If you are motivated and believe in the credit union philosophy of "People Helping People," join our team!

Monitors and evaluates security incidents, system alerts, audit events, and other activity for potential threats against the Credit Union's networks and systems. Detects anomalies, malware infections, and intrusion attempts. Identifies, recommends, and executes appropriate mitigation tactics for identified threats. Ensures Information Security incidents are properly detected, documented, investigated, and resolved.

• Analyzes data from various operating systems, databases, and applications within the Credit Union. Sources and interprets data to search for threats proactively. Investigate SIEM/SOAR events as necessary; bring experience in malware analysis and network/endpoint security to respond to and resolve incidents.

• Supports the defense of the organization's information security and technological architecture through various operational and technical tasks. Ensures all cyber security monitoring systems are online, fully operational, and safeguarding compliance with security policies and standards.

• Maintains current knowledge about threat indicators, attack trends, cyber-intel, and news and reports from industry sources. Participates in the creation and maintenance of playbooks and incident response procedures. May answer inquiries or facilitate training on security threats for other associates in the workgroup and our end users.

Provides analytics and reporting that facilitates actionable cyber-intelligence within daily operations.

• Produces reports that document investigation and security incidents and the analysis results. Conveys information to the appropriate stakeholders, including internal and external business units.

Bachelor's Degree, two years of experience in Information Security, High School Diploma, or GED, and four years of experience in Information Security.

Additional Requirements:

• Experience with all aspects of Incident response, including stakeholder management.

• Familiar with several security tools and systems, including ES Splunk, Proofpoint, SentinialOne, and Remedy.

• Familiarity with MITRE ATT&CK and its application to countermeasure creation is a plus.
• Experience analyzing/dispositioning and escalating security events (systems, application, network, authentication email events)
• Experience translating threat actor techniques to building mitigations across various security technologies. This could take the form of AQL, SPL, or Regular Expressions.
• Ability to define security requirements and drive project deliverables.
• Ability to keep track of multiple incidents and ensure responses are provided in a timely fashion.
• This role requires participation in the after-hours on-call rotation. Rotations will cycle weekly.
• Desired certifications - Security+, CySA+, GCIH, GSEC, GIAC, CASP, CISSP, ITIL Foundations.

SECU provides equal employment opportunity to all qualified persons regardless of race, color, religion, age, sex, sexual orientation, gender identity, national origin, genetic information, disability, veteran status, or other classification protected by law.

Disclaimer

State Employees' Credit Union reserves the right to fill this role at a higher/lower level based on business need.