Patelco Credit Union
Information Security Engineer
Patelco Credit Union, Dublin, California, United States, 94568
About Patelco Credit Union:
Patelco Credit Union is a not-for-profit credit union with a purpose to build financial health and wellbeing for our members. Since 1936, Patelco has grown from $500 in assets to over $9 billion in assets and is the 7th largest credit union in California with branches throughout Northern California. We are here for our members throughout all their stages of life. Meeting them with the products and services to help them plan purposefully for their futures and to secure our life-long partnership as their trusted financial advocate. As one team, we are all committed to delivering service, empowering financial literacy, creating products, and providing new technology for our members. We believe that work should be rewarding, challenging, and enjoyable. Were dedicated to creating a positive and supportive culture where our team members can thrive. If youre looking to use your skills and knowledge to make a difference in our members lives, Patelco could be the perfect fit for you. Overview: The Information Security Engineer will be responsible for providing engineering design, analysis, and support for information security platforms and devices, routers, firewalls, networks, and operating systems, identifying relevant threats, recommending corrective actions, developing solutions for security issues, and investigating security incidents and breaches. The Information Security Engineer will help plan and carry out the organizations information security strategy and program to include developing a set of security standards and best practices for the organization, developing policy, standards and procedure, recommending security enhancements to management as needed, and developing strategies to respond to and recover from a security breach. Responsibilities: Research, design, and implements information security solutions for organization systems and products that comply with all applicable security policies and standards Works with IT and internal and external business partners to ensure that acquired hardware and software meet security requirements during evaluation, selection, installation, and configuration Analyzes and makes recommendations to improve network, system, and application architectures Examines network, server, and application logs to determine trends and identify security incidents Assists in the review and update of information security policies, architectures, and standards Assists in establishing and maintaining security configuration baselines and monitors systems for compliance Assists in responding to audits, penetration tests and vulnerability assessments Install and use software, such as firewalls and data encryption programs, to protect the organizations sensitive information. Assists computer users with installation or processing of new security products and procedures. In the event of a breach or incident, leads incident response activities for the Information Security team to minimize the impact. In the event of a breach or incident, leads a technical and forensic investigation into how the breach happened and the extent of the damage Performs risk assessments to determine our stature against specific threats in order to recommend solutions Develop and recommend policies, standards and procedures that are in compliance with statutory and regulatory requirements that cover internal and external parties, physical security systems, internet and computer systems Assisting and training the Information Security Analysts and Administrators Qualifications:
BS in Computer Science, Information Security, or a related field is highly desirable 5+ years of experience in information security, especially in a security engineering role 3+ years of past experience in a role on a Computer Incident Response Team (CIRT), Computer Emergency Response Team (CERT), Computer Security Incident Response Center (CSIRC) or a Security Operations Center (SOC) is highly desirable Certified Information Systems Security Professional (CISSP) or equivalent required Technical expertise in network security knowledge, to include VPN, Firewall, network monitoring, intrusion detection, web server security, SIEM, NAC, PAM, IAM, CIS Security Controls, other security related applications, and wireless security Strong knowledge of common vulnerabilities and exploitation techniques Practical experience with database security, content filtering, vulnerability scanning, and anti-malware Proficiency with at least one scripting language (e.g.: Perl, Python, PowerShell) Knowledge of risk assessment tools, technologies and methods Experience designing secure networks, systems and application architectures Knowledge of disaster recovery, computer forensic tools, technologies and methods Experience planning, researching and developing security policies, standards and procedures Ability to communicate network security issues to peers and management An understanding of business needs and commitment to delivering high-quality, prompt, and efficient service to the business An understanding of organizational mission, values, and goals and consistent application of this knowledge Strong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate one An ability to effectively influence others to modify their opinions, plans, or behaviors Strong understanding of PCI, GLBA and IS/IT risk assessment, the Federal Financial Institution Examination Council (FFIEC) IT examination handbooks, and National Institute of Standard and Technology (NIST) 800-53 and Cybersecurity Framework.
Target Base Pay: $115,763.35 - $141,603 / per year Compensation at Patelco: Please note that the salary information is a general guideline only. Patelco Credit Union considers factors such as (but not limited to) scope and responsibilities of the position, candidate's work experience, education/training, key skills, internal peer equity, as well as market and business considerations when extending an offer. We offer a competitive total rewards package including a wide range of medical, dental, vision, financial, and other benefits. We Offer: Physical Health: Exceptional Medical, Dental, Vision, and Life Insurance benefits Onsite fitness center at HQ and rewards for completing wellness related activities Financial Health: Competitive compensation packages with bonus opportunity 401(k) with 3% Safe Harbor and 5% employer match Discounts on loan products Tuition reimbursement Emotional Health: Employee Assistance Program (EAP) PTO for part-time and full-time positions Paid holidays Personal Development: On-the-job training and skills development Internal transfer opportunities for career growth Volunteer work Flexible work arrangements available for specific positions Patelco Credit Union is an Equal Opportunity Employer including individuals with disabilities and protected veterans IND123
Patelco Credit Union is a not-for-profit credit union with a purpose to build financial health and wellbeing for our members. Since 1936, Patelco has grown from $500 in assets to over $9 billion in assets and is the 7th largest credit union in California with branches throughout Northern California. We are here for our members throughout all their stages of life. Meeting them with the products and services to help them plan purposefully for their futures and to secure our life-long partnership as their trusted financial advocate. As one team, we are all committed to delivering service, empowering financial literacy, creating products, and providing new technology for our members. We believe that work should be rewarding, challenging, and enjoyable. Were dedicated to creating a positive and supportive culture where our team members can thrive. If youre looking to use your skills and knowledge to make a difference in our members lives, Patelco could be the perfect fit for you. Overview: The Information Security Engineer will be responsible for providing engineering design, analysis, and support for information security platforms and devices, routers, firewalls, networks, and operating systems, identifying relevant threats, recommending corrective actions, developing solutions for security issues, and investigating security incidents and breaches. The Information Security Engineer will help plan and carry out the organizations information security strategy and program to include developing a set of security standards and best practices for the organization, developing policy, standards and procedure, recommending security enhancements to management as needed, and developing strategies to respond to and recover from a security breach. Responsibilities: Research, design, and implements information security solutions for organization systems and products that comply with all applicable security policies and standards Works with IT and internal and external business partners to ensure that acquired hardware and software meet security requirements during evaluation, selection, installation, and configuration Analyzes and makes recommendations to improve network, system, and application architectures Examines network, server, and application logs to determine trends and identify security incidents Assists in the review and update of information security policies, architectures, and standards Assists in establishing and maintaining security configuration baselines and monitors systems for compliance Assists in responding to audits, penetration tests and vulnerability assessments Install and use software, such as firewalls and data encryption programs, to protect the organizations sensitive information. Assists computer users with installation or processing of new security products and procedures. In the event of a breach or incident, leads incident response activities for the Information Security team to minimize the impact. In the event of a breach or incident, leads a technical and forensic investigation into how the breach happened and the extent of the damage Performs risk assessments to determine our stature against specific threats in order to recommend solutions Develop and recommend policies, standards and procedures that are in compliance with statutory and regulatory requirements that cover internal and external parties, physical security systems, internet and computer systems Assisting and training the Information Security Analysts and Administrators Qualifications:
BS in Computer Science, Information Security, or a related field is highly desirable 5+ years of experience in information security, especially in a security engineering role 3+ years of past experience in a role on a Computer Incident Response Team (CIRT), Computer Emergency Response Team (CERT), Computer Security Incident Response Center (CSIRC) or a Security Operations Center (SOC) is highly desirable Certified Information Systems Security Professional (CISSP) or equivalent required Technical expertise in network security knowledge, to include VPN, Firewall, network monitoring, intrusion detection, web server security, SIEM, NAC, PAM, IAM, CIS Security Controls, other security related applications, and wireless security Strong knowledge of common vulnerabilities and exploitation techniques Practical experience with database security, content filtering, vulnerability scanning, and anti-malware Proficiency with at least one scripting language (e.g.: Perl, Python, PowerShell) Knowledge of risk assessment tools, technologies and methods Experience designing secure networks, systems and application architectures Knowledge of disaster recovery, computer forensic tools, technologies and methods Experience planning, researching and developing security policies, standards and procedures Ability to communicate network security issues to peers and management An understanding of business needs and commitment to delivering high-quality, prompt, and efficient service to the business An understanding of organizational mission, values, and goals and consistent application of this knowledge Strong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate one An ability to effectively influence others to modify their opinions, plans, or behaviors Strong understanding of PCI, GLBA and IS/IT risk assessment, the Federal Financial Institution Examination Council (FFIEC) IT examination handbooks, and National Institute of Standard and Technology (NIST) 800-53 and Cybersecurity Framework.
Target Base Pay: $115,763.35 - $141,603 / per year Compensation at Patelco: Please note that the salary information is a general guideline only. Patelco Credit Union considers factors such as (but not limited to) scope and responsibilities of the position, candidate's work experience, education/training, key skills, internal peer equity, as well as market and business considerations when extending an offer. We offer a competitive total rewards package including a wide range of medical, dental, vision, financial, and other benefits. We Offer: Physical Health: Exceptional Medical, Dental, Vision, and Life Insurance benefits Onsite fitness center at HQ and rewards for completing wellness related activities Financial Health: Competitive compensation packages with bonus opportunity 401(k) with 3% Safe Harbor and 5% employer match Discounts on loan products Tuition reimbursement Emotional Health: Employee Assistance Program (EAP) PTO for part-time and full-time positions Paid holidays Personal Development: On-the-job training and skills development Internal transfer opportunities for career growth Volunteer work Flexible work arrangements available for specific positions Patelco Credit Union is an Equal Opportunity Employer including individuals with disabilities and protected veterans IND123