Enterprise Security Analyst II

Position Description                                                                                          

Department:         Enterprise Risk Management

Reports to:            Information Security Officer

Supervises:            N/A

Skill Levels: Analyst

Position Purpose                                                                                                

The primary purpose of this position is to support the Information Security Officer (ISO) in upholding Associated Credit Union’s (ACU’s) mission to offer members financial products that fulfill their needs, service that exceeds their expectations, and relationships that inspire their trust. This position supports the achievement of the organization’s core values of Integrity and Trust.

The Information Security Officer (ISO) is responsible for developing and implementing a comprehensive information security strategy that aligns with the organization’s business objectives and strategic technology plan. The Enterprise Security Analyst II (ESA II) supports the ISO by performing a wide variety of tasks aimed at protecting the credit union’s information and systems from security threats. These responsibilities include monitoring, analyzing, and responding to security events and incidents, implementing and maintaining security controls and contributing to the development of security policies and procedures. The ESA II also plays a role in risk management, vulnerability assessments, and promoting compliance with applicable laws, regulations, and internal policies.

Essential Functions & Core Duties                                                                    

Security Operations & Incident Response:

• Monitor and investigate: Continuously monitor networks and systems for security events, investigate incidents, and promptly notify the ISO, providing threat analysis and remediation recommendations.
• Implement security systems: Install and maintain security software, appliances, and systems to protect sensitive information and critical systems from unauthorized or malicious access.
• Participate in incident response: Follow incident response plans, participating in investigations of security events and incidents in collaboration with the Technology Services and Risk Management departments.
• Implement security controls: At the direction of the ISO, implement security policies, procedures, and controls across the organization.
• Remain current on the threat landscape: Monitor emerging cyber threats and vulnerabilities and recommend adjustments to security measures as appropriate.
• Communicate security risks: Communicate identified security risks to the ISO in an effective and timely manner, along with proposed mitigation steps.

Risk Management & Compliance:

• Support security documentation: Support the ISO in drafting information security policies, procedures, and guidance aligned with the organization’s security goals, objectives, and roadmap.
• Participate in identifying, assessing, and mitigating risks: Participate in risk assessments to identify potential threats and vulnerabilities to information assets, contribute to the development of mitigation plans for identified gaps, and support the maintenance of a risk register to track and report on the status of proposed resolutions through completion.
• Contribute to projects: Participate as assigned on project teams to promote security awareness and ensure that security is factored into projects from the design phase through implementation. Support the ISO on projects that involve security tool and system upgrades, replacements, and additions.
• Promote compliance: Demonstrate a commitment to compliance by implementing practices that align with security and privacy policies as well as applicable laws, regulations, and guidelines.
• Participate in business continuity and disaster recovery activities: With minimal oversight, carry out assigned roles to restore systems and recover from security incidents to minimize downtime and impact.
• Vendor analysis: Participate in the assessment and management of security risks associated with technology and information services provided through third-party vendors and contractors.

Education & Awareness:

• Demonstrate security professionalism: Actively participate in training and professional development to maintain and enhance knowledge and skills appropriate to a security professional committed to security awareness and continuous improvement.
• Promote security awareness: Advocate for organizational security policies and best practices with all users.
• Support the ISO with security training: Participate in security awareness training initiatives led by the ISO.

Other Duties & Responsibilities (Optional)                                                       

• Maintain open lines of communication with stakeholders across the organization to promote collaboration.
• Develop and maintain knowledge of security and privacy policies, laws, and regulations to promote compliance and to provide guidance to other stakeholders across the organization upon request.
• Complete annual compliance training and engage in ongoing professional development activities.

Qualifications                                                                                                     

Education:
 Bachelor’s degree in Information Technology, Cybersecurity, or equivalent knowledge required. Relevant experience may be substituted in lieu of education.

Experience:
Minimum of five (5) years of combined Information Technology and/or Cybersecurity experience required. Working knowledge of the Federal Financial Institutions Examination Council (FFIEC) Information Technology Examination Handbooks is preferred. Advanced certifications such as Certified Information Security Manager (CISM), Certified Information Systems Security Professional (CISSP), and/or Global Information Assurance Certification (GIAC) are preferred. Familiarity with industry-standard cybersecurity frameworks, including the National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF), the Center for Internet Security (CIS) Critical Security Controls, and the MITRE ATT&CK Framework, is preferred.

Core Competencies: 

• Strong written and verbal communication skills, with the ability to clearly convey information to diverse audiences.
• Good troubleshooting and analytical skills, with the ability to logically assess and resolve issues.
• Ability to critically analyze threats and quickly determine severity and appropriate mitigation responses.
• Ability to work in time-sensitive, high-pressure situations while maintaining composure.
• A desire to provide outstanding service to employees and members.
• Ongoing desire to improve processes and systems that bring added efficiency and faster response times.
• Willingness to adapt to change as needed, recognizing that change is inevitable.

General Operational Requirements: 

Performance Metrics                                                                                          

• Carry out assigned daily security tasks reliably, effectively, and with minimal oversight to ensure systems and data are appropriately protected.
• Manage assigned security systems and tools with a high level of uptime.
• Complete all assigned tasks by the assigned deadline.
• Communicate with the ISO, members of the Technology Services Team, and end users on security matters.
• Effectively communicate, coordinate, and execute tasks with business units and support areas.
• Responsiveness to requests and ability to engage on multiple tasks simultaneously while maintaining a positive and constructive attitude.
• Support the ISO in ensuring the organization is prepared for third-party assessments and regulatory examinations, including assisting in the development of timely and effective responses to findings.