WPCU
Cybersecurity Engineer I
The Cybersecurity Engineer I is responsible for the implementation and management of the Credit Unions security solutions and technologies (e.g., SIEM, IDF/IPS, firewalls, proxies, endpoint protection). Administer as a first line defense contributor of Credit Union's overall information security program, and protect the Credit Union's IT infrastructure, networks, and data from cyber threats. Responsible for implementing controls minimize risks in the key areas associated with information security function identified by senior Cybersecurity Engineer's or Cyber Operations Analysts gap analyses. 1) Security Infrastructure Management - Configure, monitor, and maintain firewalls, intrusion detection/prevention systems (IDS/IPS), VPNs, and endpoint protection. Assist with system lifecycle management, including regular patching and troubleshooting for systems including but not limited to: network firewalls, IDS/IPS, port security, anti-malware, email hygiene, web content filtering, web application firewalls, Windows updates, physical access control, cloud/SaaS systems and Active Directory. Ensures proper policies, procedures, risk mitigation activities, and operating controls are followed. Reports gaps in policies, procedures, and operating controls to leadership to ensure member impact and risk is mitigated. (40%) 2) Incident Response- Monitor and respond to cybersecurity alerts to assess potential threats and determine appropriate risk levels. Escalate significant security incidents to Cybersecurity Engineer II & Cyber Operations teams in a timely and effective manner. Collaborate with cross-functional IT teams to contain threats and implement remediation strategies for identified vulnerabilities. Implement recommendations from senior engineers on cybersecurity risks, trends, and best practices. Support the development and enforcement of security policies, procedures, and standards. (30%) 3) Project Engagement Collaborate with the Project Management Office (PMO) to design, develop, and deliver secure and resilient systems. Actively participate in the delivery of projects within the service pipeline, ensuring security is embedded throughout the project lifecycle. Focus on safeguarding WPCU/myCU systems, as well as protecting sensitive member and partner information. Provide security expertise and guidance during project planning, implementation, and post-deployment phases. Ensure alignment with organizational security standards, compliance requirements, and best practices (20%). 4) Documentation Properly document IT Security systems and procedures. (10%) The person in this position must be skilled in the basic principles of Information Security protection, including but not limited to the tools, processes, and industry trends relative to this field of IT. Hence, the following are required: 1) A bachelor's degree in Cybersecurity, Information Technology, Computer Science or a similar field is preferred. Candidates who present an equivalent combination of formal training/certifications and at least 2 years of practical experience specific to Information Security may also be considered. 2) Security+ Certification or Associate CISSP is required. Candidates without these certifications will be considered and required to obtain proper certification(s) within the first year of employment. 3) Understanding of SIEM, EDR, firewalls, and vulnerability management tools. Proficiency in SIEM, EDR, firewalls, and vulnerability management tools. 4) Demonstrate an understanding of Microsoft Windows operating systems, Microsoft 365/Entra ID, and Microsoft Active Directory; Microsoft certifications are preferred (e.g., SC-200). 5) Demonstrate an understanding of computer networking and secure protocols (e.g. SSL, FTPS, HTTPS, IPSEC, etc.); Network+ or Palo certification is preferred. 6) Proficient working knowledge of security technologies, such as access management, security monitoring, and data encryption. 7) Knowledge of new and/or innovative initiatives that have improved efficiency, quality, security, and service levels within the IT security arena. 8) Demonstrate an understanding of regulatory & risk frameworks (e.g., NCUA Part 748, GLBA, NIST CSF 2.0, etc.) 9) Excellent verbal and written communication skills in preparing reports, presentations, and documentation. 10) The ability to work independently and troubleshoot problems with speed and efficiency.
The Cybersecurity Engineer I is responsible for the implementation and management of the Credit Unions security solutions and technologies (e.g., SIEM, IDF/IPS, firewalls, proxies, endpoint protection). Administer as a first line defense contributor of Credit Union's overall information security program, and protect the Credit Union's IT infrastructure, networks, and data from cyber threats. Responsible for implementing controls minimize risks in the key areas associated with information security function identified by senior Cybersecurity Engineer's or Cyber Operations Analysts gap analyses. 1) Security Infrastructure Management - Configure, monitor, and maintain firewalls, intrusion detection/prevention systems (IDS/IPS), VPNs, and endpoint protection. Assist with system lifecycle management, including regular patching and troubleshooting for systems including but not limited to: network firewalls, IDS/IPS, port security, anti-malware, email hygiene, web content filtering, web application firewalls, Windows updates, physical access control, cloud/SaaS systems and Active Directory. Ensures proper policies, procedures, risk mitigation activities, and operating controls are followed. Reports gaps in policies, procedures, and operating controls to leadership to ensure member impact and risk is mitigated. (40%) 2) Incident Response- Monitor and respond to cybersecurity alerts to assess potential threats and determine appropriate risk levels. Escalate significant security incidents to Cybersecurity Engineer II & Cyber Operations teams in a timely and effective manner. Collaborate with cross-functional IT teams to contain threats and implement remediation strategies for identified vulnerabilities. Implement recommendations from senior engineers on cybersecurity risks, trends, and best practices. Support the development and enforcement of security policies, procedures, and standards. (30%) 3) Project Engagement Collaborate with the Project Management Office (PMO) to design, develop, and deliver secure and resilient systems. Actively participate in the delivery of projects within the service pipeline, ensuring security is embedded throughout the project lifecycle. Focus on safeguarding WPCU/myCU systems, as well as protecting sensitive member and partner information. Provide security expertise and guidance during project planning, implementation, and post-deployment phases. Ensure alignment with organizational security standards, compliance requirements, and best practices (20%). 4) Documentation Properly document IT Security systems and procedures. (10%) The person in this position must be skilled in the basic principles of Information Security protection, including but not limited to the tools, processes, and industry trends relative to this field of IT. Hence, the following are required: 1) A bachelor's degree in Cybersecurity, Information Technology, Computer Science or a similar field is preferred. Candidates who present an equivalent combination of formal training/certifications and at least 2 years of practical experience specific to Information Security may also be considered. 2) Security+ Certification or Associate CISSP is required. Candidates without these certifications will be considered and required to obtain proper certification(s) within the first year of employment. 3) Understanding of SIEM, EDR, firewalls, and vulnerability management tools. Proficiency in SIEM, EDR, firewalls, and vulnerability management tools. 4) Demonstrate an understanding of Microsoft Windows operating systems, Microsoft 365/Entra ID, and Microsoft Active Directory; Microsoft certifications are preferred (e.g., SC-200). 5) Demonstrate an understanding of computer networking and secure protocols (e.g. SSL, FTPS, HTTPS, IPSEC, etc.); Network+ or Palo certification is preferred. 6) Proficient working knowledge of security technologies, such as access management, security monitoring, and data encryption. 7) Knowledge of new and/or innovative initiatives that have improved efficiency, quality, security, and service levels within the IT security arena. 8) Demonstrate an understanding of regulatory & risk frameworks (e.g., NCUA Part 748, GLBA, NIST CSF 2.0, etc.) 9) Excellent verbal and written communication skills in preparing reports, presentations, and documentation. 10) The ability to work independently and troubleshoot problems with speed and efficiency.