R

Information Security Analyst

Randolph-Brooks Federal Credit Union
Full-time
On-site
San Antonio, United States

Job Description and Requirements

The Information Security Analyst performs tasks to implement and maintain the data security controls that are mandated by policies and regulations. Works closely with the Director of Security Operations to identify and recommends opportunities to implement, enhance, develop, and strengthen the IT Security Team.  Research security vulnerabilities, implement security controls, configuration changes, patches and needed updates to resolve IT security issues. 

Essential Functions and Responsibilities:

  • Plan, coordinate and implement operating system, hardware and software security updates.

  • Maintain knowledge of current information security regulations and laws effecting the credit union’s records, processes, products and systems.

  • Works with IT department and members of the information security team to identify, select and implement technical control.

  • Keep up to date with latest security threats and vulnerabilities.

  • Reports findings concerning residual risk, vulnerabilities and other security exposures, including misuse of information assets and noncompliance.

  • Assists security configuration and operations standards for security systems and applications, including policy assessment and compliance tools, network security appliances, and host-based security systems.

  • Develops and validates baseline security configurations for operating systems, applications, networking and telecommunications equipment.

  • Assists IT staff in the resolution of security incidents and events.

  • Collaborates on IT projects to ensure that security issues are addressed throughout the project life cycle.

  • All other duties as assigned (note: essential functions and responsibilities may change or new ones may be assigned at any time with or without notice).

Requirements:

  • One to three years of technical information security experience performing tasks as described in the job description AND/OR three years hands on Windows or Linux system advanced administration and or SIEM, end point protection systems, vulnerability management systems, malware detection and remediation processes  

  • Secure coding knowledge desired 

  • Knowledge of computer system services, patch management software, mobile device management, 3rd party patch management software, end point protection systems, data loss prevention systems, vulnerability management systems, firewalls, proxies, malware detection and remediation processes

Skills and/or Certifications/Licensing:

  • Prefer relevant security certifications such as CompTIA Security+, CompTIA Linux+ or vendor related certifications from Microsoft or Cisco

All qualified applicants will receive consideration for employment without regard to race, color, sex, sexual orientation, gender identity, religion, national origin, disability, veteran status, or other legally protected status.