IT Security Analyst

SUMMARY :

Under the general direction of the VP IT Infrastructure, this position is responsible for the engineering, support, maintenance, and implementation of APGFCU’s on-premise and cloud-based IT infrastructure and cyber security tools. This includes hardware & software, cloud services acquisition, installation, configuration, and ongoing maintenance ensuring optimal performance, scalability, and security. This person will need to rely on experience and judgment to plan and accomplish corporate goals.

ESSENTIAL DUTIES AND RESPONSIBILITIES :

Systems Design and Engineering :

• Design, deploy, and maintain the credit union’s corporate on-premise and cloud infrastructure including networking, firewalls, IPS / IDS, VDI, and virtual and physical servers (Linux, Microsoft, VMware, ESXi, Azure); carry out the infrastructure maintenance and configurations for backup and disaster recovery purposes.
• Work directly with firewalls (Meraki / Palo Alto), IDS, IPS, and other security tools and infrastructure.
• Proactively monitor on-premise, IaaS, and cloud systems for performance, stability, security, and capacity management and prevent and resolve any issues.
• Use network monitoring, vulnerability management and SIEM tools to examine network traffic and identify both external and internal threats to ensure security controls meet the APGFCU infrastructure guidelines and industry best practices.
• Design and implement a multi-layer security strategy to protect APGFCU information assets.
• Implement and maintain on-premise and cloud infrastructure and security controls including enhanced detection, data loss prevention, event correlation and vulnerability management capabilities.
• Perform network troubleshooting as needed; work with 3rd party vendors and ensure continuous infrastructure availability; 24x7x365. Must be available to work after hours and be part of on call rotation
• Engineer security controls on APGFCUs infrastructure to include LANs, WANs, Firewalls and Cloud services.
• Implement and administer firmware and patch management for all IT hardware and operating systems (Linux, Windows Server, VMware; Firewalls, routers and switches)
• Design, deploy and configure security configurations such as SSO, MFA, centralized logging, DLP, and encryption to protect credit union’s information systems.
• Create scripts to automate task and configuration items using PowerShell and other scripting tools.
• Ensure the security and integrity of the on-premise, IaaS and cloud solutions including compliance with APGFCU, NCUA, industry standards and information security principles and best practices.
• Implement and manage internal and external vulnerability scans and penetration tests and remediate any findings.
• Implement and manage 3rd party VPNs, remote access, and MDM systems.
• Manage and perform the annual execution of disaster recovery testing and support audits and assessment activities.
• Provide security infrastructure expertise to business applications ensuring they are deployed and implemented securely.
• Serve as technical project lead on IT and corporate projects and provide technical and functional IT infrastructure expertise
• Participate in the development of the annual IT strategic plan, review existing infrastructure security configuration, plan and make recommendations for future enhancements.
• Maintain all documentation pertaining to the network and cyber security infrastructure.
• Adhere to the established change management and turnover log

Project Management :

Professional Development :

Other : Perform additional responsibilities as assigned.

ADDITIONAL : Responsible for completion of applicable training and compliance with federal regulations and APGFCU policies and procedures as related to the duties of this position (Bank Secrecy Act, Information Security as examples, if applicable).

KNOWLEDGE, SKILLS, AND ABILITIES :

Ability to handle day-to-day operations, troubleshooting network connectivity problems and application issues. Must be skilled in communication, human relations, problem-solving, and organization. Strong understanding on OSI model, TCP / IP, subnetting, routing protocols (EIGRP, OSPF, iBGP), firewall technologies, VPN and remote access, core networking (WAN / LAN / DHCP / VLAN / VXLAN / / IPv4 / IPv6 / QOS), encryption (SSL / TLS), scripting (Powershell / Python), virtualization (VMware), content filtering, MDM, VDI.

QUALIFICATIONS :

EDUCATION : Bachelor’s Degree in Cyber Security or other related technical field. Experience can be credited in lieu of education. Current certification in one of the following areas is required. (CISSP, MCITP, CCNA, VMware).

EXPERIENCE : Minimum ten years of work experience in a LAN / WAN environment consisting of cyber security or in IT security related field required. Extensive hands-on experience with network infrastructure consisting of firewalls, IPS / IDS, SIEM, web and email filters, data loss prevention, antivirus / antimalware systems, Microsoft servers, virtualization, Linux, Cisco routers, and switches in a enterprise networking environment. Advanced knowledge of networking in a Microsoft Server domain, AD, Group Policy, MS SQL server, IIS, Exchange, Windows networking, virtualization, SAN’s, VSphere and certificate-based authentication, pass wordless authentication.

PHYSICAL DEMAND : The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. While performing the duties of this job, the employee is regularly required to stand; walk; use hands to finger, handle, or feel objects, tools, or controls; and talk or hear. The employee frequently is required to reach with hands and arms. The employee is frequently required to sit, stoop, kneel, or crouch. The employee must frequently lift and / or move up to 25 pounds, and be capable of transporting related supplies and equipment. Specific vision abilities by this job include vision, distance vision, color vision, peripheral vision, depth perception and the ability to focus.