Job Type

Full-time
Description
The Sr. Information Security Analyst will safeguard LCCU's enterprise networks, systems, and applications against cyber threats. Will play a critical role in ensuring the security and integrity of LCCU's digital assets, ensuring the trust and confidentiality of LCCU's sensitive data and assets. Sr. Information Security Analyst works closely with the management, business units, and technology teams to ensure network availability, network/system security, and data security for LCCU.
Responsibilities:

• Monitor and analyze security events and incidents related to LCCU's core banking systems, applications, and networks.
• Provide network defense system architecture, installation, and configuration support by identifying, developing, and facilitating the implementation of initiatives and programs designed to enhance the security of the credit union's network and data assets.
• Identify potential threats, vulnerabilities, and breaches, and respond promptly to mitigate the impact.
• Conduct investigations and forensic analysis to determine the root cause of incidents.
• Perform regular risk assessments to identify potential cybersecurity risks and vulnerabilities in the LCCU infrastructure.
• Develop and implement risk mitigation strategies, controls, and countermeasures to protect sensitive data and ensure compliance with industry regulations and best practices.
• Ensure compliance with relevant cybersecurity frameworks, such as NIST Cybersecurity Framework.
• Collaborate with internal and external auditors to address any identified gaps or issues.
• Develop and maintain incident response plans specific to LCCU's enterprise systems and applications.
• Evaluate the security architecture of the core banking systems and applications, including network infrastructure, servers, databases, and access controls.
• Recommend and implement security controls, such as firewalls, intrusion detection systems, encryption mechanisms, and multi-factor authentication, to strengthen the security posture.
• Develop and deliver cybersecurity awareness and training programs for employees and system users. Educate staff on security best practices, phishing awareness, and incident reporting procedures to enhance the overall cybersecurity awareness within LCCU.
• Maintain accurate and up-to-date documentation of security policies, procedures, and standards related to the Information Security Program. Provide regular security reports and metrics for management and stakeholders, highlighting the status of security measures, incidents, and compliance.
• Stay abreast of the latest cybersecurity threats, trends, and technologies relevant to the financial industry. Continuously monitor and research emerging threats and vulnerabilities that may impact the LCCU, make recommendations, and implement proactive security measures to mitigate potential risks.

Requirements

• Bachelor's degree (B.S.) from a four-year college or university; at least eight years related experience and training; or equivalent combination of education and experience working with complex IT infrastructures.
• 5-7 years of Information Technology experience working in a mid-size to enterprise environment. Financial Industry is a plus.
• 3-5 years of advanced Cyber Security experience required, including knowledge of security assessment and penetration testing methodology.
• Senior knowledge of network security administration and engineering in a multisite, multilanguage environment.
• In-depth experience working with security technologies, including firewalls, IPS/IDS, NAC, EDR, proxies, and other products to secure network egress/ingress.
• Advanced knowledge of network monitoring, SEIM, and incident response/threat-hunting tools.
• Team player who can manage multiple tasks in a fast-paced environment.
• Able to travel to other locations throughout the state as needed.
• Excellent communication skills with internal team and external vendors.
• Ability to manage time with strong organizational skills and keen attention to detail.
• Proven ability to solve problems creatively and proactively.
• Ability to learn quickly and work efficiently.

The above statements are intended to describe the general nature and level of work being performed by people assigned to this job. They are not intended to be an exhaustive list of all responsibilities, duties, and skills required of personnel so classified. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions of the position.