Information Security Engineer - Remote

Company: PSCU
Location: Tulsa
Posted on: June 24, 2022

Job Description:

Join the people helping people.

For people drawn to serving others through their work, PSCU is a place to thrive, as we serve our credit union members best by taking care of each other first.

If you want to help shape an industry, challenge yourself, and invest in your own future, this is the place for you. PSCU is a highly accessible environment where you're empowered to think on your feet, work from your heart, and discover the very best version of your professional and personal self. "Our Momentum. Your Moment."

This application is the first step in seizing your moment.

This position provides analysis, troubleshooting and resolution of complex technical problems that impact the Information Security structure at data, application, service, operating system, and network levels. The Information Security Engineer will secure company systems and applications, identify potential weaknesses, assess risk and outline remediation strategies. They will monitor and analyze threats, identify potential IT security incidents, and escalate information to appropriate staff. Individual will assess vulnerability information from all sources (internal and external) and apply applicable mitigation techniques, conduct enterprise vulnerability analysis and assessments, and develop mitigation and remediation plans as a result of vulnerability assessment findings.

The Security Engineer will leverage systems and network knowledge to integrate appropriate security functions into an operational environment. They will also coordinate deployment of security technologies and processes, using structured project management methodologies for coordinating cross-functional resources, tracking project milestones, creating supporting documentation and reporting status regularly.

Essential Functions & Responsibilities

Resolve customer escalations involving phishing, malware, and anomalous network or server behavior; utilize technical and customer skills to identify security problems, policy violations and high-risk threats; use independent judgment to resolve issues in a timely manner before escalation is needed.
Maintain knowledge of the IT security industry including the awareness of new or revised security solutions, improved security processes and the development of new attacks and threat vectors; recommend additional security solutions or enhancements to existing security solutions to improve overall enterprise security.
Maintain, modify, and enhance automated Information Security functional system tests and evaluations, risk assessments, software and hardware evaluations, access control, and other related systems; execute risk assessments and risk management planning related to the information security features of systems, networks, and related administrative activities.
Provide coordination and maintenance of disaster recovery, contingency planning, and testing that will mitigate against systems and information losses and assure a successful recovery of the systems and information.
Provide identification and analysis of information security business practice irregularities and information security inactions and violations, conduct detailed inquires, assess potential damage, monitor corrective action and recommend cost-effective preventative measures to preclude recurrences.
Perform the deployment, integration and initial configuration of all new security solutions and of any enhancements to existing solutions in accordance with standard best operating procedures and the enterprises' security documents.
Maintain and administer the corporate security tools, including but not limited to: o Vulnerability Management o Endpoint Malware detection o Email spam gateways o Data Loss Prevention (DLP) o Firewall Monitoring o Internet Proxy o Network Malware Gateways o IPS/IDS o Splunk.
Monitor security architecture for capacity and capability; Provide technical security expertise when investigating security incidents; Provide 2nd level support for security questions and issues while supporting other security engineers.
Monitor, configure and upgrade the necessary controls and procedures to cost-effectively protect information systems assets from intentional or inadvertent modification, disclosure or destruction; monitor systems and security tools for security alerts and escalate as needed.
Update existing departmental documentation and create documentation for new processes; develop and implement information security policies, standards and procedures.
Participate in the planning and design of enterprise security architecture.
Direct staff as requested by IT Management to ensure all duties are performed according to departmental performance standards, as assigned.
Work in a team environment ensuring that departmental SLAs and other time and quality commitment KPIs are met at all times.
Perform other duties as assigned.

Requirements:

Three (3) years of experience in IT Security role with direct hands-on experience with coordinating Unix/Linux and Windows systems, complex networks, monitoring and analysis, cyber threat analysis, and vulnerability analysis required
Association with security industry groups (ISSA, ISACA, (ISC)2, ASIS) required

Bachelor's degree in Computer Science related discipline, or equivalent combination of education and experience in information technology required
Information technology or security certification required in at least one of the following: GCWN, RHCE, CCNA, CISSP, CISA, CISM, CCSP, GSE, GSNA, GSAE

Knowledge, Skills, & Abilities

Demonstrate behaviors based on PSCU values: Excellence, Innovation, Leadership, Passion, Trust, and Diversity, Equity, & Inclusion
Ability to understand and interpret technical concepts and procedures; general understanding of platform/application-specific technology, such as intrusion detection, firewalls, host-hardening, vulnerability management, encryption, patch management and shell / web scripting
Strong customer service skills with the ability to interact with all levels of personnel through verbal and written communication skills
Expertise to translate complex technical concepts into business or "common" language; ability to think and act pragmatically or "in the grey" rather than in the absolute black-and-white realm of information security
Ability to manage multiple projects, work in fast-paced environment, and meet deadlines
Experience in for performing 1st level analysis and interpretation of information from SOC systems, incident identification/analysis, escalation procedures, and reduction of false-positives
Demonstrated experience consistent with ISO 27001, ITIL and other controls that are applicable to network security monitoring/analysis, event escalation, cyber threat analysis, and vulnerability analysis
Demonstrated experience using and applying open- and closed-source resources within a corporate environment
Knowledge of authentication technologies and processes (VPN, SSL, SSH, PKI, etc.); experience implementing a manageable and scalable public key and certificate management infrastructure
Experience in monitoring, evaluating, and interpreting vulnerabilities, CVEs, remedies, mitigation measures, techniques for escalation, social engineering tactics, phishing techniques, and performing vulnerability assessments
Experience with compliance issues related to PCI DSS, SSAE16 (SAS70), SOX GCCs and financial requirements such as FFIEC, GLBA, NCUA, NACHA, etc.
Demonstrated analytical and quantitative skills
Ability to exercise discretion and good judgment in making decisions
Ability to find solutions through technical documentation, Internet searches or peer interactions
Experience using a ticketing system to create, track and manage issues
Proficiency in word processing and spreadsheet computer software applications
Ability to maintain confidentiality of materials handled
Ability to be flexible and work under high pressure in a complex environment

Pay Equity

PSCU is committed to pay equity and a competitive benefits package. The typical annual hiring range for this position based on relevant experience and internal equity is:

$60,500.00to

$88,700.00*Note: The amount shown is based on full time annual salary and would be prorated based on role.

In addition this position is eligible for an incentive plan, based on performance.

Benefits

At PSCU, everything we do recognizes the fact that our employees are our most important asset. That's why we are committed to a work/life integration that goes above and beyond to ensure that you have quality time at home with your family and/or to pursue outside interests and aspirations. We back this up with generous PTO, the opportunity to work remotely, flexible scheduling, and a management team that understands how to adjust when the unexpected curveballs of life happen.

Check out the comprehensive benefits PSCU has to offer that further solidifies our reputation as a company that just "gets it" when it comes to balancing life's planned and unplanned events while equipping you with all the tools for growth.

PSCU offers:

Beautiful, state-of-the-art campuses

Endless opportunities for advancement

Competitive wages

Generous paid time offand paid holidays

Our benefits package includes:

Medicalwith telemedicine, no-cost diabetes supply program, and expert medical opinion services

Dental and Vision

Basic and Optional Life Insurance

Company Paid DisabilityInsurance

401k (with employer match)

Health Savings Accounts (HSA) with company provided contributions

Flexible Spending Accounts (FSA)

Supplemental Insurance

Legal Plan

Pet Insurance

Adoption Assistance Plan

Mental Health and Well-being: Employee Assistance Program (EAP)

Mental health and Well-being: Virtual mental health support and resources

Tuition Reimbursement

Wellness program

Back-up child care program

Benefits are subject to generally applicable eligibility, waiting period, contribution, and other requirements and conditions.

If this position requires you, now or in the future, to perform your function or report onsite at a PSCU location or travel on behalf of PSCU, entry procedure and Covid protocols are in place that will require your adherence as a condition of employment. PSCU manages these procedures and protocols requiring your use of third party digital applications, in compliance with federal, state, and local laws.

Please Note: For roles with certain levels of travel and/or company car usage, PSCU will require a completed Motor Vehicle Report, valid driver's license, and proof of insurance at time of hire and annually.

All applications are reviewed by an AIRS Certified Diversity and Inclusion Recruiter. Learn more about our commitment to Diversity, Equity, and Inclusion HERE!

As a matter of operational management limitations and business administrative process parameters, remote position assignments at PSCU are geographically restricted to where PSCU currently operates. As a result, we are unable to proceed with applications from those state residents. Applicants are encouraged to apply for other available opportunities for which they qualify.

PSCU is an Equal Opportunity Employer. We consider applicants without regard to race, color, religion, age, national origin, ancestry, ethnicity, gender, gender identity, gender expression, sexual orientation, marital status, veteran status, disability, genetic information, citizenship status , or membership in any other group protected by federal, state or local law.

PSCU is an Equal Opportunity Employer that complies with the laws and regulations set forth in the following "EEO is the Law" Poster and the "EEO is the Law" Poster Supplement. PSCU will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the legal duty to furnish information.

For positions based out of our Phoenix, Arizona location, PSCU is an E-Verify Employer. Please click here for the E-Verify Poster in English or Spanish. For information regarding your Right To Work, please click here for English or Spanish.

As an ongoing commitment to reasonably accommodate individuals with disabilities, PSCU has established alternative methods to complete the application process. Disabled applicants needing assistance are encouraged to submit resumes via our careers page submission button If further assistance is required.

Keywords: PSCU, Tulsa , Information Security Engineer - Remote, Engineering , Tulsa, Oklahoma