Security Analyst

Pay Range:$86,600 - $108,300

Remote Eligible: Hybrid

We offer a pay-for-performance compensation program including bonuses for all employees and a competitive benefits package. See https://www.cuofco.org/careers for a high-level overview of our benefits package and bonus offerings.

General Purpose of the Position

This position reports to the Supervisor – Information Security, will primarily help in monitoring and reporting security related information and events to the credit union’s Information Security team. The Security Analyst is expected to help maintain an enterprise-wide information security framework applying best practices to protect member financial information in all its forms. Protection of this information includes security related to physical records, internal networks, electronic data, applications and infrastructure as well as externally integrated networks and information outsourced on behalf of the credit union. The Security Analyst will closely work with IT on proposing and coordinating information systems security changes, standards, solutions and methodologies. This position will be responsible for system security documentation including security audits, certification test plans, standard operating procedures (SOPs) and audit/risk compliance plans for both new and existing information systems. The Security Analyst will also contribute towards developing and maintaining policies and procedures to frame an integrated, organization wide program for managing information security including risk management, security configuration, remote access, identity and access management, organizational security training, event/incident response/reporting, and security planning. This role will also contribute towards security adherence to meet the predetermined cybersecurity maturity level(s) of Baseline and higher as defined by the guidelines of FFIEC and NCUA.

ESSENTIAL DUTIES AND RESPONSIBILITIES (includes the following). May perform other duties as requested or assigned.

• Monitor and analyze security incidents and perform investigative activities, recommending courses of action, and determining their root cause when needed
• Review existing intrusion detection and prevention systems and develop and maintain a security reporting dashboard
• In conjunction with IT network, monitor security vulnerabilities, threats and events in network and host systems and provide a periodic written assessment
• Collaborate with key stakeholders to establish and maintain an information security risk management program
• Implements the credit union information technology strategies to handle security incidents and coordinate investigative and reporting activities
• Determines security violations and inefficiencies by conducting periodic audits
• Implements security improvements by assessing current situation; evaluating trends; anticipating requirements
• Oversee development, accuracy, and compliance with corporate security policies, standards and procedures
• Provide security awareness training and guidance to credit union staff as appropriate
• Act as the information security liaison during all audit and examination initiatives and track IT related completion of remediation activities related to independent vulnerability testing, risk analysis, security assessments and exam mitigation/controls in conjunction with Internal Audit and Risk Management
• Identify potential areas of security vulnerability and security risk; develop and implement corrective action plans for resolution of problematic issues and provide general guidance on how to avoid or deal with future similar situations
• Adhere to all Federal and State laws and regulations applicable to the credit union, including the Bank Secrecy Act and OFAC and communicate suspicious activity including systems intrusion incidents to Compliance for regulatory reporting purposes

 

Requirements

EDUCATION AND EXPERIENCE

Bachelor’s degree (B.A.) from four-year college or university in Computer Science or a related field.  Minimum of five (5) years of experience in an information technology environment.  A minimum of three (3) years as Security Analyst or Security Specialist or a like position preferred.  Problem analysis and problem resolution at both technical and functional level.  Demonstrated Technical skills in complex, highly available, secure networks and infrastructure.  Technical and business assessment skills to evaluate strategic value of IT Security systems, Security Policy and work processes to serve members and employees.

OTHER SKILLS AND ABILITIES

Experience with the most current technologies and products used in the industry (Ex: SEIM, IDS, IPS, Firewalls Etc.).

Preferred Platforms include:

• Financial Core System Management - Symitar/JHA/ProfitStars and AIX preferred
• VoIP Telecommunications Platform- CISCO Server and Voice AVVID / Telepresence preferred
• Virtual Platforms (VMware)

Additional knowledge of the following a plus:

• System Administration (Windows, Linux/Unix)
• Network Administration (Network Troubleshooting, Firewall Administration, Network Protocols, Routers, and Switches)
• IT Frameworks (ITIL, TOGAF, COBIT, ISO 27000)
• Cloud architectures (AWS, Azure, Google)
• Data Security
• Risk Assessments
• Online/Mobile Service Channel

PHYSICAL DEMANDS

While performing the duties of this job, the employee is typically required to sit for long periods.  The employee continually is required to talk or hear. The employee is occasionally required to stand, walk, stoop and reach with hands and arms. The employee will occasionally lift and/or move up to [10] pounds.  Specific vision abilities required by this job include close vision and the ability to adjust focus. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.  [Limited travel required to visit CU locations as needed] 

Core Competencies

MEMBER FOCUSED        

Creates trust by building relationships and actively discovers the right solutions for Members and peers; understands that the credit union exists as a result of Member trust and loyalty in the organization and employees; is passionate and dedicated to meeting the expectations and requirements of internal and external Members.

COOPERATION AND TEAMWORK             

Relates well to all kinds of people; builds appropriate rapport; works harmoniously with others; uses and understands diplomacy and tact; encourages collaboration; seeks opinions; is candid with peers; values working relationships. Readily puts in extra effort to accomplish important tasks.                           

DECISION QUALITY         

Understands the member’s best interest is first; demonstrates decisions which are based on creating the best possible outcome for the member; makes decisions based on a mixture of analysis, wisdom, experience, and judgment; most recommendations and decisions turn out to be correct and accurate when judged over time; sought out by others for advice and solutions.

PROBLEM SOLVING        

Uses rigorous logic and methods to solve difficult problems creating effective solutions; is resilient and will own the solution and the problem; can see hidden problems; is excellent at honest analysis; looks beyond the obvious and doesn’t stop at the first answers.

ACTION ORIENTED          

Pushes self and others to achieve the best possible results for the Member, organization and employees; proactively seeks out opportunities; raises hand, rather than waits to be asked; not fearful of acting with a minimum of planning; understands that it’s OK to make a mistake (fail forward).

ADAPTABLE                       

Learns on the fly; is a relentless, versatile and an active learner; open to change; can learn new skills and knowledge; analyzes both successes and failures for opportunities to improve; understands that different situations and levels may call for different skills and approaches; works to deploy strengths; works on compensating for weaknesses and limits.

INNOVATION

A cultural mindset that supports new ideas, fosters experimentation and drives continuous improvement to deliver member value.

Combines and brings forward ideas in unique ways to make connections between disparate ideas; willingness to explore different lines of thought and suggestions and try new ideas through experimentation, views situations from multiple perspectives; brainstorms multiple approaches/solutions to benefit members.

Credit Union of Colorado is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity or expression, national origin, age, disability, genetic information, marital status, veteran status, or any other characteristic protected by applicable federal, state, or local laws. 

Please note applicants can redact any information that identifies their age, birth date, or dates of schooling on either their resume or any additional materials provided.