Information Security Analyst

The Information Security Analyst supports the Information Security Program by designing, maintaining, reviewing, and supporting the implementation of Information Security systems. The Analyst identifies gaps, evaluates technical controls, and recommends corrective action for Information Technology systems. The Analyst also helps to identify issues in system design and recommends changes to Information Security systems that better safeguard member data. This role serves to support the confidentiality, integrity, and availability of credit union systems by actively participating in our business continuity program.

Also helps liaise with other IT team members and engineers to ensure system design protects member data and helps make recommendations on suggested improvements.

This position is open to a hybrid/remote work schedule.

Pay Range: $111,914 - $163,203

• Support the Security Information Event Management (SIEM) system to make sure it is performing optimally and support the ingestion of new data sources and reviews existing data sources.
• Evaluate vulnerabilities in our environment and ensures that they are both timely and appropriately remediating by providing feedback to action plans and proactively identifying potential technology risks.
• Support our end user web filtering systems to make sure that employee access is appropriately monitored and restricted.
• Conduct regular risk assessments for technology systems and processes to make sure systems are inline with the credit union’s risk appetite and business continuity policies.
• Support and usability of these systems.
• Responsible for the monitoring and alters of key Information Security alerts and notifications and ensures they are followed up on in a risk based fashion.
• Implement Network Access Controls (NAC) according to security policy and monitor the performance and effectiveness of the system.
• Maintain the Next-Generation Anti-Virus software to ensure operational effectiveness of the tool. Assists in investigations and remediation’s where appropriate.
• Implement and support the tuning of Information Security systems to better protect Information Security Systems and documents findings and recommendations in memo format.
• Work with Information Technology staff to review project design for security effectiveness of new project efforts.
• Review Firewall and Intrusion Detection Systems and help implement changes to ensure our standards are being met.
• Manage the technical effectiveness of our Single‑Sign On solution and other privileged management tool including the support of new integrations.
• Help test and develop hardening standards based upon relevant industry standard templates across all devices with access to credit union data.
• Review log sources to make sure they contain enough information to detect suspicious activity or access and assists in investigating suspicious activities.
• Implement and design solutions to effectively monitor and manage Change Control policy and standards.
• Work with project teams to communicate and provide Information Security design considerations associated with Information Technology and business projects.
• Review business continuity processes and and works with teams to test existing procedures and to help document any shortcomings of both documentation and design.

• Demonstrate support for the corporate mission, vision and values.
• Maintain a positive working relationship with department personnel, including management, supervisory and all other employees.
• Meet the current standards as established for the department in the completion of all assigned duties.
• Responsible for abiding and complying with the policy for compliance with the Bank Secrecy Act and anti-money laundering laws and regulations (BSA/AML) and the policy for compliance with office of foreign assets control laws and regulations (OFAC).
• Responsible for department’s participation in every aspect of the Record Retention program. This includes the creation, identification, use, storage, and destruction in accordance with the policy.
• Perform other duties as assigned.

• Bachelor’s or Master’s degree in related…