Sr. Information Security Analyst

About The Position

Requirements

• Bachelor’s degree required in Information Security, Computer Science, or related field.
• A minimum of 3-5 years of related experience in Information security functions.
• Information security certifications Security+ or equivalent.
• Experience with industry affiliations such as Information Systems Audit Control Association (ISACA), Information Systems Security Association (ISSA), Financial Service-Information Sharing and Analysis Center (FS-ISAC).
• Proven experience in Project Management.
• Knowledge of managing security and technology controls.
• Skill with building and executing Information security programs.
• Experience with security incident response process and program.
• Know-how to perform risk analysis activities.
• Advanced problem-solving skills in detecting errors, system problems, and transforming functional requirements into technical solutions.
• Excellent analytical, detail, communication, presentation and interpersonal skills.
• High attention to detail.
• Ability to receive and maintain confidential information.
• Ability to work independently under minimal supervision.

Responsibilities

• Serving as a Project Manager for risk assessments, pen tests, new security tool implementations and recommendations/findings remediation.
• Supervising external consultants or vendors performing security audits and technical assessments.
• Compiling detailed management reports and presentations to translate technical risks into business-level insights for senior leadership.
• Administer and maintain cybersecurity training for all staff, educating employees on phishing, social engineering tactics, and acceptable use policies to mitigate insider threats.
• Assist with implementing and maintaining Information security program deliverables.
• Assist with directing the program components for Information security incident response plan activity.
• Perform regulatory compliance support and analysis activity in meeting National Credit Union Administration (NCUA) and Federal Financial Institutions Examination Council (FFIEC) regulatory compliance obligations.
• Actively participate in third party IT audits, IT Reviews, and IT risk assessments.
• Assist with annual updates and maintenance of the Business Continuity Plans and BIA.
• Assist with the annual Vendor reviews.
• Support Business Leaders in performing IT security risk assessments for technology and vendors.
• Assist in managing the development and maintenance of SAG-AFTRA FCU’s information security program.
• Participate in ongoing assessments to periodically re-evaluate security of SAG-AFTRA FCU’s systems, foreseeable risks, and mitigation strategies.
• Notify the appropriate personnel of any suspected incidents in a timely manner and assist in the investigation of incidents as necessary.
• Report directly to the CIO on status of IT related audit remediation items and matters involving IT Audits, assessments, and findings.
• Provide support for security reviews of new and existing systems.
• Collaborate with IT and Business units on annual IT risk assessments and remediation.
• Recommend specific improvements to security and internal controls and follow up on all recommendations.
• Coordinate with internal and external vendors to conduct periodic vulnerability scans and penetration tests.
• Work with IT staff to remediate any discovered issues and report progress to the CIO.
• Assist as a liaison between Gladiator and SAFCU, participating in quarterly services reviews, reviewing incidents opened by Gladiator, and reviewing Gladiator reports.
• Other duties as assigned by management.

Benefits

• Competitive pay
• Subsidized health care including medical, dental and vision
• FSA and HSA
• Company paid Life insurance
• Vacation and Sick time
• Holidays
• 401K Retirement Savings Plan