Information Security Analyst

About The Position

Requirements

• Bachelor’s degree in Information Technology, Cybersecurity, Computer Science, or a related field, or an equivalent combination of education and experience.
• 3 - 5 years of experience in information security, IT operations, or a related technical role.
• Hands-on experience with security tools such as vulnerability scanners, endpoint protection, and log monitoring/SIEM platforms.
• Experience supporting audits, regulatory examinations, penetration tests, or compliance activities in a regulated environment (financial services experience preferred).
• Working knowledge of information security principles, risk management concepts, and common control frameworks.
• Understanding of regulatory expectations applicable to credit unions or other regulated financial institutions (e.g., NCUA, FFIEC, GLBA).
• Ability to analyze technical findings and clearly document security issues, associated risks, and remediation actions.
• Strong attention to detail with the ability to manage multiple tasks, priorities, and follow-up activities.

Responsibilities

• Monitor security tools, logs, and reports (e.g., endpoint protection, vulnerability scanners, SIEM, firewall logs) to identify, investigate, and respond to alerts, anomalies, and potential security incidents.
• Perform initial triage, analysis, and documentation of security events; escalate incidents in accordance with the Incident Response Plan and established procedures.
• Coordinate and support ongoing vulnerability scanning activities, including internal, external, and authenticated scans.
• Review vulnerability scan results, validate findings, prioritize risk, and implement or coordinate remediation activities to completion in accordance with established standards and change management procedures.
• Execute and support patch management activities by reviewing patching reports, identifying gaps, and applying or coordinating remediation, and validating the timely remediation of security vulnerabilities.
• Assist with internal and external audits, regulatory examinations, and penetration tests by gathering evidence, responding to requests, and tracking findings.
• Help coordinate remediation efforts for audit, examination, and penetration test findings, including documentation of corrective actions and validation of closure.
• Maintain organized records and evidence demonstrating the ongoing operation of security controls.
• Support the execution of the Credit Union’s Information Security Program and Governance Plan, including recurring security reviews and control activities.
• Assist with security risk assessments, control testing, and periodic reviews (e.g., access reviews, firewall reviews, vulnerability scope reviews).
• Help maintain and update security-related documentation, procedures, and standards in alignment with regulatory expectations and organizational policies.
• Work closely with the virtual CISO (vCISO) and supporting security team, as well as internal Network Team to address security issues and implement recommended controls.
• Provide security guidance and support to IT staff and business units related to secure configurations, data protection, and incident response.
• Independently remediate security vulnerabilities and configuration issues within defined authority, escalating only those items that require broader approval, elevated risk acceptance, or cross-team coordination.
• Interact with third-party vendors and service providers on security-related matters as directed.
• Stay current with emerging security threats, vulnerabilities, and industry best practices relevant to financial institutions.
• Participate in after-hours or on-call activities as required to support security incidents, maintenance, or critical events.

Benefits

• Benefit Package for all Full time employees includes health, dental, vision, Life insurance benefits
• 401(K) and profit sharing
• Tuition Reimbursement
• Career Advancement and development
• Credit Union Membership with discounted services and products