TITLE: Information Security Analyst I
DEPARTMENT: Information Systems
REPORTS TO: Director of Information Security
SUPERVISES: N/A
GENERAL SUMMARY
The Information Security Analyst I is a member of the information security team and will work under the supervision of the DIS. The role will focus on the day to day monitoring of the credit union's security tools and remediation of incidents and vulnerabilities. This position is knowledgeable in standards relating to networking and Internet technologies and maintains current knowledge on software and network vulnerability trends and methods of remediation.
ESSENTIAL FUNCTIONS
Primary functions will be in IDS alert monitoring, threat hunting and vulnerability research, false positive identification and remediation projects.
-
Assist in the day-to-day triage of various incidents, security alerts and events.
-
Analysis of monthly internal and external vulnerability assessments and annual penetration testing results. Assist in the remediation of findings of all tests.
-
Review new system designs and major modifications for security implications prior to implementation.
-
Assistin evaluation of new tools such as AV, malware, system monitoring, etc.
-
Maintains up-to-date knowledge of available and emerging network, security and computer technologies through professional reading, attending industry conferences, and professional development (training, education, and participation in professional associations).
-
Reviews advisories posted through CERT, NIPC (National Infrastructure Protection Center), Center for Internet Security, SANs and FBI and recommends appropriate security improvements.
-
Assist with topics and ideas to keep security awareness training for staff updated and current.
-
Maintain current knowledge of and compliance with all Credit Union policies and procedures, including compliance with the Bank Secrecy Act and all federal laws and regulations as set forth by the NCUA and other regulatory agencies.
Note: This list of essential functions is not exhaustive and subject to change upon notice. It may be supplemented as necessary.
ADDITIONAL FUNCTIONS
-
Attend periodic staff meetings to discuss areas of improvement, changes in procedures, and new developments or services related to achieving Credit Union strategic goals.
-
Assist in training sessions aimed at increasing staff member comprehension of the credit union internal network and related systems.
-
Attend educational courses, conferences, and seminars related to areas of responsibility.
JOB SPECIFICATIONS
-
Requires 3-5 years relevant work experience or equivalent education
-
Security related certifications are a plus but not required.
-
Experience with security software, disaster recovery, firewalls, network monitoring, etc.
-
Experience in various operating systems, Windows, Linux variants
-
Some programming experience in languages such as Python, PowerShell, etc.
-
Knowledge of software tools such as Wireshark, Tcpdump, Nmap, Zeek, Snort, Kibana.
-
Basic understanding of networking protocols such as TCP/IP, DNS, HTTP/s.
-
Ability to adapt quickly to rapidly changing technology.
-
Ability to translate technical terms for non-technical persons.
-
Excellent communications (written and oral), customer service and problem-solving skills. Must maintain a highly motivated and positive work attitude.
-
Experience working and leading technical teams.
-
Strong analysis and troubleshooting skills.
PHYSICAL REQUIREMENTS
Sitting = Continuous Crawling = Occasional
Standing = Frequent Climbing = Occasional
Walking = Frequent Balancing = Occasional
Driving an automobile = Occasional Reaching Overhead = Occasional
Lifting/Carrying = Occasional Reaching Forward = Occasional
Amount of Weight = 25-50 lbs. Kneeling = Occasional
Squatting = Occasional Push/Pull = Occasional
Bending = Occasional Twisting = Occasional
