Information Security Analyst

Publix Employees Federal Credit Union (PEFCU) was established over 60 years ago to provide financial services with lifetime value to Publix Super Markets, Inc. employees and their families.

PEFCU Benefits/Perks

• Medical, Dental and Vision insurance plans with one option at NO cost for employee only coverage!
• HUGE contributions toward dependent premiums!!
  
  

Generous Paid Time Off program (approximately 3 weeks a year) 11 paid holidays per year 401(k) retirement plan and profit sharing Pay for performance incentive programs Time off for giving back to your community! Tuition reimbursement And much, much more!!!

We are committed to improvement, driven by feedback, and focused on organizational growth. We expect and demonstrate our values (Caring, Inclusive, Transparent, Innovative, and Accountable) every day, creating an environment where all associates can add value and feel valued.

Find your value here as a…

Information Security Analyst

The Information Security Analyst plays a key role in maintaining and enhancing PEFCU’s Information Security Program. This role monitors security tools and systems, assists with vulnerability and patch management, supports incident detection and response, and contributes to Business Continuity Planning (BCP) and Business Impact Analysis (BIA) development. The analyst ensures the security and resilience of PEFCU systems, protects member data, and supports compliance with GLBA, NCUA/FFIEC guidance, and internal policies. This role works closely with IT, vendors, and business units to strengthen overall cybersecurity posture.

What you will do…

• Monitor and analyze security events and alerts across SIEM, IDS/IPS, EDR, WAF, email security, and other security platforms to identify and respond to potential threats.
• Conduct initial triage of security incidents and escalate issues based on defined incident response procedures.
• Assist in the development, tuning, and optimization of SIEM and security monitoring rules to enhance detection capabilities and reduce false positives.
• Perform vulnerability scanning, identify security gaps, support remediation tracking, and coordinate with IT teams to validate the deployment of required patches and updates.
• Maintain and enhance dashboards and reports for vulnerabilities, patch compliance, and security events for leadership, auditors, and regulators.
• Support Business Continuity Planning (BCP) efforts, including documentation updates, scenario reviews, and coordination with business units.
• Assist in the development and maintenance of the Business Impact Analysis (BIA), including gathering process information, identifying critical functions, and documenting recovery time objectives (RTO/RPO).
• Support Disaster Recovery (DR) testing activities and track remediation of identified gaps.
• Assist with security risk assessments, vendor reviews, and assessments aligned with NCUA/FFIEC requirements and PEFCU policy.
• Participate in the enhancement and documentation of information security policies, standards, and procedures.
• Support access control reviews, badge access administration, and logical/physical access monitoring in coordination with Facilities and People & Culture.
• Assist with security awareness and phishing simulation initiatives, including reporting, analysis, and program improvement.
• Maintain security logs, evidence records, and documentation to support audits, exams, and internal assessments.
• Monitor cybersecurity trends, threats, and industry developments to support continual improvement of the Information Security Program.
• Provide IT, business units, and leadership with clear, actionable communication related to cybersecurity risks, incidents, and best practices.
• Maintain professional and technical knowledge by attending webinars, training sessions, and reviewing publications related to cybersecurity, BCP/DR, and resilience.
  
  

What you need…

• 3 years of experience in information security, cybersecurity, or related IT security role.
• Associate degree in Information Technology, Cybersecurity, Computer Science, or related field; or an equivalent combination of education and experience.
• Hands-on experience with:
• SIEM platforms such as Microsoft Sentinel or Rapid7
• Vulnerability management tools (Rapid7, Qualys, Tenable)
• Endpoint protection/EDR solutions (e.g., Defender, CrowdStrike, etc.)
• Firewalls, IDS/IPS, VPNs, and WAF technologies
• Patch management and system hardening
  
  

Understanding Of Security Frameworks And Regulatory Requirements Including

• GLBA
• NCUA/FFIEC
• NIST Cybersecurity Framework
• CIS Controls
• ISO 27001
  
  

Familiarity with Business Continuity Planning, Disaster Recovery, and BIA development. Strong analytical skills with the ability to assess risks, identify patterns, and recommend resolutions. Ability to interpret and analyze security logs from multiple data sources. Strong communication skills with the ability to explain technical concepts to non-technical stakeholders. Ability to work effectively across departments and collaborate with IT, Facilities, People & Culture, vendors, and auditors. Strong proficiency in Microsoft 365, especially Excel for reporting and trend analysis. Ability to manage competing priorities, incidents, and tasks in a fast-paced environment. High attention to detail, accuracy, and documentation quality. Demonstrated integrity, professional ethics, and commitment to confidentiality. Ability to work under pressure, meet tight deadlines, and remain calm during incident situations.

What’s In It For You…

• Competitive pay
• Pay for performance incentive program
• Medical, Dental and Vision insurance plans with one option at NO cost for employee only coverage!
• Stellar benefits/perks
• Work/life balance
  
  

Apply now!