Info Security Analyst I/II

Description

$1000 Signing Bonus effective 1/20/2024

Note: All full-time positions include the option of $0 out-of-pocket premium cost for Employee Only PPO AND exceptionally low premiums for all other PPO coverage levels.

HOURS FOR POSITION: Monday -Friday 8:00am-4:30pm

Hiring Range - $34.94/hr - $43.67/hr

SUMMARY OF POSITION:

Depending on the competency level, the Information Security Analyst is responsible for the execution of security operations tasks which include incident detection and response, enterprise vulnerability management, identity and access management, and administration of security infrastructure and applications. As a member of Information Security team, the Information Security Analyst monitors and analyzes the output from security monitoring and scanning devices and takes or recommends actions for the detection and remediation of system compromises. Conducts proactive computer network defense operations based on established procedures, and ensures compliance with TFCU security policies, technical standards, and industry best practices. The Analyst acts as a system administrator to various security applications and systems and provides guidance to IT systems engineers and administrators to implement corrective actions to mitigate risk, and is responsible for security event monitoring of the networks and systems. The Analyst will perform appropriate Tier I/II response based on the Analyst level and conduct investigations using established procedures and escalate incidents that cannot be resolved to a senior team member or department manager. The Analyst will work within a Security Information and Event Tracking platform to identify anomalies, malware, exploit attempts and other attacks on TFCU’s network infrastructure and data.

PRINCIPAL ACCOUNTABILITIES AND FUNCTIONS: to be supplemented by specific Competency Summary for Levels I and II

• Reviews security events from various systems to analyze for potential threats to the organization.

• Responds to security incidents and escalates resolution, if needed.

• Conducts security audits and assessments on system and application configuration.

• Analyzes detected vulnerabilities and generates remediation plans to reduce risk.

• Conducts audits and/or in some cases administers identity management and access controls

• Supports and conducts periodic audits and compliance reviews to identify systems and risks that pose potential risks.

• Ensures authorized access by investigating improper access, reporting violations, and monitoring information and new programming requests.

• Maintains appropriate documentation, procedures and working instructions to enable efficient problem resolution.

• Acts as a system administrator to various security applications and systems which include: enterprise vulnerability management, Security Information and Event Management (SIEM), Intrusion Prevention Detection System (IPS/IDS), Next-Gen Antivirus/Endpoint Detection and Response (EDR), Data Loss Prevention (DLP), Privileged Access Management, Mobile Device Management (MDM), Application Whitelisting, SSL Inspection, and Email and Web Security

• Conducts security awareness activities including the development, implementation and management of mock-phishing campaigns.

• Analyzes for security risks to ensure regulatory compliance. Develop and implement corrective actions as needed. Provides recommendations to management regarding system and/or network upgrades that will improve network security, efficiency, stability and performance.

• Participates in the continual development of the department’s Disaster Recovery strategy to recover business processes and systems.

• Assist in the development and design of security reports provided to management and various committees on a regular or as-needed basis.

• Maintains and expands current job knowledge demonstrated by retaining required certifications and successfully participating in educational and relevant training opportunities.

• Performs related duties as assigned.

REQUIRED QUALIFICATIONS: Competencies Chart must be included-used for levels I, II employment and career progression criteria.

Level I – AA in the field of Information/Cyber Security, Information Systems or a related field, or current entry-level Information Security certification (Security+, etc.) and at least two to three years directly related work experience required. Or, an equivalent combination of education and experience.

Level II – BS in the field of Information/Cyber Security, Information Systems or a related field, or relevant professional-level Information Security certification (such as GIAC, SSCP, or Cisco Security) or relevant professional-level Information Technology Certification (such as Microsoft MCSE/MCSA, VMware VCP, or Cisco CCNP) and at least three to five years progressively responsible and directly related work experience required. Or, an equivalent combination of education and experience.

Note: Must meet all required competencies within a specified timeframe in order to promote to the next level

COMPETENCIES:

• Demonstrated knowledge of networking, security infrastructure, principles, concepts and industry best practices.

• Knowledge and experience utilizing enterprise vulnerability management systems.

• Knowledge and experience managing endpoint security applications (including signature-based Antivirus, Next-Gen Antivirus, Endpoint Detection and Response (EDR), and application whitelisting).

• Knowledge and experience administering and analyzing output from log management system (SIEM).

• Knowledge and experience managing Data Loss Prevention (DLP) architecture.

• Knowledge and experience responding to security incidents at various severity levels.

• Knowledge and experience managing telecommunications and network security (including firewalls, intrusion detection/prevention, SSL inspection, VPN and email/web security applications).

• Knowledge and experience of operational security including identifying critical information, determining threats, vulnerability analysis, assessing risk, and implementation of countermeasures and controls.

• Knowledge and experience administering Microsoft Window desktop and Server operating system.

• Knowledge and experience administering Linux operating system and command-line interface.

• Knowledge and experience with implementation of Identity Management and Access Controls utilizing Microsoft’s Active Directory, Microsoft Windows Server and other stand-alone systems.

• Knowledge and experience in Business Continuity and Disaster Recovery including system recovery processes.

• Knowledge of common security frameworks including CIS Critical Security Controls (CSC) and NIST.

• Knowledge of network and server infrastructure including network devices, server and desktop virtualization platforms and Storage Area Networks (SAN).

• Knowledge of TCP/IP protocols and common applications.

• Knowledge of cryptography and encryption.

• Knowledge of physical and environmental security.

• Knowledge of security architecture and design.

• General knowledge of Risk Management, including evaluation of IT risk and controls.

• General knowledge of legal regulations and compliance (including FFIEC/NCUA and GLBA).

• Strong attention to detail.

• Ability to create and effectively present relevant and readable diagrams, graphs, charts and presentation materials, proposals, reports, business correspondence, and procedure manuals for a diverse audience.

• Ability to understand and analyze financial and operational data.

• Ability to read, analyze and interpret contracts, business periodicals, professional journals, government regulations.

• Ability to define problems, collect data, establish facts and draw valid conclusions.

• Ability to interpret a variety of instructions furnished in written, oral, diagram, or schedule form.

• Ability to initiate long and short term planning that supports credit union business plans, following through with successful implementation as authorized.

• Ability to develop action plans and organize workload, of self and others, to accommodate competing deadlines and projects.

• Ability to work effectively under stress and maintain approved work schedules.

• Ability to arrive at work routinely and promptly.

• Ability to motivate and influence others to take action.

• Ability to facilitate group discussion and gain consensus.

• Ability to maintain sensitive and confidential information.

• Ability to interact effectively and professionally with colleagues and managers.

• Has knowledge of and adheres to credit union policies and procedures and all regulations related to the Bank Secrecy Act, the USA PATRIOT Act and OFAC.

WORKING CONDITIONS:

• Ability to sit, stand and walk for extended periods and demonstrate sufficient dexterity and vision to operate a variety of office equipment.

• Ability to lift up to 15 lbs with or without assistance.

• Ability to work the hours needed which may extend beyond the defined work schedule when operating conditions dictate.

• Ability to work extended hours, including evenings and weekends as needed.

• Responsible for being available 24X7 via mobile and landline communications to support Information Security operations and emergencies.

• Must be willing to travel to remote worksites to include DR/BCP centers, branches, and vendor sites.

• Must be able to visually and physically check/inspect cabling beneath and/or behind objects such as desks, personal computers, printers, etc. This may include moving or lifting computer equipment from or to a desk, floor, or table.

• Must attain and retain Red Corridor security designation to retain position.

This position description is not necessarily all inclusive in terms of work detail.