Responsible for designing information security programs, monitoring and responding to security events and incidents. Assist reviews of security hardening in system hardware and software. Review and assess security configurations for network, server, security appliance and service architecture. Perform day-to-day tasks including but not limited to SIEM tickets, vulnerability scanning, Anti-Virus, URL Filtering and cyber hygiene.
Information Security Daily Operations:
· Investigate and analyze security events with our MDR and SIEM for unusual or suspicious activity, interpret, and make recommendations for resolution of security incidents.
· Perform on-demand vulnerability scanning with internal teams to remediate vulnerability findings and deliver through a VMS cycle. Assist configuring and fine-tuning vulnerability detection.
· Generate performance and status metrics.
· Security effectiveness testing: work with internal teams to implement new standards across the organization as required. Measure, track and report the security risk, vulnerability, and remediation status.
· Investigate and analyze email related security issues, including spam, phishing, malicious attachment, impersonation, etc. and prepare summary of investigation report.
· Respond to end point security alerts in a timely manner.
· Participate in periodic firewall reviews.
· Work closely with internal teams and service providers to ensure new applications, systems, and functionalities meet the organization's security requirements. Participate in the development, implementation, and maintenance of the Information Security Awareness program and influence.
· Maintain documentation and create or update technology operational procedures for information security related programs and incident runbooks.
· Monitor and research cyber threats and Trends.
· Occasionally respond to alerts or planned maintenance outside regularly scheduled hours. Perform other duties as assigned.
- 3 + years of applicable information security work experience to include any or all of the following: General hands-on knowledge of firewalls, intrusion detection systems, endpoint protection (EDR/XDR Solution), anti-virus software, data encryption, DLP, NAC, SIEM, Email Security and other industry-standard techniques and practices
- 3+ years of experience and proficiency with Incident Response and Handling, malware analysis and proper handling (Sandbox, Quarantine, Remediation, etc.)
- Experience with Windows Active Directory, Windows Server and Linux OS hardening.
- 2+ years of experience of vulnerability scanning, penetration testing, network security, and the techniques used to expose and correct security flaws.
- 2+ years of experience with regulatory compliance (i.e., PCI, GLBA, SOX)
- Knowledge of the information security principles, best practices, and methods of administering information systems, including systems analysis, design, construction, monitoring, maintenance, testing, documentation, training, and production support
- Knowledge of Office365 system and security administration
· Bachelor's degree in an IT related discipline or the equivalent combination of education and experience.
· Preferred industry certifications include: Security+, SANS certifications, CISSP, ISACA, CISA, and or PCI-DSS.
- Humility, empathy (Heart), hunger to learn, honesty, integrity, and confidentiality are always required.
- Strong verbal, writing, and listening skills; ability to communicate effectively to all levels of the organization. Strong customer service skills with a willingness to assist others.
- Willingness to learn and embrace new technologies and security practices.
- Ability to provide guidance, mentoring, and instruction to others.
- Strong speaking, writing, and listening skills.
- Ability to work and travel independently.
- Experience working in an office environment and navigating collaboration tools such as Microsoft Teams, and Outlook scheduling assistant.
- Ability to manage multiple work-streams, including emergency support tasks, and communicate roadblocks or concerns for maintaining progress on scheduled projects and tasks.
- Ability to work well in a dynamic and changing environment and adapt quickly to new conditions and priorities.
- Ability to recognize and define problems, research, and establish facts, communicate, and resolve issues and problems promptly.
- Proficiency with Microsoft Office Suite: Word, PowerPoint, Outlook, Excel, Visio.
- Superior critical thinking, troubleshooting, time / project management and problem-solving skills.
- A willingness and capability to work remotely or from an office as necessary.
- Adherence to relevant Financial Industry, Credit Union, and Cybersecurity/Data Privacy regulations, policies, and procedures to protect our members' data and our organizational reputation.