Sr. Information Security Engineer

Company: PSCU
Location: Saint Petersburg
Posted on: June 5, 2021

Job Description:

Join the people helping people.

For people drawn to serving others through their work, PSCU is a place to thrive, as we serve our credit union members best by taking care of each other first.

If you want to help shape an industry, challenge yourself, and invest in your own future, this is the place for you. PSCU is a highly accessible environment where you’re empowered to think on your feet, work from your heart, and discover the very best version of your professional and personal self. “Our Momentum. Your Moment.”

This application is the first step in seizing your moment.

This position provides advanced analysis, troubleshooting and resolution of complex technical problems that impact the Information Security structure at data, application, service, operating system, and network levels. This role will secure company systems and applications, identify potential weaknesses, assess risk and outline remediation strategies. You will monitor and analyze threats, identify potential IT security incidents, and escalate information to appropriate staff. You will assess vulnerability information from all sources (internal and external) and apply applicable mitigation techniques, conduct enterprise vulnerability analysis and assessments, and develop mitigation and remediation plans as a result of vulnerability assessment findings.
The Sr. Security Engineer will leverage systems and network knowledge to integrate appropriate security functions into operational environment, using innovative scripting techniques. You will also coordinate deployment of security technologies and processes, using structured project management methodologies for coordinating cross-functional resources, tracking project milestones, creating supporting documentation and reporting status regularly.

Essential Functions & Responsibilities

Resolve customer escalations involving phishing, malware, and anomalous network or server behavior; utilize technical and customer skills to identify security problems, policy violations and high-risk threats; use independent judgment to resolve issues in a timely manner before escalation is needed Maintain knowledge of the IT security industry including the awareness of new or revised security solutions, improved security processes and the development of new attacks and threat vectors; recommend additional security solutions or enhancements to existing security solutions to improve overall enterprise security Maintain, modify, and enhance automated Information Security functional system tests and evaluations, risk assessments, software and hardware evaluations, access control, and other related systems; execute risk assessments and risk management planning related to the information security features of systems, networks, and related administrative activities Provide leadership in the coordination and maintenance of disaster recovery, contingency planning, and testing that will mitigate against systems and information losses and assure a successful recovery of the systems and information Provide leadership in the identification and analysis of information security business practice irregularities and information security inactions and violations, conduct detailed inquires, assess potential damage, monitor corrective action and recommend cost-effective preventative measures to preclude recurrences Perform the deployment, integration and initial configuration of all new security solutions and of any enhancements to existing solutions in accordance with standard best operating procedures and the enterprises’ security documents Maintain and administer the corporate security tools Monitor security architecture for capacity and forecast for future system growth and capability; Provide technical security leadership when investigating security incidents; Provide 3rd level support for security questions and issues while supporting other security engineers; Architect and design security solutions with minimal oversight Monitor, configure and upgrade the necessary controls and procedures to cost-effectively protect information systems assets from intentional or inadvertent modification, disclosure or destruction; monitor systems and security tools for security alerts and escalate as needed Update existing departmental documentation and create documentation for new processes; develop and implement information security policies, standards and procedures Participate in the planning and design of enterprise security architecture Mentor and coach Security Analysts and Security Access Administrators in the completion of their day-to-day responsibilities, as assigned Direct staff as requested by IT Management to ensure all duties are performed according to departmental performance standards, as assigned Work in a team environment ensuring that departmental SLAs and other time and quality commitment KPIs are met at all times Perform other duties as assigned

Experience

Five (5) years of experience in IT Security role with direct hands-on experience with administering Unix/Linux and Windows systems and complex networks Five (5) years in an IT security role with programming and testing information security systems, IT security monitoring and analysis, cyber threat analysis, and vulnerability analysis required

Education

Bachelor’s degree in Computer Science related discipline, or equivalent combination of education and experience in information technology required Information Security certification in at least one of the following required: CISSP, CISA, CISM, CEH, CCSP Information technology certification in at least one of the following preferred: MCSE, CCNA, RHCSA, RHCE

Knowledge, Skills, & Abilities

Demonstrate behaviors based on PSCU values: Excellence, Innovation, Leadership, Passion and Trust Ability to understand and interpret technical concepts and procedures; general understanding of platform/application-specific technology, such as intrusion detection, firewalls, host-hardening, vulnerability management, encryption, patch management and shell / web scripting Strong customer service skills with the ability to interact with all levels of personnel through verbal and written communication skills Expertise to translate complex technical concepts into business or “common” language; ability to think and act pragmatically or “in the grey” rather than in the absolute black-and-white realm of information security Ability to manage multiple projects, work in fast-paced environment, and meet deadlines Experience in for performing 1st level analysis and interpretation of information from SOC systems, incident identification/analysis, escalation procedures, and reduction of false-positives Demonstrated experience consistent with ISO 27001, ITIL and other controls that are applicable to network security monitoring/analysis, event escalation, cyber threat analysis, and vulnerability analysis Demonstrated experience using and applying open- and closed-source resources within a corporate environment Thorough knowledge of authentication technologies and processes (VPN, SSL, SSH, PKI, etc.); experience implementing a manageable and scalable public key and certificate management infrastructure Experience in monitoring, evaluating, and interpreting vulnerabilities, CVEs, remedies, mitigation measures, techniques for escalation, social engineering tactics, phishing techniques, and performing vulnerability assessments Experience with compliance issues related to PCI DSS, SSAE16 (SAS70), SOX GCCs and financial requirements such as FFIEC, GLBA, NCUA, NACHA, etc Demonstrated excellent analytical and quantitative skills Demonstrated excellent analytical and quantitative skills Ability to find solutions through technical documentation, Internet searches or peer interactions Experience using a ticketing system to create, track and manage issues Proficiency in word processing and spreadsheet computer software applications Ability to maintain confidentiality of materials handled Ability to be flexible and work under high pressure in a complex environment

All applications are reviewed by an AIRS Certified Diversity and Inclusion Recruiter. Learn more about our commitment to Diversity, Equity, and Inclusion HERE!

PSCU is an Equal Opportunity Employer. We consider applicants without regard to race, color, religion, age, national origin, ancestry, ethnicity, gender, gender identity, gender expression, sexual orientation, marital status, veteran status, disability, genetic information, citizenship status or membership in any other group protected by federal, state or local law.

PSCU is an Equal Opportunity Employer that complies with the laws and regulations set forth in the following "EEO is the Law" Poster and the "EEO is the Law" Poster Supplement. PSCU will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the legal duty to furnish information.

For positions based out of our Phoenix, Arizona location, PSCU is an E-Verify Employer. Please click here for the E-Verify Poster in English or Spanish. For information regarding your Right To Work, please click here for English or Spanish.

As an ongoing commitment to reasonably accommodate individuals with disabilities, PSCU has established alternative methods to complete the application process. Disabled applicants needing assistance are encouraged to submit resumes via our careers page submission button If further assistance is required.

Keywords: PSCU, St. Petersburg , Sr. Information Security Engineer, Other , Saint Petersburg, Florida