STCU is a growing regional credit union that is consistently rated one of the top-performing credit unions in the nation, and we have been named as one of Fortune Magazine’s Great Places to Work. We look for employees who have a strong desire to serve others, are lifelong learners, are committed to working hard, have a fun-loving attitude, and who want to make a difference in our members’ lives. We love people who share our passion for integrity, service, innovation, education, people, and celebration.

STCU offers excellent benefits:

• Paid time off
• Ten paid holidays
• Health plan – medical, prescription drug, dental, and vision
• Short-term disability insurance
• Life insurance and long-term disability insurance
• 401(k) retirement savings plan
• Training and development programs
• Semi-annual success sharing plan

The Information Security Analyst is responsible operational and continuous monitoring of information security events at STCU. This role will provide efficient and effective deployment and maintenance of filtering devices, network taps, log aggregators and policy enforcement modules that support the STCU information security program goals and objectives.

Principal Accountabilities
Security Infrastructure Performance, Availability, Reliability

• Manage and monitor security solutions that meet the organizational goals and objectives.
• Perform periodic vulnerability assessments, penetration tests, and security audits; and provide reports for review and corrective action.
• Establish and maintain configurations of security solutions per industry best practices and STCU security standards.
• Participate in the planning and design of enterprise security architecture.
• Participate in the deployment, integration and initial configuration of new security solutions or enhancements to existing security solutions.
• Assess and communicate security risks associated with system purchases or organizational practices.
• Promote the ongoing integration of information security with business strategies and requirements.
• Participate in the development, publishing, and maintenance of comprehensive organizational information privacy and security plans, policy, guidelines and procedures.
• Prioritize and resolve security related Help Desk requests.
• Maintain up-to-date and detailed knowledge of the IT security industry, including awareness of new or revised security solutions, improved security processes and the development of new attacks and threat vectors.
• Maintain, develop, and review new and existing system related metrics to evaluate performance and utilization against defined baselines.
• Provide input for budget requests for continued maintenance and new technologies that would improve organization effectiveness and information security.

Incident Response and Monitoring

• Monitor STCU security solutions 24X7 for efficient and effective operations.
• Review comprehensive logs and reports for STCU systems to detect and identify potentially malicious behavior or indications of potential compromise within the enterprise.
• Perform incident response to contain, investigate, and prevent future computer security breaches.
• Monitor, investigate, resolve and maintain reporting for incident responses.

Compliance, Security Program and Disaster Recovery

• Participate in the creation and delivery of information security awareness and training initiatives to educate STCU staff and ensure consistently high levels of compliance with enterprise security policies and practices.
• Demonstrate testing methodologies to validate documentation and recovery process capabilities and provide written test results for required testing time frames.
• Adhere to security procedures and fraud controls to protect members, staff, and assets.

Knowledge, Skills and Abilities

• Bachelor’s Degree in Computer Science or related field is required. At least five years’ experience in network systems and/or security or an equivalent combination of education and experience may be considered lieu of the degree requirement.
• Familiarity with application and operating system hardening, vulnerability assessments, security audits, penetration testing, TCP/IP and UDP operation and analysis, intrusion prevention systems, firewalls, VPNs, and other security control systems.
• Strong understanding of various operating system implementations including Windows, Linux, and virtualization technology.
• Ability to utilize programming techniques to perform analysis and computation when developing solutions and increasing security analysis efficiencies.
• Ability to weigh business risks and enforce appropriate information security measures.
• Demonstrated familiarity using packet analyzers for technical troubleshooting and security analysis.
• Ability to actively participate in meetings, interviews and presentations with all levels of staff in the credit union.
• A demonstrated ability to quickly establish rapport on a professional level.
• Demonstrated ability to think, plan and implement with a strategic focus.
• Strong written and verbal communication skills.
• Strong interpersonal skills required, including maintaining positive relationships and excellent customer service skills.
• Ability to work effectively and collaboratively in a diverse work group, as well as independently with minimal supervision.
• Ability to adapt to changes and prioritize and manage competing demands.
• Ability to read, analyze and interpret data and understand and communicate complex and diverse information, and effectively present information and respond to questions from groups of managers, clients, and the general public.
• Ability to solve medium to complex problems and deal with a variety of situations exercising flexibility and sound judgment in a fast-paced environment.
• Ability to make practical and timely decisions and explain reasoning behind decisions.
• Strong work ethic required, including the ability to complete duties on time, consistently arrive at work on time as scheduled, and ability to work flexible and/or extended hours, weekends, overtime, and to be on-call within a one hour response time as needed. 

Physical Abilities

• Must be able to regularly talk, hear, and operate a computer keyboard and mouse.
• Occasionally lift, pull/push, and carry up to 25 pounds.

Work Environment

• Exposure to constant or intermittent sounds at a low or moderate level consistent with an office setting.
• Exposure to high-stress, fast-paced, deadline-oriented environment.

Please review our website for more information at www.stcu.org/careers.