ) are highly desired.
We are an EEO/AA Employer. We do not discriminate in hiring on the basis of race, color, national origin, sex, gender identity, sexual orientation, religion, age, disability, protected veteran status, or any other characteristic protected by federal, state or local law
To build a diverse workforce, MOHELA encourages applications from individuals with disabilities, minorities and veterans.
In compliance with the American Disabilities Act Amendment Act (ADAA), if you have a disability and would like to request an accommodation in order to apply for a position with MOHELA, please call please call 636.733.3700 x3571, TDD 7-1-1
Job Type: Full-time
Pay: $75,000.00 - $85,000.00 per year
- IT security: 3 years (Preferred)