Principal Security Analyst

REPORTS TO: MANAGER – INFORMATION SECURITY STATUS: EXEMPT JOB CODE: 4321 PAY SCALE: $94,000.00 - $98,006.00 annually GENERAL DESCRIPTION: The Security Analyst focuses on ensuring sound implementation of systems and processes aimed at effectively securing Golden 1’s information, infrastructure and member non-public financial data. It involves overseeing intrusion monitoring, assessing and mitigating any detected threats, recommending and establishing related policies and procedures, as approved. As the subject matter expert, provides internal security consultancy, as well as analyzes, supports and assists resolve system security issues and concerns to Golden 1 internal and external business environments, and others.TASKS, DUTIES, FUNCTIONS:• Conduct ongoing vulnerability management activities and access potential threats. Escalate any immediate and severe issues accordingly to the attention of the Manager – Information Security and appropriate reporting to senior leadership.• Coordinate and lead technology staff in the identification and remediation of system vulnerabilities across the computing environment.• Provide consultative support as a security subject matter expert on Golden 1 projects and initiatives.• Define and evaluate functional requirements and specifications of security systems for both internal and external business environments.• Work in conjunction with IT to ensure appropriate procedures and processes are in place and effective in the detection and prevention of system intrusions as well as in establishing and managing a functional anti-virus/malware/DLP policy.• Monitor, measure, test and report on the effectiveness and efficiency of information security controls as well as compliance with information security policies and procedures.• Administration of the following systems: IDS/IPS, Firewalls, email gateway, certificate issuance, URL filter, network management and identity access control.• Regularly review IDS/IPS/HIDS/SIEM rules, wireless rogue access point detection configuration and procedures and practices to ensure optimal effectiveness of security in the business environment.• Regularly review firewall, VPN, and web content filtering configuration and rules to ensure optimal efficiency and adherence to information security standards.• Keep management updated on outstanding issues that are not resolved in a timely manner in accordance with established escalation procedures.• Work with internal and external auditors during examinations providing support and assistance in addressing audit recommendations.• Maintain a thorough understanding of state and federal laws and regulations related to credit union compliance including bank secrecy and anti-money laundering laws appropriate to the position.• Perform other job-related duties as necessary.PHYSICAL SKILLS, ABILITIES, AND EXERTION UTILIZED IN THE PERFORMANCE OF THESE TASKS:• Effective oral and written communication skills required with a focus on troubleshooting and error identification.• Must possess sufficient manual dexterity to skillfully operate applicable computer hardware, a variety of hand tools and standard office equipment.ORGANIZATIONAL CONTACTS & RELATIONSHIPS:• INTERNAL: All levels of staff and management• EXTERNAL: Vendors, service providers, organizational groups, and other financial institutions as needed.QUALIFICATIONS:• EDUCATION: Bachelors of Science in Computer Science, Management Information Systems, Information Security Information Assurance or equivalent work experience.• EXPERIENCE:• Minimum of 5 years or more hands-on experience in the management, configuration, administration, installation, and evaluation of network (Cisco desired) or operating systems software (Microsoft, Linux desired), hardware and applications.• At least 2 years’ experience in organizational information security, information assurance or providing security consulting services.• Demonstrates working knowledge of Firewalls and Intrusion Detection/Prevention systems.• Demonstrates working knowledge of information security principles, objectives, and security system standards including but not limited to: network topology threats, vulnerabilities, segmentation, filtering, tunneling, authenticating, access control, cryptography, system and network hardening.• Demonstrates working knowledge of risk assessment methodologies, VoIP and mobile device.• Demonstrates working knowledge of business, network systems, hardware concepts, and applications including: DNS, LDAP, virtualization, Database design/hardening, E-mail/secure messaging, Data Loss Prevention, and end point protection.• Strong sense of ethics, integrity, and professionalism.• Demonstrates the ability to articulate methodologies and concepts; communicate effectively in providing technical guidance and expertise to management and other staff.• CERTIFICATIONS:• Possession of a valid California Driver’s License is required.• One of the following security certifications: CEH, Security +, SSCP, SANS GIAC, or GCIH.• One of the following technical certifications: MCP, CCNA, or equivalent.PHYSICAL REQUIREMENTS:• Prolonged sitting throughout the workday to accomplish tasks.• Availability for emergency and on-call duty 24 hours a day, 7 days a week, as needed.• Occasional travel may be required.• Lift and carry communications equipment and computer hardware weighing up to fifty pounds.• Corrected vision in the normal range required to configure, test, and troubleshoot network server hardware and data.• Hearing within normal range.• Must possess sufficient manual dexterity to skillfully operate applicable computer hardware, a variety of hand tools and standard office equipment.• May work additional work hours to accomplish tasks.LICENSES/CERTIFICATIONS:• Possession of a valid California Driver’s License is required.THIS JOB DESCRIPTION IN NO WAY STATES OR IMPLIES THAT THESE ARE THE ONLY DUTIES TO BE PERFORMED BY THIS EMPLOYEE. HE OR SHE WILL BE REQUIRED TO FOLLOW OTHER INSTRUCTIONS AND TO PERFORM OTHER DUTIES REQUESTED BY HIS OR HER SUPERVISOR THAT ARE WITHIN HIS / HER KNOWLEDGE, SKILL AND ABILITY AS WELL AS HIS / HER MENTAL AND PHYSICAL ABILITIES.#J-18808-Ljbffr