Senior Information Security Engineer

Location

Murfreesboro, TN | United States

Job description

Ascend is the largest credit union in Middle Tennessee and one of the largest credit unions in the United States, with over $4 billion in assets. With an occupation-based field of membership, Ascend is focused on the expansion and diversification of the select employee groups it serves, which creates greater security for the credit union and its member-owners. Approximately 650 employees serve more than 260,000 members from 27 Middle Tennessee branch locations, Regional Operations Center, Teller Center and Corporate Headquarters. Ascend recognizes that its employees are critical to the credit union’s sustained success and future growth. Our employees are the face of the credit union and their personal successes fuel the success of the team. Through collaboration between employees, management, our membership and our Board, we fuel an engine that propels the credit union forward.

Thank you for your interest in a career with Ascend Federal Credit Union! Being employed by Ascend is vastly different than just holding a job. The credit union prides itself on providing employees rewarding career opportunities, competitive benefits and a unique work culture. The credit union’s commitment to its employees is fostered by its commitment to the member-owners, ensuring dedicated and engaged employees to serve the membership. Ascend’s vision to be the most loved credit union in our market by employees and members alike has earned the credit union distinctions including Federal Credit Union of the Year (NAFCU, 2015), Best Credit Union to Work For (2016-2022) and Training APEX Awards (2015-2023).

Directly accountable for safeguarding the credit union's information assets. The role involves designing, implementing, and enforcing security protocols and procedures that mitigate risks and ensure compliance. Focus areas include vulnerability assessment, incident response, and compliance management. This responsibility will be carried out through the development of information security requirements; planning, implementing, and testing security systems; and documenting information security standards, policies, and procedures.

• Determine information security requirements by evaluating business strategies and requirements; researching information security standards; conducting system security and vulnerability analyses and risk assessments; studying architecture/platform; and identifying integration issues.
• Architect, design, and implement security controls for our infrastructure and critical systems
• Implement/manage security systems by specifying intrusion detection methodologies and equipment; directing equipment and software installation and calibration; preparing preventive and reactive measures; creating, transmitting, and maintaining keys; providing technical support; completing documentation.
• Verify information security systems by developing and implementing test scripts. Must ensure that all managed security service provider (MSSP) scanning tools are properly configured, adequately identifying technology assets, and alerts are properly acted upon to mitigate identified threats.
• Support security incident response activities utilizing security tools (SIEM/SOAR)
• Maintain security by monitoring and ensuring compliance to standards, policies, and procedures; conducting incident response analyses.
• Upgrade security systems by monitoring security environment; identifying security gaps; evaluating and implementing enhancements.
• Prepare system security reports by collecting, analyzing, and summarizing data and trends.
• Update job knowledge by tracking and understanding emerging security practices and standards; participating in educational opportunities; reading professional publications; maintaining personal networks; participating in professional organizations.
• Serve as the information security technical lead for the credit union’s information security team. This role will be responsible for monitoring industry and regulatory trends to ensure prompt and complete action plans are developed and implemented to address these requirements.
• Serve as the primary liaison for audit activities related to the areas of information security. This will also include maintaining the credit union’s ongoing cybersecurity risk profile using the recommended industry tools, and being certain that activities which keep us aligned with our target levels are implemented.
• Read all internal publications including HUB.
• Perform other duties as required or assigned.

Education

• Four year college degree in Information Systems, Business, Computer Science or equivalent work experience

Work Experience

• 3-5 years of related work experience is required
• Demonstrable expertise in implementing, managing, and fine-tuning security controls using a variety of security tools and frameworks. Specific experience with Palo Alto firewalls and Palo Alto XSOAR for security orchestration, automation, and response (SOAR) is essential. is required
• In-depth experience with Identity and Access Management (IAM), specifically in designing and implementing IAM solutions for provisioning, de-provisioning, and role-based access controls within the organization. Familiarity with industry-standard IAM solutions and best practices is a must. is
• Familiarity with monitoring and managing security incidents, including the use of Security Information and Event Management (SIEM) tools. is
• Proven track record in working with cross-functional teams to address security and compliance challenges, specifically in a regulated financial environment. is
• Past experience in developing and implementing security policies and procedures that align with industry regulations such as PCI-DSS, NCUA, or related financial sector regulations. is
• Previous involvement in handling external and internal audits related to information security, along with remediation of identified issues is
• History of collaborating with vendors and third-party service providers to enhance the organization’s security posture. is

Knowledge, Skills, and Abilities

• Designation of a Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM) preferred.
• A high level of problem-solving skills and the ability to communicate in a clear, concise manner.
• A high degree of poise and tact to represent the credit union positively when dealing with outside contacts and employees.
• Must have the skill and ability to maintain security within data networks and servers; assist with the day-to-day operation of securing networks and servers; implement LAN/WAN security protocols.
• Must be able to communicate effectively in both oral and written form and explain technical concepts in non-technical terms to staff and prepare clear and concise written communications.
• Must have the skill and ability to read, interpret and apply technical data processing manuals and related documents; keep current by reading, interpreting, and applying information on technological changes and updates; and research technical manuals and guides to respond to user questions.
• Must be able to manage multiple projects/tasks concurrently; and prioritize requests and complete assignments within an estimated timeframe; and organize, schedule, and coordinate a variety of activities and projects.
• Must have the ability to learn new software and hardware packages and adapt to changes in technology.
• Must be self-starter and be able to use own judgment to undertake activities with minimal supervision. Must be able to work independently and as a team member.
• Must be able to lift and carry boxes containing computer components, printer paper, etc.
• Regular and reliable attendance is required.

Connect with us on social media such as Facebook, Twitter, Instagram, and LinkedIn Ascend Federal Credit Union is an Equal Opportunity Employer

Job tags

Salary