Information Security Analyst

Sidney Federal Credit Union

Sidney Center, NY 13839, USA

Published: 6/14/2022

Technology

Full Time

Job Description

Here at SFCU we define our culture as one of GROWTH. Growing our member, growing our employee, and growing our organization. This is a great opportunity to join our innovative and growing SFCU team.

Reporting: Hybrid - travel to Sidney, NY required

Salary: $70,544 - $88,180

Position Summary

The Information Security Analyst plays a critical role protecting the organization's digit assets, ensuring the confidentiality, integrity, and availability of information systems. This role involves monitoring security events, identifying vulnerabilities, and implementing safeguards to defense against cyber threats.

Key Responsibilities

Information Security

Security monitoring and incident response: Investigate SIEM alerts, analyze logs, coordinate containment, and support post-incident reviews.
Regulatory compliance support: Assist with GLBA, NCUA, NIST Cybersecurity Framework 2.0, and internal audit activities.
Vulnerability management: Perform scans, validate findings, prioritize remediation, and track closure with IT teams.
Access control administration: Support access review program and review identity protection logs.
Risk assessments: Support periodic risk assessments, evaluate control effectiveness, and document mitigation plans.
Vendor security reviews: Assess third-party risk, review SOC reports, ad ensure vendors meet security requirements.
Security awareness initiatives: Deliver training, run phishing simulations, and promote a strong security culture.
Audit and reporting: Prepare documentation for audits, board reports, and regulatory examinations.

Knowledge, Skills and Abilities

Required Qualifications

3-5 years of information security experience in a financial or regulated environment
Bachelors degree in a relevant Information Technology field
Knowledge of financial regulations such as GLBA, NCUA, and FFIEC
Experience with SIEM, EDR, and vulnerability scanning tools
Understanding of networking, operating systems, and security architecture
Ability to analyze threats and recommend mitigations strategies
Strong documentation and communication skills
Attention to detail, analytical thinking, cross team collaboration and adaptability in a regulated environment

Preferred Qualifications

Security certifications such as Security+, CySA+, CEH, or CISSP associate
Experience with core banking systems and financial applications
Scripting or automation skills (Python, PowerShell)

Equal Opportunity Employer/Veterans/Disabled. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or protected veteran status and will not be discriminated against on the basis of disability.

Job Posted by ApplicantPro