Information Security Analyst
Pleasanton, CA

Job Description

Overview

We're here to help people in communities throughout Northern California build financially healthy lives. We do this by being attentive and partnering with our members to understand what is financially best for them. We thrive on change, and we put people first. If you're looking to use your skills and knowledge to make a difference in the lives of others, we look forward to hearing from you.

About Patelco Credit Union

Patelco is a not-for-profit credit union, serving the financial needs and aspirations of more than 300,000 members. What we earn, we return to our members in savings from lower loan rates, fewer fees, and personalized service that focuses on transparency, simplicity, and trust. Our mission remains the same as when we started in 1936, to provide products, services, education and expertise that will empower our members to rise up and achieve financial freedom.

The Opportunity

We seek to hire an Information Security Analyst that will be responsible for supporting computer network defense, to include auditing the network for vulnerabilities, identifying relevant threats, recommending corrective actions, developing solutions for security issues, and investigating security incidents and breaches.

Responsibilities

* Conducts network monitoring and intrusion detection analysis using various Computer Network Defense (CND) tools, such as Intrusion Detection/Prevention Systems (IDS/IPS), Firewalls, SIEM, NAC, Vulnerability Management tools, and Host Based Security System (HBSS), etc.
* Correlates network activity across networks to identify trends of unauthorized use
* Reviews alerts and data from sensors and documents formal, technical incident reports
* Researches emerging threats and vulnerabilities to aid in the identification of network incidents
* Analyzes data from threat and vulnerability feeds and analyzes data for applicability to the organization
* Identifies and resolves false positive findings in assessment results
* Performs compensating controls analysis and validates efficacy of existing controls
* Generates reports on assessment findings and summarizes to facilitate remediation tasks
* Provides network subscribers with incident response support, including mitigating actions to contain activity and facilitating forensics analysis when necessary
* Tests new computers, software, switch hardware and routers before implementation to ensure Security
* Supports the creation of business continuity/disaster recovery plans, to include conducting disaster recovery tests, publishing test results, and making changes necessary to address deficiencies
* Makes real-time decisions about incidents as they occur
* Recommends improvements to the Information Security Program to the Information Security Officer
* Plans, develops, and executes vulnerability scans of organization information systems
* Ensures compliance with all applicable configuration standards
* Manages enterprise vulnerability assessment and configuration assessment tools
* Recommends security controls and/or corrective actions for mitigating technical and business risk
* Produces vulnerability, configuration, and coverage metrics and reporting to demonstrate assessment coverage and remediation effectiveness

Qualifications

* BS in Computer Science, Information Security, or a related field is highly desirable
* 3+ years of work experience in information security, especially in a network security analyst role
* 3+ years of past experience in a role on a Computer Incident Response Team (CIRT), Computer Emergency Response Team (CERT), Computer Security Incident Response Center (CSIRC) or a Security Operations Center (SOC) is highly desirable
* Security +, CEH, or SANS GIAC certifications are preferred

Competencies Required

* Technical expertise in analyzing threat event data, evaluating malicious activity, documenting unusual files and data, and identifying tactics, techniques and procedures used by attackers
* Technical expertise in system security vulnerabilities and remediation techniques, network and web-related protocols (e.g., TCP/IP, UDP, IPSEC, HTTP, etc.)
* Technical expertise in security engineering, system and network security, authentication and security protocols, cryptography, and application security
* Strong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate one
* An ability to effectively influence others to modify their opinions, plans, or behaviors
* An understanding of business needs and commitment to delivering high-quality, prompt, and efficient service to the business
* An understanding of organizational mission, values, and goals and consistent application of this knowledge

Physical Activities/Requirements

* Position is based in our Pleasanton Headquarters.

Patelco Credit Union is an EO Employer - M/ F/ Veteran/ Disability

IND123