Security Engineer

Volunteer Corporate Credit Union•Nashville, TN

1d•Hybrid

About The Position

Responsible for the day-to-day operation of VolCorp's Information Security program, including assisting in designing, planning, implementing, and supporting security solutions across the enterprise, including networks, servers, communications, workstations, and cloud environments. This position plays a key role in maintaining the corporate's overall security posture and defending against security threats. The Security Engineer will work closely with the Information Technology, Software Development, Risk Management, Security, Compliance, and Internal Audit teams to ensure secure architecture design, monitoring and response, and vulnerability management meet the desired risk appetite set by the organization.

Requirements

Bachelor's Degree in area of specialty or equivalent years of directly related experience.
2 or more years of hands-on experience in information security, with exposure to security tools, practices, and frameworks.
Wide knowledge of computer security architectures and networking protocols.
Knowledge of administration of firewall, WAF, Intrusion Detection System, and VPNs technologies.
Knowledge with virtual environments (server virtualization and VDI).
Knowledge of Microsoft Operating systems (Windows Server and Desktop), M365, Azure, EntraID.
Knowledge of Endpoint Detection and Response, NGSIEM/SIEM platforms, and securing cloud implementations.
Working knowledge of information security frameworks – NIST CSF, CIS, PCI-DSS.
Knowledge of compliance and data privacy frameworks – GLBA, CCPA, GDPR, NIST.
Ability to produce accurate detailed systems documentation.
Effective interpersonal, verbal, and written communication skills.
Excellent time management skills with the ability to plan, prioritize, and manage multiple security related projects with daily tasks.
Self-motivated.

Nice To Haves

Palo Alto Network Firewall preferred

Responsibilities

Assist with internal security consultation for planning, implementing, and hardening of endpoints within the network.
Partner Security and IT teams with deploying, configuring, and maintaining network security tools and technologies – Firewalls, Web Application Firewalls (WAFs), IDS/IPS, Endpoint Detection and Response (EDR), SIEM/SOAR platforms, and virtual Security Operations Center (vSOC).
Monitor network infrastructure/systems for security threats, establish procedures for identifying and isolating threats, reducing threats/attack surface.
Assist with any security breach investigations, document the security incidents, assessing damage, root cause analysis, support for necessary breach notifications, and establishing chain of custody for forensics.
Assist with the performance of penetration testing, documentation of alerts during the test, and work with Security, IT Operations and Software Development to resolve gaps in security posture.
Assist with the design, planning, and implementation of security systems, network, applications, and cloud infrastructure to meet the information security program and board appetite.
Assist with defining security baselines, follow industry leading practices, compliance with regulatory and internal policy frameworks, such as NIST CSF.
Responsible for performing vulnerability scans, validation of vulnerabilities, and collaborating with IT Operations and Software Development on remediation efforts.
Assist IT Operations and Software Development regarding patch management programs by identifying gaps, providing guidance on mitigations, meeting established metrics for reporting, baseline hardening, and continuous development of security posture.
Perform threat hunting/modeling within our environment, documenting associated risk within the risk assessment, prioritize vulnerabilities and remediations based on impact to the corporate, exploitability and risk appetite.
Maintain contact with software vendors to research security products and discuss new applications.
Develop external contacts to form sound relationships with other (companies or individuals) in the information security field.
Maintains working knowledge of external threats as well as new emerging threats targeting the financial services industry.
Research and recommend security tools and technologies for annual budget to improve the corporates information security posture.
Acting as a liaison between end users, management, IT and Software Development staff on matters relating to information security and cybersecurity.
Collaborate with IT and Software Development teams to ensure secure deployment, configuration, and operation of applications and security tools across the environment.
Assist in post deployment support and troubleshooting efforts.
Perform other related duties as required.
Adhere to company and governmental policies and regulations including those related to Equal Employment Opportunity and Affirmative Action Plan compliance.

Benefits

Generous allotment of pro-rated vacation, discretionary and sick time to any part time employee who will work an average of 24 or more hours in a week.
11 holidays per year (Federal Reserve guidelines).
Medical
Dental
Life
Disability
Vision
Health Reimbursement Accounts
Health Savings Account
Flexible Spending Accounts
Company will make a 3% contribution to your 401K plan.
Company will make a 7% contribution to a Retirement Savings Fund Plan which is a combined total contribution of 10%.
The contribution takes place even if you choose to not personally contribute.
Roth or tax deferred investment options for personal contributions.
Paid time off provided to work with a local charitable organization.
$1,000 sign on bonus after completion of 60 days.