Patelco Credit Union
Information Security Engineer
Patelco Credit Union, Dublin, California, United States, 94568
About Patelco Credit Union
Patelco Credit Union is a not-for-profit credit union with a purpose to build financial health and wellbeing for our members. Since 1936, Patelco has grown from $500 in assets to over $9 billion in assets and is the 7th largest credit union in California with branches throughout Northern California.We are here for our members throughout all their stages of life. Meeting them with the products and services to help them plan purposefully for their futures and to secure our life-long partnership as their trusted financial advocate. As one team, we are all committed to delivering service, empowering financial literacy, creating products, and providing new technology for our members.We believe that work should be rewarding, challenging, and enjoyable. We're dedicated to creating a positive and supportive culture where our team members can thrive. If you're looking to use your skills and knowledge to make a difference in our members' lives, Patelco could be the perfect fit for you.
Overview
The Information Security Engineer will be responsible for providing engineering design, analysis, and support for information security platforms and devices, routers, firewalls, networks, and operating systems, identifying relevant threats, recommending corrective actions, developing solutions for security issues, and investigating security incidents and breaches. The Information Security Engineer will help plan and carry out the organization's information security strategy and program to include developing a set of security standards and best practices for the organization, developing policy, standards and procedure, recommending security enhancements to management as needed, and developing strategies to respond to and recover from a security breach.
Responsibilities
Research, design, and implement information security solutions for organization systems and products that comply with all applicable security policies and standards.Work with IT and internal and external business partners to ensure that acquired hardware and software meet security requirements during evaluation, selection, installation, and configuration.Analyze and make recommendations to improve network, system, and application architectures.Examine network, server, and application logs to determine trends and identify security incidents.Assist in the review and update of information security policies, architectures, and standards.Assist in establishing and maintaining security configuration baselines and monitor systems for compliance.Assist in responding to audits, penetration tests, and vulnerability assessments.Install and use software, such as firewalls and data encryption programs, to protect the organization’s sensitive information.Assist computer users with installation or processing of new security products and procedures.In the event of a breach or incident, lead incident response activities for the Information Security team to minimize the impact.In the event of a breach or incident, lead a technical and forensic investigation into how the breach happened and the extent of the damage.Perform risk assessments to determine our stature against specific threats in order to recommend solutions.Develop and recommend policies, standards, and procedures that are in compliance with statutory and regulatory requirements that cover internal and external parties, physical security systems, internet and computer systems.Assist and train the Information Security Analysts and Administrators.
Qualifications
BS in Computer Science, Information Security, or a related field is highly desirable.5+ years of experience in information security, especially in a security engineering role.3+ years of past experience in a role on a Computer Incident Response Team (CIRT), Computer Emergency Response Team (CERT), Computer Security Incident Response Center (CSIRC) or a Security Operations Center (SOC) is highly desirable.Certified Information Systems Security Professional (CISSP) or equivalent required.Technical expertise in network security knowledge, to include VPN, Firewall, network monitoring, intrusion detection, web server security, SIEM, NAC, PAM, IAM, CIS Security Controls, other security related applications, and wireless security.Strong knowledge of common vulnerabilities and exploitation techniques.Practical experience with database security, content filtering, vulnerability scanning, and anti-malware.Proficiency with at least one scripting language (e.g.: Perl, Python, PowerShell).Knowledge of risk assessment tools, technologies, and methods.Experience designing secure networks, systems, and application architectures.Knowledge of disaster recovery, computer forensic tools, technologies, and methods.Experience planning, researching, and developing security policies, standards, and procedures.Ability to communicate network security issues to peers and management.An understanding of business needs and commitment to delivering high-quality, prompt, and efficient service to the business.An understanding of organizational mission, values, and goals and consistent application of this knowledge.Strong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate one.An ability to effectively influence others to modify their opinions, plans, or behaviors.Strong understanding of PCI, GLBA, and IS/IT risk assessment, the Federal Financial Institution Examination Council (FFIEC) IT examination handbooks, and National Institute of Standards and Technology (NIST) 800-53 and Cybersecurity Framework.
Target Base Pay
$113,283 - $141,603 / per year
Compensation at Patelco
Please note that the salary information is a general guideline only. Patelco Credit Union considers factors such as (but not limited to) scope and responsibilities of the position, candidate's work experience, education/training, key skills, internal peer equity, as well as market and business considerations when extending an offer. We offer a competitive total rewards package including a wide range of medical, dental, vision, financial, and other benefits.
We Offer
Physical Health:Exceptional Medical, Dental, Vision, and Life Insurance benefits.Onsite fitness center at HQ and rewards for completing wellness-related activities.Financial Health:Competitive compensation packages with bonus opportunity.401(k) with 3% Safe Harbor and 5% employer match.Discounts on loan products.Tuition reimbursement.Emotional Health:Employee Assistance Program (EAP).PTO for part-time and full-time positions.Paid holidays.Personal Development:On-the-job training and skills development.Internal transfer opportunities for career growth.Volunteer work.Flexible work arrangements available for specific positions.Patelco Credit Union is an Equal Opportunity Employer including individuals with disabilities and protected veterans.
#J-18808-Ljbffr
Patelco Credit Union is a not-for-profit credit union with a purpose to build financial health and wellbeing for our members. Since 1936, Patelco has grown from $500 in assets to over $9 billion in assets and is the 7th largest credit union in California with branches throughout Northern California.We are here for our members throughout all their stages of life. Meeting them with the products and services to help them plan purposefully for their futures and to secure our life-long partnership as their trusted financial advocate. As one team, we are all committed to delivering service, empowering financial literacy, creating products, and providing new technology for our members.We believe that work should be rewarding, challenging, and enjoyable. We're dedicated to creating a positive and supportive culture where our team members can thrive. If you're looking to use your skills and knowledge to make a difference in our members' lives, Patelco could be the perfect fit for you.
Overview
The Information Security Engineer will be responsible for providing engineering design, analysis, and support for information security platforms and devices, routers, firewalls, networks, and operating systems, identifying relevant threats, recommending corrective actions, developing solutions for security issues, and investigating security incidents and breaches. The Information Security Engineer will help plan and carry out the organization's information security strategy and program to include developing a set of security standards and best practices for the organization, developing policy, standards and procedure, recommending security enhancements to management as needed, and developing strategies to respond to and recover from a security breach.
Responsibilities
Research, design, and implement information security solutions for organization systems and products that comply with all applicable security policies and standards.Work with IT and internal and external business partners to ensure that acquired hardware and software meet security requirements during evaluation, selection, installation, and configuration.Analyze and make recommendations to improve network, system, and application architectures.Examine network, server, and application logs to determine trends and identify security incidents.Assist in the review and update of information security policies, architectures, and standards.Assist in establishing and maintaining security configuration baselines and monitor systems for compliance.Assist in responding to audits, penetration tests, and vulnerability assessments.Install and use software, such as firewalls and data encryption programs, to protect the organization’s sensitive information.Assist computer users with installation or processing of new security products and procedures.In the event of a breach or incident, lead incident response activities for the Information Security team to minimize the impact.In the event of a breach or incident, lead a technical and forensic investigation into how the breach happened and the extent of the damage.Perform risk assessments to determine our stature against specific threats in order to recommend solutions.Develop and recommend policies, standards, and procedures that are in compliance with statutory and regulatory requirements that cover internal and external parties, physical security systems, internet and computer systems.Assist and train the Information Security Analysts and Administrators.
Qualifications
BS in Computer Science, Information Security, or a related field is highly desirable.5+ years of experience in information security, especially in a security engineering role.3+ years of past experience in a role on a Computer Incident Response Team (CIRT), Computer Emergency Response Team (CERT), Computer Security Incident Response Center (CSIRC) or a Security Operations Center (SOC) is highly desirable.Certified Information Systems Security Professional (CISSP) or equivalent required.Technical expertise in network security knowledge, to include VPN, Firewall, network monitoring, intrusion detection, web server security, SIEM, NAC, PAM, IAM, CIS Security Controls, other security related applications, and wireless security.Strong knowledge of common vulnerabilities and exploitation techniques.Practical experience with database security, content filtering, vulnerability scanning, and anti-malware.Proficiency with at least one scripting language (e.g.: Perl, Python, PowerShell).Knowledge of risk assessment tools, technologies, and methods.Experience designing secure networks, systems, and application architectures.Knowledge of disaster recovery, computer forensic tools, technologies, and methods.Experience planning, researching, and developing security policies, standards, and procedures.Ability to communicate network security issues to peers and management.An understanding of business needs and commitment to delivering high-quality, prompt, and efficient service to the business.An understanding of organizational mission, values, and goals and consistent application of this knowledge.Strong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate one.An ability to effectively influence others to modify their opinions, plans, or behaviors.Strong understanding of PCI, GLBA, and IS/IT risk assessment, the Federal Financial Institution Examination Council (FFIEC) IT examination handbooks, and National Institute of Standards and Technology (NIST) 800-53 and Cybersecurity Framework.
Target Base Pay
$113,283 - $141,603 / per year
Compensation at Patelco
Please note that the salary information is a general guideline only. Patelco Credit Union considers factors such as (but not limited to) scope and responsibilities of the position, candidate's work experience, education/training, key skills, internal peer equity, as well as market and business considerations when extending an offer. We offer a competitive total rewards package including a wide range of medical, dental, vision, financial, and other benefits.
We Offer
Physical Health:Exceptional Medical, Dental, Vision, and Life Insurance benefits.Onsite fitness center at HQ and rewards for completing wellness-related activities.Financial Health:Competitive compensation packages with bonus opportunity.401(k) with 3% Safe Harbor and 5% employer match.Discounts on loan products.Tuition reimbursement.Emotional Health:Employee Assistance Program (EAP).PTO for part-time and full-time positions.Paid holidays.Personal Development:On-the-job training and skills development.Internal transfer opportunities for career growth.Volunteer work.Flexible work arrangements available for specific positions.Patelco Credit Union is an Equal Opportunity Employer including individuals with disabilities and protected veterans.
#J-18808-Ljbffr