Information Security Analyst

The Information Security Analyst supports the Information Security Program by designing, maintaining, reviewing, and supporting the implementation of Information Security systems. The Analyst identifies gaps, evaluates technical controls, and recommends corrective action for Information Technology systems. The Analyst also helps to identify issues in system design and recommends changes to Information Security systems that better safe-guard member data. This role serves to support the confidentiality, integrity, and availability of credit union systems by actively participating in our business continuity program. Also helps liaise with other IT team members and engineers to ensure system design protects member data and helps make recommendations on suggested improvements.

This position is open to a hybrid/remote work schedule.

Pay Range: $111,914 - $163,203

ESSENTIAL JOB FUNCTIONS:

• Support the Security Information Event Management (SIEM) system to make sure it is performing optimally and support the ingestion of new data sources and reviews existing data sources.
• Evaluate vulnerabilities in our environment and ensures that they are both timely and appropriately remediating by providing feedback to action plans and proactively identifying potential technology risks.
• Support our end user web filtering systems to make sure that employee access is appropriately monitored and restricted.
• Conduct regular risk assessments for technology systems and processes to make sure systems are inline with the credit union’s risk appetite and business continuity policies.
• Support and usability of these systems.
• Responsible for the monitoring and alters of key Information Security alerts and notifications and ensures they are followed up on in a risk based fashion.
• Implement Network Access Controls (NAC)  according to  security policy and monitor the performance and effectiveness of the system.
• Maintain the Next-Generation Anti-Virus software to ensure operational effectiveness of the tool.  Assists in investigations and remediation’s where appropriate.
• Implement and support the tuning of Information Security systems to better protect Information Security Systems and documents findings and recommendations in memo format.
• Work with Information Technology staff to review project design for security effectiveness of new project efforts.
• Review Firewall and Intrusion Detection Systems and help implement changes to ensure our standards are being met.
• Manage the technical effectiveness of our Single-Sign On solution and other privileged management tool including the support of new integrations.
• Help test and develop hardening standards based upon relevant industry standard templates across all devices with access to credit union data.
• Review log sources to make sure they contain enough information to detect suspicious activity or access and assists in investigating suspicious activities.
• Implement and design solutions to effectively monitor and manage Change Control policy and standards.
• Work with project teams to communicate and provide Information Security design considerations associated with Information Technology and business projects.
• Review business continuity processes and  and works with teams to test existing procedures and to help document any shortcomings of both documentation and design.

ADDITIONAL RESPONSIBILITIES:

• Demonstrate support for the corporate mission, vision and values.
• Maintain a positive working relationship with department personnel, including management, supervisory and all other employees.  
• Meet the current standards as established for the department in the completion of all assigned duties.
• Responsible for abiding and complying with the policy for compliance with the Bank Secrecy Act and anti-money laundering laws and regulations (BSA/AML) and the policy for compliance with office of foreign assets control laws and regulations (OFAC).
• Responsible for department’s participation in every aspect of the Record Retention program. This includes the creation, identification, use, storage, and destruction in accordance with the policy.
• Perform other duties as assigned.

QUALIFICATIONS:

• Bachelor’s or Master’s degree in related field (Computer Science, Information Systems, and Information Security) or equivalent experience preferred. Job experience commensurate to educational equivalent will be considered.
• Minimum of four years of experience in Information Security required.
• Relevant security certifications such as GCIH, CISSP, OSCP, etc.
• Prior experience with SIEM tools such as LogRhythm, QRadar, or Splunk.
• Prior experience with Network Access Control (NAC) solutions such as ClearPass or CounterAct.
• Prior experience with Firewall technologies such as Cisco, Juniper, and Palo Alto devices.
• Knowledgeable about access management and identity management.
• Motivated to continue to learn technology and not adverse to self-learning new technologies as the situation dictates.
• Completion of or active pursuit of certification in Information Security.
• Must be available for a flexible work schedule including weekends, nights and holidays.

Only applicants who meet the minimum requirements for this position will be considered for an interview. This position is open until filled, however the job may be unposted early due to amount of applicants.

To be eligible for this position, applicants must be legally authorized to work in the United States without restriction.  Credit Union 1 does not provide visa sponsorship.

Please note: Credit Union 1 does not provide relocation assistance. If selected for an on-site position, candidates will be responsible for relocating to Alaska prior to the agreed upon start date at their own expense.

Thank you for your interest in this opportunity with Credit Union 1!

Background Screening Statement: Candidates selected for a position at Credit Union 1 will be subject to a criminal background check prior to their employment. An offer of employment may be rejected or terminated based on receipt of an unacceptable background screening. 

EEO Statement: Credit Union 1 provides equal employment opportunities to all employees and applicants for employment, prohibiting discrimination and harassment of any type without regard to race, color, religion, sex, age, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identify or expression, or any other characteristic protected by federal, state or local laws. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.

E-Verify Statement: Credit Union 1 participates in E-Verify and will provide the federal government with your form I-9 information to confirm that you are authorized to work in the U.S. If E-Verify cannot confirm that you are authorized to work, Credit Union 1 is required to give you written instructions and an opportunity to contact Department of Homeland Security (DHS) or Social Security Administration (SSA) so you can begin to resolve the issue before Credit Union 1 can take any action against you, including terminating your employment. Employers can only use E-Verify once you have accepted a job offer an completed the Form I-9. For more information on E-Verify, or if you believe that Credit Union 1 has violated its E-Verify responsibilities, please contact DHS at 888-897-7781 or dhs.gov/e-verify.com