Information Security Administrator - Long Term Contract
Closing Date: Dec. 13, 2019
Elevations Credit Union
Boulder - Boulder County
Competitive Compensation Package
When joining Elevations, you can expect to work for a company that:
Provides amazing experiences and creates raving fans.
Strives to provide solutions for a better life and promises employees it will be the best place they have ever worked.
Wins awards such as “Best Bank”, “Best Companies to Work for in Colorado” and even the “Malcolm Baldrige National Quality Award”, the only Presidential award for quality.
Has a highly-engaged workforce and emphasizes career growth, empowerment and servant leadership.
What’s in it for you:
Competitive pay, organization-wide incentive program, 401k matching, mortgage and auto discounts
4 weeks min. paid time off, work anniversary paid time off, 11 paid holidays, and 16hrs paid volunteer time off
Medical, dental, and vision health plans with FSA or HSA options
Onsite fitness center, Zumba and yoga classes, health fairs with biometrics screening and flu shots
Employee Assistance Program with a variety of services
Career development, trainings, career coaching, job shadowing, mentoring program, tuition reimbursement up to $5,000/year, and a recognition system
Culture of excellence and continuous improvement
We strive to be the best place you’ve ever worked!
Elevations Credit Union, a leading Colorado financial institution, is seeking an Information Security Administrator to join our team and oversee the day-to-day administration of information security tools and devices, as well as first-level and second-level support for security information and event management (SIEM). This is a hands-on role that requires a high level of technical expertise. The person in this position is responsible for a broad range of tasks, which may include significant responsibilities for the security administration of a wide variety of IT systems across the enterprise.
The individual in this position will monitor network traffic for security events and performs triage analysis to identify security incidents. This position responds to computer security incidents by collecting, analyzing and preserving digital evidence to ensure incidents are recorded and tracked in accordance with SOC requirements. SOC Tier 2 Analysts work closely with IT and ERM to assess risk and provide recommendations for improving our security posture. You must be a critical thinker who can efficiently solve problems, work well in an ever evolving environment, and contribute to team meetings and the overall information security process.
To succeed in this position, you should enjoy working under pressure in a deadline oriented environment, and be flexible, open-minded, with the ability to manage ambiguity and uncertainty, which are important for success in this role. You’ll be a vital, trusted member of this tight-knit team, an exemplar of cultural alignment and the highest professional standards.
Essential Functions Include:
-Point of contact with MSSP and integrating logs and alerting configuration
-Conduct research on emerging security threats.
-Provides correlation and trending of cyber incident activity.
-Develops threat trend analysis reports and metrics.
-Supports SOC analysis, handling and response activity.
-Maintains situational awareness reports for advanced threats such as Advanced Persistent Threat (APT) and Focused Operations (FO) incidents.
-Ensure that a complete, accurate and valid inventory of all systems, infrastructure and applications is conducted that should be logged by the security information and event management (SIEM) or log management tool.
-Establish a taxonomy of indicators of compromise (IOCs) and share this detail with other security colleagues, including the security operations center (SOC), information security managers and analysts, and counterparts within the network operations center (NOC).
-With guidance from the CISO, or the individual responsible for overall security direction, and in conjunction with SOC colleagues, establish procedures — including escalations — for when IOCs are discovered.
-Conduct code reviews of applications to determine security flaws or other issues that would impact the confidentiality, integrity or availability of the system.
-Coordinate with DevOps teams to advocate secure coding practices and escalate concerns related to poor coding practices to the CISO or the individual responsible for the overall security direction.
-Coordinate with the privacy officer to document data flows of sensitive information within the organization (e.g., PII or ePHI) and recommend controls to ensure this data is adequately secured (e.g., encryption, tokenization, etc.).
-Validate IT infrastructure and other reference architectures for security best practices, and recommend changes to enhance security and reduce risk where applicable.
-Validate security configurations and access to security infrastructure tools, including firewalls, intrusion prevention systems (IPSs), web application firewalls (WAFs), anti-malware/endpoint protection systems, etc.
-Review network segmentation to ensure least privilege for network access.
-Conduct reviews of and oversee the change management function for security rulesets for the organization's firewalls.
-Validate that security and other critical patches to firmware and operating systems are configured and deployed in a timely fashion.
-Liaise with the vendor management team to conduct security assessments of existing and prospective vendors, especially those with which the organization shares intellectual property, PII, ePHI, regulated or other protected data, including:
*Cloud/infrastructure as a service (IaaS) providers
*Managed service providers
-Evaluate the statements of work from these providers to ensure that adequate security protections are in place. Assess the providers' SSAE 16 SOC 1 and SOC 2 audit reports (or alternative sources) for security-related deficiencies and required "user controls," and report any findings to the CISO and vendor management teams.
Education and Experience:
-Bachelors or equivalent experience
-5+ years project related experience
-Deep packet and log analysis
-Some Forensic and Malware Analysis
-Cyber Threat and Intelligence gathering and analysis
-The ability to take lead on incident research when appropriate and be able to mentor junior analysts.
-Experience managing cases with enterprise SIEM like QRadar, LogRhythm and NTT.
-Working knowledge of any of the following tools is required: Nessus, Varonis, Wireshark, Nexpose, Qualys,
Cylance Endpoint, Security Analytics, Snort, NMap, NIKSUN, Wireshark or other information security tools.
-One or more certifications, including but not limited to: GCIH, GCIA, GCFE, GREM, GCFA, GSEC, CEH, CISSP, CCNA (Security), Security + or equivalent.
-Ability/experience in training and supervising junior analysts.
-Direct, hands-on experience or strong working knowledge of managing security infrastructure — e.g., firewalls, intrusion prevention systems (IPSs), web application firewalls (WAFs), endpoint protection, SIEM and log management technology
-Verifiable experience reviewing application code for security vulnerabilities
-Direct, hands-on experience or a strong working knowledge of vulnerability management tools
*Full-stack knowledge of IT infrastructure:
*Operating systems — Windows, Unix and Linux
*IP networks — WAN and LAN
Work Environment: This job operates in an office setting and routinely uses standard office equipment
Physical Requirements: Sitting frequently, walking occasionally, use of hands frequently, hearing constantly, talking frequently, exerting up to 10 lbs of force occasionally and up to 25 lbs of force infrequently to lift, carry, push, pull, or move objects.
Position Type/Expected Hours of Work: Full time / 40 hours per week
Classification: Contract to hire
Location: Elevations Support Center
Other Duties: Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities and activities may change at any time with or without notice.
About Us: Elevations Credit Union is a member-owned not-for-profit financial institution serving Colorado’s Front Range. Founded in 1953, we’ve grown from 12 members and less than $100 in assets to an institution with 13 branches and more than 120,000 members that manages over $2 billion in assets and is the No. 1 credit union mortgage lender in Colorado. At Elevations, we’ve made a commitment to move away from a product-centered business model and focus instead on creating consumer solutions. Our objective is to provide our members, as well as the entire community, with unbiased consumer information.
EEO Statement: Elevations Credit Union is an equal opportunity employer. We do not discriminate on the basis of race, color, religion, marital status, age, national origin, ancestry, physical or mental disability, medical​​​ condition, pregnancy, genetic information, gender, sexual orientation, gender identity or ​expression, veteran status, or any other status protected under federal, state, or local law. All aspects of employment including the decision to hire, promote, discipline, or discharge, will be based on merit, competence, performance, and business needs.
Candidates for certain positions may be required to submit to a credit history report in determining qualification for employment with Elevations Credit Union. If the position you are applying for requires a credit history report, any information received in such a report will not be the sole factor in making an employment decision. A history of personal financial irresponsibility may be reason for disqualification insofar as it relates to your potential job duties. Elevations Credit Union is aware that occasionally there are extenuating circumstances that may affect an individual's credit history. We comply with the Fair Credit Reporting Act and the Colorado Employment Opportunity Act.