MSUFCU logo

Senior Information Security Analyst

MSUFCU
Full-time
Remote
$93,000 - $116,000 USD yearly

The Senior Information Security Analyst is responsible for testing, documenting, evaluating, remediating, and improving internal controls within the IT department for safety, effectiveness, and operational efficiency. The position requires collaboration with internal and external audit and examining teams, IT management, consultants, and other stakeholders to ensure compliance deliverables are met.


Work Location - This position is a remote within the Great Lakes Region (Michigan, Indiana, Illinois, Wisconsin), hybrid, or onsite role. A schedule of expected onsite and remote work days will be discussed during the interview process.


An offer of employment with MSU Federal Credit Union and affiliates is contingent upon the agreed work arrangement (onsite/hybrid/remote) and work location. MSU Federal Credit Union may or may not be able to accommodate temporary or permanent changes to work arrangements or allow employment outside the city and/or state of residency in which the new hire resides at the time of offered employment. 


Schedule - Monday-Friday 8:30am-5:00pm Eastern Standard Time 


Compensation & Benefits:



  • Salary Range: Senior Information Security Analyst - $93,000-116,000+ dependent on experience

  • 100% Company-Paid Health, Dental, Vision, Life, and Long-Term Disability Premiums

  • Up to 26 days of PTO within your first year, as well as Volunteer Time Off & 11 Paid Holidays

  • 401(k) with an immediate 2:1 Match

  • Tuition Reimbursement

  • Up to 12 Weeks of Paid Parental Leave


Essential Duties and Responsibilities


Senior Information Security Analyst: 



  • Implement, monitor, and manage advanced security technologies: SIEM, Firewalls, IPS, EDR, and other security related systems and applications.

  • Manage security configuration and operation standards for security systems and applications.

  • Assists in the development and maintenance of the Credit Union’s Information Security Program; this includes answering staff questions about security, responding to security incidents in a way that helps staff understand their role in security, and preparing materials for ongoing security knowledge transfer to staff.

  • Perform incident management/response across the enterprise and provide consistent security monitoring, response, follow-up investigation, and determination of root cause. Evaluates security alerts generated by internal systems, vendors, and other industry sources.

  • Work with credit union vendors and service providers to provide documentation for regulation compliance and adherence to applicable laws, credit union policies, and security standards.

  • Assist in the collection of system information and procedures required by internal and external audits and examinations; assist in drafting responses to audits.

  • Provide support for management and staff using security, reporting, and risk management applications and systems.

  • Assist with developing and maintaining the Credit Union’s disaster recovery plan; assist in the Credit Union’s business continuity testing as part of the Information Technology team.

  • Member of the CIRT (Computer Incident Response Team).

  • Collaborate on critical IT projects to ensure that security issues are addressed throughout the project life cycle.

  • Create and/or maintain project level documentation and policies and procedures. This includes system security plans, risk assessments, business continuity plans, change management, Visio diagrams, end-user documentation, etc.

  • Manage security configuration and operation standards for security systems and applications, including policy assessment and compliance tools, network security appliances, and host-based security systems.

  • Recommend and validate baseline security configurations for operating systems, applications, networking and telecommunications equipment.



    Knowledge, Skills and Abilities Required


    Senior Information Security Analyst:



    • High school diploma or GED required.

    • A level of technical knowledge and experience normally acquired through completion of a four year program in computer science, CISSP (or other relevant certification) or equivalent education, training, and experience preferred.

    • The position requires a high level of technical knowledge and experience in network architecture, design, configuration, and implementation. Candidate should have in-depth knowledge of network routing, firewalls, intrusion detection systems, internet filtering, anti-virus technology, application security, secure email gateways and PCI and GLBA compliant environments.

    • Minimum of four years of experience in network and/or security administration is preferred.

    • Experience with multiple information technology systems: Windows Server, Windows Client Operating Systems, Mac OS, Active Directory, LINUX/AIX/UNIX, TCP/IP, LAN/WAN, VPN, and NAC.

    • Excellent problem solving and troubleshooting skills.

    • Ability to respond to and interpret security incidents, and to provide root cause analysis.

    • Experience in vulnerability testing and ability to plan and implement ongoing testing and monitoring programs and knowledge of IT operational infrastructure including business continuity.

    • Knowledge of operation risk assessment methodology, mitigation development, monitoring and reporting.

    • Proficient in MS Office products, including Word, Excel, and Visio.

    • Excellent written and verbal communication skills and the ability to discuss complex technical issues with laypersons as well as highly technical individuals.

    • Detailed knowledge and experience with systems administration, systems engineering, network engineering, network security, and network penetration testing.

    • Expert knowledge of operation risk assessment methodology, mitigation development, monitoring and reporting.

    • Experience within cloud platforms (Microsoft Azure, Amazon AWS, Google Cloud) preferred.

    • Candidate should have experience supporting network environments of 1000+ users which includes virtualization, wireless, and mobile technologies.

    • Proven ability to identify complex security exploits, threats, and vulnerabilities.

    • Contribute to the overall strategy for information security policy and configuration of security systems.



      Physical Demands and Work Environment



      • May be required to remain in a stationary position for an extended period of time.

      • Ability to operate standard office technology, equipment and tools, which may include many hours of computer and phone usage.

      • Occasionally needs to move about inside of office area

      • Exposure to potentially hazardous condition, i.e. robbery. Receives detailed instructions and procedures to be followed to minimize the exposure

      • This position is able to work in an onsite, hybrid, or remote working arrangements.


      Disclaimer


      The above statements are intended to indicate the kinds of tasks and levels of work difficulty that will be required of positions that will be given this title and shall not be constructed as declaring what the specific duties and responsibilities of any particular position shall be. It is not intended to limit or in any way modify the rights of any
      supervisor to assign, direct, and control the work of employees under his or her supervision. The use of a particular expression or illustration describing duties shall not be held to exclude other duties not mentioned that are of similar kind of level of difficulty. MSU Federal Credit Union is an affirmative-action, equal-opportunity employer.
      Reasonable accommodations may be made for individuals with disabilities to enable them to perform the essential functions of the position.

      Apply now
      Share this job
      Twitter Facebook Linkedin Email