Salary Resume Critique Job Openings

ISO Security Analyst

APGFCU
Edgewood, MD Full Time
POSTED ON 3/26/2023 CLOSED ON 5/31/2023

What are the responsibilities and job description for the ISO Security Analyst position at APGFCU?

Description

APGFCU - Your Community Credit Union! For over 80 years, APGFCU has shared our financial experience and provided valuable products and services to build stability and financial independence, one member at a time. We are looking for those who want to join this movement and become a part of a growing organization. We offer competitive pay and great benefits.

Summary:

Under the direction of the Information Security Officer, the ISO Security Analyst - Risk Management will work proactively with departments, key decision makers and management to determine adequate and efficient security risk reduction strategies and establish acceptable levels of residual security risk for the Credit Union. This position will plan and conduct risk assessments and recommend improvements and security measures to protect the organization's operations, computer network and systems. Monitors external and internal security alerts and suspicious activity, and conducts security risk assessments according to established guidelines and procedures.

Essential Duties and Responsibilities:

Risk Management Duties

  • Complete Enterprise Risk Assessments (ERAs) and generate periodic risk metrics, dashboards, and trend analysis for management and leadership.
  • Maintain an automated risk assessment system to document and maintain the Enterprise Risk Assessments.
  • Coordinate with business line owners, Compliance, Internal Audit, and Information Technology in completing ERAs to identify risks and internal controls, evaluate inherent and residual risk to the Credit Union associated with projects and processes, and facilitate appropriate mitigation of significant risks.
  • Communicate effectively with all risk assessment stakeholders in a timely manner regarding information requests, risk assessment workshops and questionnaires, risk evaluations, control design evaluations, periodic updates to documented risk assessments, and other work necessary to maintaining a strong risk management program.

Security Duties

  • Monitor the organization's networks for security indicators of compromise, potential breaches and investigate as issues are identified.
  • Monitor threat alerts from groups including FS-ISAC, US-Cert, SANS and DHS. Analyze the environment for vulnerabilities and risks related to new threats.
  • Monitor information security systems, including, but not limited to: vulnerability scanners, Security Event Management (SEM) systems, antivirus, and Web and email security.
  • Investigate and prepare reports that document security breaches and the extent of the damage caused by the breaches.
  • Conduct penetration testing and risk assessments, simulating attacks to look for vulnerabilities in systems before exploited.
  • Research the latest information technology (IT) security trends, security standards and best practices for the organization.
  • Recommend changes to the Information Security Program (ISP) based on needs and/or information security best practices.
  • Recommend information technology security enhancements to management or senior information technology staff.

Documentation & Reporting:

  • Prepare and file security audit reports, and communicate with management as needed, under the direction of the Information Security Officer and the Senior Vice President of Security Fraud.
  • Maintain department logs and statistics, providing standard reports as scheduled and ad hoc reports as needed.

Confidentiality: Always safeguard and treat as confidential all information acquired in the performance of duties; never discloses information to anyone except as necessary in the course of normal business activities for the credit union; never uses any information obtained in a manner adverse to the interest of the credit union and its members. Information released outside of the department must be approved prior to the release.

Professional Development: Remain current and be knowledgeable of all aspects of local, state and federal privacy and cyber security laws that may affect the credit union. Maintain any current audit and or cybersecurity professional certifications.

Other: Performs other related duties as assigned.

Additional: Responsible for completion of applicable training and compliance on federal regulations and APGFCU policies and procedures as related to the duties of this position (Bank Secrecy Act, Information Security as examples, if applicable).

Qualifications:

EDUCATION: Associate's degree required; Bachelor's Degree in Information Security preferred. Experience can be credited in lieu of education.

EXPERIENCE: Two to five years' experience in a security related role, such as a security analyst or a systems administrator. A security certification such as CISSP, CISM, CEH, CISA, or Security is preferred, but not required.

KNOWLEDGE, SKILLS AND ABILITIES: Requires excellent oral, written, and organization skills. Must be able to appropriately handle information and situations of a sensitive and confidential nature. Produces accurate and grammatically correct reports in a timely manner. Must have the ability to work independently toward strategic business results and be part of a team. Requires the ability to handle multiple priorities in a fast-paced environment, with detail orientation. Must be proficient in Microsoft applications and security systems in a Windows environment. Must become and remain proficient with software systems applicable to the credit union to include, but not limited to, O365 and core system software.

PHYSICAL DEMANDS: The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. The employee must occasionally lift and/or move up to 30 pounds.

TRAVEL: Vehicle required. Position requires travel to various branch and offsite locations.

HOURS: Hours may vary; may require nights and weekends as needed.

APGFCU is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability to Protected Veteran status. Please use the attached link to view the EEO law poster http://www1.eeoc.gov/employers/poster.cfm

APGFCU is committed to working with and providing reasonable accommodations to persons of all abilities, including persons with disabilities. If you need a reasonable accommodation for any part of the employment process, please send to the Human Resources Department and let us know the nature of your request and your contact information. Reasonable accommodations are considered on a case-by-case basis. Please note that only inquiries concerning a request for reasonable accommodations will be responded to from this e-mail address.



Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities

The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor's legal duty to furnish information. 41 CFR 60-1.35(c)

 

DoD SkillBridge: Cyber Intelligence Analyst
TeamWorx Security, Inc. -
Columbia, MD
View Job Details
Deputy Incident Response Analyst
Iron Vine Security, LLC Career Center -
Baltimore, MD
View Job Details
Information Security Analyst
Dobbs Defense Solutions, LLC -
Columbia, MD
View Job Details

For Employer
Looking for Real-time Job Posting Salary Data?
Keep a pulse on the job market with advanced job matching technology.
If your compensation planning software is too rigid to deploy winning incentive strategies, it’s time to find an adaptable solution. Compensation Planning
Enhance your organization's compensation strategy with salary data sets that HR and team managers can use to pay your staff right. Surveys & Data Sets

Sign up to receive alerts about other jobs with skills like those required for the ISO Security Analyst.

Click the checkbox next to the jobs that you are interested in.

  • Audit Management Skill

    • Income Estimation: $82,793 - $104,233
    • Income Estimation: $85,617 - $119,600

  • Control Objectives for Information and Related Technology (COBIT) Skill

    • Income Estimation: $82,793 - $104,233
    • Income Estimation: $104,988 - $133,102
This job has expired.
Employees: Get a Salary Increase
View Core, Job Family, and Industry Job Skills and Competency Data for more than 15,000 Job Titles Skills Library

Not the job you're looking for? Here are some other ISO Security Analyst jobs in the Edgewood, MD area that may be a better fit.

Information Security Officer (ISO) Subject Matter Expert (SME)

4A CONSULTING LLC, Ellicott, MD

Mid Security Analyst

Iron Vine Security, LLC Career Center, Baltimore, MD

View More Jobs