Senior Security Engineer

At VyStar, we offer competitive pay, an excellent benefit package that includes a 401(k) Plan, an extensive paid technical and on-the-job training program, and tuition reimbursement--available to all full and part time employees. Part time positions start at a minimum of 30 hours per week.

We encourage you to become a part of VyStar Credit Union's family of employees.

ESSENTIAL JOB FUNCTIONS

• Acts as a subject matter resource on projects and coordinates with other departments throughout VyStar to ensure security is considered throughout the enterprise.
• Work with project managers and members of various project teams to ensure security requirements are designed into projects.
• Develops requirements, strategies, and architectures to address information security needs.
• Lead small and midsize projects from design through the implementation phase for key layers of security infrastructure.
• Engage business partners to understand requirements and ensure compliance with VyStar's Information Security Standards.
• Collaborate with team on the architecture, design and implementation of new security infrastructure, standards, and solutions to protect VyStar's enterprise assets.
• Develop formal guidance and documentation around the processes and procedures for administering and maintaining the enterprise security posture.
• Security Infrastructure includes firewalls, IDS/IPS, routers and switch access control lists (ACLs), virtual private network (VPN) solutions, email security related devices, 802.1x, sandboxing, content filtering, and network segmentation.
• Security Systems security such as anti-virus, multi-factor authentication, host-based IPS/IDS, host-based firewalls, encryption technologies, Public Key Infrastructure (PKI) and system hardening standards.
• Operations Security relates to SIEM Management, Vulnerability Management, and security analysis such as threat hunting.
• Experience with Cloud Security.
• Research and advocate new technologies, architectures, and security products that will support security requirements for the enterprise.
• Assist the team in monitoring and reporting on key metrics for enterprise security reliability, change issues, and enterprise security posture.
• Maintains accurate documentation.
• Assist the IT teams with vulnerability remediation and validation.
• Ability to function effectively within a team as well as a willingness to guide and mentor others is essential.
• Act as part of the Incident Response program.
• Participate in on-call rotation.
• Follow strict change control processes.

JOB QUALIFICATIONS

Education

Bachelor's degree in Information Security, Computer Science, Information Systems, or another related field is preferred, but not required.

Certifications

A professional certification in Information Security such as Security+, CISSP, or GIAC is required. Obtain necessary continuing professional education hours to retain professional certification(s) and continuously build individual knowledge.

Experience

• 5+ years of work experience in Information Security
• 3+ years of work experience in Security Infrastructure, Operations/Analysts or Systems

Knowledge, Skills, and Abilities

• Strong understanding of security design related to firewalls, VPN, IDS/IPS, and endpoint security.
• Solid understanding of network protocols, ports, and services.
• Strong analytical and problem-solving skills.
• High level of ethical integrity, with the ability to maintain confidential and sensitive information appropriately.
• Experience in a mid-size to large infrastructure consisting of a significant number of servers and users.
• Specific hands-on experience with information security risk management and mitigation, content filtering, email filtering, anti-virus solutions, routers, switches, configuration management, encryption standards and incident response.
• Experience with vulnerability management software and SIEM platforms.
• Advanced knowledge of network based, system level and application layer attacks and mitigation methods, and TCP/IP, HTTP/S, and related protocols.
• Ability to utilize best practices for server and network equipment for best suited hardening standards.
• Ability to clearly and effectively communicate concerns, issues, and research to other teams.
• Strong written and verbal communication skills.
• Experience in developing, documenting, and maintaining security procedures.

DISCLAIMERS AND WORK ENVIRONMENT

Nothing in this position description is an implied contract for employment. The position description is intended to be an accurate account of the essential functions. The functions are not all encompassing and are subject to change at any time by management.

The work environment characteristics described are representative of those that an employee encounters while performing the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

As required or requested, may exert up to 20 pounds of force occasionally and/or a negligible amount of force constantly to lift, carry, push, pull or otherwise move objects.

VyStar Credit Union is not seeking outside assistance or accepting unsolicited resumes from staffing agencies or search firms for employment or contractor opportunities. Any resumes submitted by an outside vendor to any employee at VyStar via e-mail, internet, or directly to hiring managers without a valid written search agreement with the Talent Acquisition / HR department will be deemed the sole property of VyStar Credit Union.

No placement fee will be paid if a candidate is hired as a result of the referral, or through other means.

Thank you for your inquiry regarding our current job opening. Your resume will be carefully reviewed against the position requirements. Should your experience and skills match, you will be contacted by one of our Human Resources department staff members.

Thank you again for your interest in this position!

VyStar Credit Union Human Resources