Are you ready for an exciting career in the financial services industry? If so, Andrews Federal is the place for you! Andrews Federal is a transformative, international financial institution, proud to serve our military and communities. Our top priority remains to help our members achieve financial wellness.
With a positive workplace culture embedded in every aspect of our DNA, our organization has been certified as a Great Place to Work for 4 years. Andrews Federal offers a highly competitive compensation and benefits package to maintain a happy and healthy workforce.
As our organization continues to thrive, we seek a highly motivated workforce that is not afraid to provide innovative solutions within the financial services industry. Our leaders encourage collaboration and new ideas as we continue to serve our global membership.
Some of the perks of working at Andrews Federal include:
- 12 paid holidays a year including your birthday
- Affordable healthcare plans and Employer Paid FSA accounts
- Career development, training opportunities, career coaching, and tuition reimbursement
- Retirement plans with a competitive matching option
- Childcare stipend to help working families
PURPOSE OF POSITION
Under the direction of the Director, Cyber Security, the Security Analyst II is responsible for supporting all facets of the information and cyber security program for Andrews Federal Credit Union’s system and networks. This includes detecting, monitoring, analyzing, and resolving security incidents. The Security Analyst II is also responsible for the enforcement of security policies, and recommending changes to existing policies. This also includes ensuring that security controls utilized by Andrews Federal are properly configured to enforce policies, and detect/prevent malicious activity involving team members, contractors, third party vendors systems, and service accounts. In addition, the Security Analyst II is responsible for coordinating with departments and users to ensure business processes are secure, security controls are being utilized, and promote a security culture at Andrews Federal. The Security Analyst II also prepares for security assessments performed by third party vendors and the NCUA, and develops solutions or mitigating controls for findings and recommendations by working with IT, other departments, or with assistance from third party vendors. Any results from information security risk assessments are reviewed, and solutions/mitigating controls are developed to address the security issues affecting the organization.
The position’s essential duties include the following:
- Monitor all Andrews Federal Credit Union’s security systems, including: Perimeter Protection (Firewall, IDS/IPS, Email Gateway, etc.); Virus Protection; Spyware Protection; investigate and analyze security events/anomalies/and respond to incidents.
- Monitor logs and events for servers, firewalls, IDS/IPS, and network traffic for unusual or suspicious activity. Analyze activity and make recommendations for resolution.
- Assists in vulnerability management review, analysis, and reporting for all systems according to policy.
- Ensure that data sent to, from, and in between Andrews Federal resources is transferred securely
- Helps prepare for security audits, vulnerability assessments, and NCUA audits.
- Verifies and reports configuration of servers, routers, switches, etc., as determined by internal standards, NIST Framework, and CIS Baselines.
- Provide reports to IT management regarding security system performance, incidents, and status.
- Responsible for ensuring hardware and software life cycle terms are followed.
- Supports new security software/hardware, establishes monitoring procedures, upgrades for all security software and hardware.
- Assist with security project implementations on a timely basis.
- Provides support to Andrews Federal’s business units to ensure security measures and policies are enforced
- Works with IT application developers and database administrators to identify and address security issues and recommendations.
- Maintains documentation of security incidents, procedures, policies, etc.
- Complete special and/or continuous improvement projects as assigned (directly or indirectly).
- Analyze and report on security system and end user activity audits.
- Work with Risk Management personnel to ensure proper access control with least privilege.
- Work with Risk Management personnel and third parties in the event of a breach.
- Keep current with emerging security technologies, news/trends, and issues.
- Performs other related work as assigned and demonstrate initiative using available resources to achieve established goals.
- Remain cognizant of and adhere to Andrews Federal policies and procedures, and regulations pertaining to the Bank Secrecy Act.
REQUIRED EXPERIENCE
- BS in Computer Science, Information Technology, Engineering, or related field.
- Minimum of 3 years of relevant IT Security technical experience.
- Knowledge of network transport protocols, routing protocols, and switching protocols.
- Knowledge of security methodology, risk assessment process, and incident response procedures; experience with network security appliances such as firewalls, IDS/IPS, DLP, SIEMs, routers/switches, etc.
- Must possess strong skills in Word, Excel, latest version of Windows Operating Systems and Windows Servers, Microsoft Project, and other software as needed.
- Familiarity with project planning methodology and willingness to work in a team environment to complete projects in a timely fashion.
- Must work independently on broad assignments and be capable of making decisions both involving projects as well as ongoing troubleshooting.
- Must work effectively with the Information Technology staff to negotiate equitable and reasonable division of duties.
- Highly motivated and have strong customer focus with the ability to interface with all levels of staff.
- Strong presentation skills which may be used to document analysis and deliver technical presentations to customer teams in an articulate and effective manner using a variety of media (visual, written and oral).
- Experience working with financial institutions such as credit unions preferred.
PHYSICAL REQUIREMENTS
Requires the ability to sit for extended periods of time, reviewing and analyzing data. Must be able to use general office equipment to include a computer terminal, 10 key calculator, fax machine, telephone and automated dialing collection system. Ability to lift and/ or move up to 25 pounds.
In accordance with the Americans with Disabilities Act, it is possible that requirements may be modified to reasonably accommodate disabled individuals. However, no accommodations will be made which may pose serious health or safety risks to the employee or others or which impose undue hardships on the organization.