Cyber Sercurity Analyst

POSITION SUMMARY

Using independent judgment, the Cyber Security Analyst will serve as a key player in a hands on role working with a cross-functional cybersecurity team. The Cyber Security Analyst is responsible for assisting in the effective administration of the credit union's Information Security Program, including but not limited to, endpoint protection, log analysis, cyber forensics, audit preparedness, standards, and procedural documentation. This position will administer and monitor security tools and assist with developing strategies to support the functional and security requirements of IT information Systems in support of Lighthouse Credit Union's business goals.

• Administers the endpoint detection and response (EDR) platform, ensuring all assets have up-to-date coverage, protection policies enabled, device restrictions in place, building workflows lerts and generating reports.
• Administers the file-share and content collaboration platform, provisions for user access, and ensures policy enforcement and data retention guidelines are followed. Reviews and disables inactive users. Documents data retention exception requests.
• Monitors and analyzes cybersecurity threats, vulnerabilities, and incidents for anomalies and threats, staying up to date with emerging threats and industry trends. Responds to and elevates according to the cybersecurity playbook.
• Responds to and investigates security alerts generated by a variety of systems including but not limited to; endpoint detection and response (EDR), network detection and response (NDR), data governance and compliance alerts, security information event monitoring (SIEM), active directory, dark web threat alerts, and email security. Provides management reports.
• Ensures endpoints have a suite of security tools installed. Coordinates efforts with IT staff to deploy to workstations aptops and servers. Tests client software to ensure there are no performance or latency issues. Documents exceptions and updates management.
• Researches threats to endpoints and creates work tickets for remediation.
• Participates in vetting and deployment of new cybersecurity technologies and projects that improve our organization’s cybersecurity maturity.
• Monitors, tests, and reports on the Information Security Program as necessary to ensure the confidentiality, integrity, and availability of Information and Systems.
• Assists in the administration of IT security policies, standards, and procedures by developing, standards, and procedures. Creates and maintains thorough documentation, as-built, system configurations, and playbooks.
• Gathers documentation for audits. Assists as needed with researching remediation for audit, exam, and vulnerability scan findings.
• Assists in identifying and delivering metrics that measure effectiveness, performance, and risk within the organization.
• Updates metrics and creates reports and presentations for management, committees, Boards, and other groups as needed.

• Strong understanding of cybersecurity principles, threat analysis, best practices, and emerging threats.
• Proficient in threat analysis tools and cybersecurity software with an emphasis on preventing IT based crimes, hacking, intentional or inadvertent modification, disclosure, or destruction to the credit union's information systems, IT assets, and intellectual property.
• Demonstrated knowledge of, testing, and implementing secure Operating Systems.
• Working knowledge of User Verification, Network and Web Application-based Vulnerability Scanning, End Point Protections, SIEM, PAM, Firewalls and IDS/IPS devices.
• Possess strong analytical, problem-solving skills, prioritization, and time management skills. Must analyze complicated factual situations and apply functional principles.
• Must be able to work independently and is self-motivated; proactively takes the initiative to accomplish necessary tasks and seize new and often challenging opportunities.

• Three to five years of similar or related experience in a Cybersecurity or IT related field.
• BS or BA in Cybersecurity, or Computer Sciences, or appropriate…