The Information Security Engineer Senior is responsible for designing, implementing and maintaining Logix technical cybersecurity controls, in alignment with business, policy and compliance requirements.
| • | Establishes foundational security capabilities as mature service offerings that allow for a seamless user experience. Initiates, coordinates and monitors progress on approved information security initiatives. | |
| • | Establishes and applies risk management principles for consistent tracking and measurement in compliance with industry standards. | |
| • | Supports governance, risk and compliance programs and leads maturity efforts including external regulator, auditor, and senior leadership information and materials. | |
| • | Assesses and analyzes employee risk due to accidental, incidental, and awareness security issues. Conducts scheduled penetration testing, simulating attacks on systems to find exploitable weaknesses. | |
| • | Engineers security solutions efficiently with a minimal technology footprint where possible while ensuring security. Researches, analyzes, and recommends security products, services and tools as needed. | |
| • | Audits identity and access methods to ensure a zero-trust framework for both production and development business application systems. | |
| • | Works with IT, business teams and vendors on security program initiatives and resolves security related issues through leadership of projects and technical implementations. | |
| • | Leads incident response, including steps to minimize impact. Conducts technical and forensic investigations into the source of exploits and the extent of impact. | |
| • | Performs forensic collection of evidence including retrieval, handling and chain-of-custody, processing and reporting with discretion and integrity. | |
| • | ||
| • | Provides consistent security guidance that enables new products and solutions to be built securely while validating and or measuring the efficiency of our security posture to include technology reviews, vulnerability assessments, and technical business risk assessments. |
Education
Minimum-4 Year / Bachelors Degree
Preferred- Graduate Degree
Experience
Minimum Years of Experience: 7
Preferred Years of Experience: 12
Comments: Must have at least 7 years information security experience preferably in the financial services industry.
| • | Expertise with endpoint security technologies (Intune, Crowdstrike EDR, Tanium UEM), and CIS operating system hardening. | |
| • | Expertise with Active Directory, Okta SSO/MFA, CyberArk PAM, Sailpoint IdentityNow and other relevant IAM technologies. | |
| • | Subject matter expertise of network security technologies, their implementation, operations and limitations, including - Firewalls (Palo Alto, Panorama), VPNs, Network IDS/IPS solutions, Network monitoring solutions (NDRs), Network Access Control solutions (Forescout), IPSec and TLS based VPNs, Email security. | |
| • | Strong understanding of networking protocols and the OSI model. | |
| • | Strong knowledge of business, network systems, hardware concepts, and applications including DNS, LDAP, virtualization, database design/hardening, e-mail/secure messaging, Data Loss Prevention, and end point protection. |
• Practice open Communication with all levels;
• Be Accountable by taking ownership of customer issues and responsibility for one’s actions;
• Foster Teamwork by cooperating and collaborating with other employees;
• Seek ways to make the workplace Fun for oneself & others;
• Conduct oneself with Integrity by being honest, trustworthy and ethical in all work activities and interactions;
• Work with a Service Orientation by having a genuine concern for the needs of one’s customers and by being friendly, professional and following through on commitments; and
• Demonstrate Humility in all interactions and remember to leave one’s ego at the door when one arrives to work.
Logix Federal Credit Union is an equal opportunity employer that does not discriminate in employment opportunities or practices on the basis of race, religion, color, sex, sexual orientation, gender identity, national origin, protected veteran or disability status, or any other status protected by law.