Information Security Engineer I at Desert Financial Credit Union

The Information Security Engineer I is responsible for safeguarding our organization's computer networks and systems, ensuring the confidentiality, integrity, and availability of sensitive data. This role involves supporting the planning and implementation of our information security strategy, developing and enforcing security standards, and responding to security threats and incidents. The Information Security Engineer will continuously monitor the security landscape, recommending and implementing security enhancements to protect against infiltration and cyber-attacks.

What you will do here:

Security Monitoring and Incident Response:

Monitor networks and systems for security breaches, anomalies, and unauthorized activities.

Develop and maintain intrusion detection systems (IDS) and intrusion prevention systems (IPS).

Scan and monitor networks to identify possible vulnerabilities and intrusions and build tools and strategies to resolve possible causes of security threats and report findings/solutions to IT Leadership.

Support the development of the incident response plans and procedures to ensure that business-critical services are recovered in the event of a security incident. Include forensic analysis, root cause determination in all reporting.

Administer and manager security tools, configure and troubleshoot security infrastructure devices.

Threat and Vulnerability Management:

Continuously scan the security environment to identify potential threats and vulnerabilities.

Conduct regular vulnerability assessments and penetration testing to evaluate the effectiveness of security controls.

Implement and manage patch management processes to mitigate identified vulnerabilities.

Documentation and Reporting:

Maintain detailed documentation of security configurations, incidents, and actions taken.

Prepare regular reports on security metrics, incidents, and compliance status for management review.

Security Enhancements:

Recommend and implement security enhancements to improve the organization's security posture.

Research and deploy advanced security technologies, such as encryption, firewalls, and multi-factor authentication.

Work with IT teams to ensure secure configuration and maintenance of servers, networks, and applications.

Information Security Strategy:

Assist in the development and implementation of the organization's information security strategy.

Collaborate with cross-functional teams to align security initiatives with business goals.

Provide expert advice on security design and architecture to ensure robust protection against emerging threats.

Security Standards and Best Practices:

Develop, implement, and maintain security standards, policies, and procedures.

Ensure compliance with industry regulations and best practices, including ISO 27001, NIST, and GDPR.

Perform on-going security reviews and audits to validate, troubleshoot and improve applications' security. Participate in customer and internal audits and penetration tests. Partner with internal and external auditors as well as federal regulators and department management with information security governance and compliance activity investigations.

Security Awareness and Training:

As needed. educate employees on security best practices and promote a culture of security awareness across the organization.

What you will need:

Bachelor’s degree in information security, computer science, or related degree preferred; or equivalent combination of education and experience required.

4+ years of experience in information security or a related role required

2+ years experience in a Financial Services preferred.

Detailed knowledge of security protocols, cryptography, and security technologies required.

Expertise with security tools such as firewalls, IDS/IPS, SIEM, and vulnerability scanners required.

Demonstrate knowledge and expertise of risk assessment tools, techniques and methods including development of procedures and incident response plans required.

Demonstrated knowledge of regulatory requirements and industry standards required.

Demonstrated competency securing technical systems and platforms required.

Demonstrated effective collaboration across the organization and ability to effectively communicate network security issues to peers and management required.

Strong problem-solving skills and the ability to work under pressure required.

Security+ preferred.

Network+ preferred.

PCIP preferred.

CISSP preferred.

CEH – Certified Ethical Hacker preferred.

We are proud to be an EEO/AA employer M/F/D/V. We maintain a drug-free workplace and perform pre-employment substance abuse testing.

For additional information about our organization, careers, and benefits visit: http://www.desertfinancial.com/careers.