Information Security Engineer
Posted on Oct 2, 2024 by Patelco Credit Union
Dublin, CA
Health & Safety
Immediate Start
Annual Salary
Full-Time
About Patelco Credit Union:
Patelco Credit Union is a not-for-profit credit union with a purpose to build financial health and wellbeing for our members. Since 1936, Patelco has grown from $500 in assets to over $9 billion in assets and is the 7th largest credit union in California with branches throughout Northern California.
We are here for our members throughout all their stages of life. Meeting them with the products and services to help them plan purposefully for their futures and to secure our life-long partnership as their trusted financial advocate. As one team, we are all committed to delivering service, empowering financial literacy, creating products, and providing new technology for our members.
We believe that work should be rewarding, challenging, and enjoyable. We’re dedicated to creating a positive and supportive culture where our team members can thrive. If you’re looking to use your skills and knowledge to make a difference in our members’ lives, Patelco could be the perfect fit for you.
Overview:
The Information Security Engineer will be responsible for providing engineering design, analysis, and support for information security platforms and devices, routers, firewalls, networks, and operating systems, identifying relevant threats, recommending corrective actions, developing solutions for security issues, and investigating security incidents and breaches. The Information Security Engineer will help plan and carry out the organization’s information security strategy and program to include developing a set of security standards and best practices for the organization, developing policy, standards and procedure, recommending security enhancements to management as needed, and developing strategies to respond to and recover from a security breach.
Responsibilities:
Conduct regular Vulnerability Assessments & Penetration Testing to identify & mitigate risks.
Analyze vulnerability scan results, prioritize vulnerabilities based on risk, threat intelligence, and potential business impact
Review and collaborate with developers to remediate Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST) findings
Collaborate cross-functionally with teams including IT/Enterprise, Security/Compliance, Engineering/Production and Leadership, ensuring vulnerabilities are addressed expeditiously and effectively.
Aggregate vulnerability assessment results from partner teams, utilizing a combination of automated tools and manual reviews to identify potential weaknesses in systems, networks, and applications
Prioritize vulnerabilities based on severity, risk level, and potential impact on the Patelco's business, functional & technical operations
Facilitate remediation plans for identified vulnerabilities, collaborating with asset owning teams to ensure timely resolution.
Monitor and track the progress of vulnerability remediation efforts, providing regular reports to management on the overall effectiveness of the program
Implement vulnerability detection capabilities within the continuous integration and continuous delivery (CI/CD) pipeline and software development lifecycle (SDLC).
Enhance the current Vulnerability Management Program for Patelco Credit Union
Performs risk assessments to determine our stature against specific threats in order to recommend solutions
Develop and recommend policies, standards and procedures that are in compliance with statutory and regulatory requirements that cover internal and external parties, physical security systems, internet and computer systems
Backing up the Information Security Officer as needed
Qualifications:
Experience in Vulnerability Management or related field such as Penetration Testing
Strong knowledge of common vulnerabilities and exploitation techniques
Strong knowledge of offensive security tactics techniques and procedures
Proficiency with at least one scripting language (e.g.: Perl, Python, PowerShell)
Knowledge of risk assessment tools, technologies, and methods
Demonstrated ability to map vulnerability exploitation vectors commonly identified in frameworks like OWASP Top 10 & STRIDE.
Knowledge of CIS Benchmarks and best practices for the secure configuration of information systems and applications.
Experience maintaining and running vulnerability scanning and other security testing tools (e.g., Tenable/Nessus, Qualys, Snyk, Burp, ZAP etc.)
Technical experience working with industry-wide frameworks and standards like MITRE ATT&CK
Ability to communicate network security issues to peers and management
An understanding of business needs and commitment to delivering high-quality, prompt, and efficient service to the business
An understanding of organizational mission, values, and goals and consistent application of this knowledge
Experience with regulatory compliance, including risk management frameworks (e.g., NIST CSF/RMF)
Experience with Security Orchestration, Automation, and Response (SOAR) platforms.
Strong understanding of PCI, GLBA, and IS/IT risk assessment, the Federal Financial Institution Examination Council (FFIEC) IT examination handbooks, and National Institute of Standard and Technology (NIST) 800-53 and Cybersecurity Framework.
Minimum Qualifications
BS in Computer Science, Information Security, or a related field is highly desirable
5+ years of experience in information security, especially in a security engineering role
3+ years of past experience in a role on a Computer Incident Response Team (CIRT), Computer Emergency Response Team (CERT), Computer Security Incident Response Center (CSIRC) or a Security Operations Center (SOC) is highly desirable
Certified Information Systems Security Professional (CISSP, OSCP, GPEN etc. ) or equivalent required
Target Base Pay:
$113,283 - $141,603
Compensation at Patelco:
Please note that the salary information is a general guideline only. Patelco Credit Union considers factors such as (but not limited to) scope and responsibilities of the position, candidate's work experience, education/training, key skills, internal peer equity, as well as market and business considerations when extending an offer. We offer a competitive total rewards package including a wide range of medical, dental, vision, financial, and other benefits.
We Offer:
Physical Health:
Exceptional Medical, Dental, Vision, and Life Insurance benefits
Onsite fitness center at HQ and rewards for completing wellness related activities
Financial Health:
Competitive compensation packages with bonus opportunity
401(k) with 3% Safe Harbor and 5% employer match
Discounts on loan products
Tuition reimbursement
Emotional Health:
Employee Assistance Program (EAP)
PTO for part-time and full-time positions
Paid holidays
Personal Development:
On-the-job training and skills development
Internal transfer opportunities for career growth
Volunteer work
Flexible work arrangements available for specific positions
Patelco Credit Union is an Equal Opportunity Employer including individuals with disabilities and protected veterans
IND123
Patelco Credit Union is a not-for-profit credit union with a purpose to build financial health and wellbeing for our members. Since 1936, Patelco has grown from $500 in assets to over $9 billion in assets and is the 7th largest credit union in California with branches throughout Northern California.
We are here for our members throughout all their stages of life. Meeting them with the products and services to help them plan purposefully for their futures and to secure our life-long partnership as their trusted financial advocate. As one team, we are all committed to delivering service, empowering financial literacy, creating products, and providing new technology for our members.
We believe that work should be rewarding, challenging, and enjoyable. We’re dedicated to creating a positive and supportive culture where our team members can thrive. If you’re looking to use your skills and knowledge to make a difference in our members’ lives, Patelco could be the perfect fit for you.
Overview:
The Information Security Engineer will be responsible for providing engineering design, analysis, and support for information security platforms and devices, routers, firewalls, networks, and operating systems, identifying relevant threats, recommending corrective actions, developing solutions for security issues, and investigating security incidents and breaches. The Information Security Engineer will help plan and carry out the organization’s information security strategy and program to include developing a set of security standards and best practices for the organization, developing policy, standards and procedure, recommending security enhancements to management as needed, and developing strategies to respond to and recover from a security breach.
Responsibilities:
Conduct regular Vulnerability Assessments & Penetration Testing to identify & mitigate risks.
Analyze vulnerability scan results, prioritize vulnerabilities based on risk, threat intelligence, and potential business impact
Review and collaborate with developers to remediate Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST) findings
Collaborate cross-functionally with teams including IT/Enterprise, Security/Compliance, Engineering/Production and Leadership, ensuring vulnerabilities are addressed expeditiously and effectively.
Aggregate vulnerability assessment results from partner teams, utilizing a combination of automated tools and manual reviews to identify potential weaknesses in systems, networks, and applications
Prioritize vulnerabilities based on severity, risk level, and potential impact on the Patelco's business, functional & technical operations
Facilitate remediation plans for identified vulnerabilities, collaborating with asset owning teams to ensure timely resolution.
Monitor and track the progress of vulnerability remediation efforts, providing regular reports to management on the overall effectiveness of the program
Implement vulnerability detection capabilities within the continuous integration and continuous delivery (CI/CD) pipeline and software development lifecycle (SDLC).
Enhance the current Vulnerability Management Program for Patelco Credit Union
Performs risk assessments to determine our stature against specific threats in order to recommend solutions
Develop and recommend policies, standards and procedures that are in compliance with statutory and regulatory requirements that cover internal and external parties, physical security systems, internet and computer systems
Backing up the Information Security Officer as needed
Qualifications:
Experience in Vulnerability Management or related field such as Penetration Testing
Strong knowledge of common vulnerabilities and exploitation techniques
Strong knowledge of offensive security tactics techniques and procedures
Proficiency with at least one scripting language (e.g.: Perl, Python, PowerShell)
Knowledge of risk assessment tools, technologies, and methods
Demonstrated ability to map vulnerability exploitation vectors commonly identified in frameworks like OWASP Top 10 & STRIDE.
Knowledge of CIS Benchmarks and best practices for the secure configuration of information systems and applications.
Experience maintaining and running vulnerability scanning and other security testing tools (e.g., Tenable/Nessus, Qualys, Snyk, Burp, ZAP etc.)
Technical experience working with industry-wide frameworks and standards like MITRE ATT&CK
Ability to communicate network security issues to peers and management
An understanding of business needs and commitment to delivering high-quality, prompt, and efficient service to the business
An understanding of organizational mission, values, and goals and consistent application of this knowledge
Experience with regulatory compliance, including risk management frameworks (e.g., NIST CSF/RMF)
Experience with Security Orchestration, Automation, and Response (SOAR) platforms.
Strong understanding of PCI, GLBA, and IS/IT risk assessment, the Federal Financial Institution Examination Council (FFIEC) IT examination handbooks, and National Institute of Standard and Technology (NIST) 800-53 and Cybersecurity Framework.
Minimum Qualifications
BS in Computer Science, Information Security, or a related field is highly desirable
5+ years of experience in information security, especially in a security engineering role
3+ years of past experience in a role on a Computer Incident Response Team (CIRT), Computer Emergency Response Team (CERT), Computer Security Incident Response Center (CSIRC) or a Security Operations Center (SOC) is highly desirable
Certified Information Systems Security Professional (CISSP, OSCP, GPEN etc. ) or equivalent required
Target Base Pay:
$113,283 - $141,603
Compensation at Patelco:
Please note that the salary information is a general guideline only. Patelco Credit Union considers factors such as (but not limited to) scope and responsibilities of the position, candidate's work experience, education/training, key skills, internal peer equity, as well as market and business considerations when extending an offer. We offer a competitive total rewards package including a wide range of medical, dental, vision, financial, and other benefits.
We Offer:
Physical Health:
Exceptional Medical, Dental, Vision, and Life Insurance benefits
Onsite fitness center at HQ and rewards for completing wellness related activities
Financial Health:
Competitive compensation packages with bonus opportunity
401(k) with 3% Safe Harbor and 5% employer match
Discounts on loan products
Tuition reimbursement
Emotional Health:
Employee Assistance Program (EAP)
PTO for part-time and full-time positions
Paid holidays
Personal Development:
On-the-job training and skills development
Internal transfer opportunities for career growth
Volunteer work
Flexible work arrangements available for specific positions
Patelco Credit Union is an Equal Opportunity Employer including individuals with disabilities and protected veterans
IND123
Reference: 203142471
https://jobs.careeraddict.com/post/95749923
Information Security Engineer
Posted on Oct 2, 2024 by Patelco Credit Union
Dublin, CA
Health & Safety
Immediate Start
Annual Salary
Full-Time
About Patelco Credit Union:
Patelco Credit Union is a not-for-profit credit union with a purpose to build financial health and wellbeing for our members. Since 1936, Patelco has grown from $500 in assets to over $9 billion in assets and is the 7th largest credit union in California with branches throughout Northern California.
We are here for our members throughout all their stages of life. Meeting them with the products and services to help them plan purposefully for their futures and to secure our life-long partnership as their trusted financial advocate. As one team, we are all committed to delivering service, empowering financial literacy, creating products, and providing new technology for our members.
We believe that work should be rewarding, challenging, and enjoyable. We’re dedicated to creating a positive and supportive culture where our team members can thrive. If you’re looking to use your skills and knowledge to make a difference in our members’ lives, Patelco could be the perfect fit for you.
Overview:
The Information Security Engineer will be responsible for providing engineering design, analysis, and support for information security platforms and devices, routers, firewalls, networks, and operating systems, identifying relevant threats, recommending corrective actions, developing solutions for security issues, and investigating security incidents and breaches. The Information Security Engineer will help plan and carry out the organization’s information security strategy and program to include developing a set of security standards and best practices for the organization, developing policy, standards and procedure, recommending security enhancements to management as needed, and developing strategies to respond to and recover from a security breach.
Responsibilities:
Conduct regular Vulnerability Assessments & Penetration Testing to identify & mitigate risks.
Analyze vulnerability scan results, prioritize vulnerabilities based on risk, threat intelligence, and potential business impact
Review and collaborate with developers to remediate Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST) findings
Collaborate cross-functionally with teams including IT/Enterprise, Security/Compliance, Engineering/Production and Leadership, ensuring vulnerabilities are addressed expeditiously and effectively.
Aggregate vulnerability assessment results from partner teams, utilizing a combination of automated tools and manual reviews to identify potential weaknesses in systems, networks, and applications
Prioritize vulnerabilities based on severity, risk level, and potential impact on the Patelco's business, functional & technical operations
Facilitate remediation plans for identified vulnerabilities, collaborating with asset owning teams to ensure timely resolution.
Monitor and track the progress of vulnerability remediation efforts, providing regular reports to management on the overall effectiveness of the program
Implement vulnerability detection capabilities within the continuous integration and continuous delivery (CI/CD) pipeline and software development lifecycle (SDLC).
Enhance the current Vulnerability Management Program for Patelco Credit Union
Performs risk assessments to determine our stature against specific threats in order to recommend solutions
Develop and recommend policies, standards and procedures that are in compliance with statutory and regulatory requirements that cover internal and external parties, physical security systems, internet and computer systems
Backing up the Information Security Officer as needed
Qualifications:
Experience in Vulnerability Management or related field such as Penetration Testing
Strong knowledge of common vulnerabilities and exploitation techniques
Strong knowledge of offensive security tactics techniques and procedures
Proficiency with at least one scripting language (e.g.: Perl, Python, PowerShell)
Knowledge of risk assessment tools, technologies, and methods
Demonstrated ability to map vulnerability exploitation vectors commonly identified in frameworks like OWASP Top 10 & STRIDE.
Knowledge of CIS Benchmarks and best practices for the secure configuration of information systems and applications.
Experience maintaining and running vulnerability scanning and other security testing tools (e.g., Tenable/Nessus, Qualys, Snyk, Burp, ZAP etc.)
Technical experience working with industry-wide frameworks and standards like MITRE ATT&CK
Ability to communicate network security issues to peers and management
An understanding of business needs and commitment to delivering high-quality, prompt, and efficient service to the business
An understanding of organizational mission, values, and goals and consistent application of this knowledge
Experience with regulatory compliance, including risk management frameworks (e.g., NIST CSF/RMF)
Experience with Security Orchestration, Automation, and Response (SOAR) platforms.
Strong understanding of PCI, GLBA, and IS/IT risk assessment, the Federal Financial Institution Examination Council (FFIEC) IT examination handbooks, and National Institute of Standard and Technology (NIST) 800-53 and Cybersecurity Framework.
Minimum Qualifications
BS in Computer Science, Information Security, or a related field is highly desirable
5+ years of experience in information security, especially in a security engineering role
3+ years of past experience in a role on a Computer Incident Response Team (CIRT), Computer Emergency Response Team (CERT), Computer Security Incident Response Center (CSIRC) or a Security Operations Center (SOC) is highly desirable
Certified Information Systems Security Professional (CISSP, OSCP, GPEN etc. ) or equivalent required
Target Base Pay:
$113,283 - $141,603
Compensation at Patelco:
Please note that the salary information is a general guideline only. Patelco Credit Union considers factors such as (but not limited to) scope and responsibilities of the position, candidate's work experience, education/training, key skills, internal peer equity, as well as market and business considerations when extending an offer. We offer a competitive total rewards package including a wide range of medical, dental, vision, financial, and other benefits.
We Offer:
Physical Health:
Exceptional Medical, Dental, Vision, and Life Insurance benefits
Onsite fitness center at HQ and rewards for completing wellness related activities
Financial Health:
Competitive compensation packages with bonus opportunity
401(k) with 3% Safe Harbor and 5% employer match
Discounts on loan products
Tuition reimbursement
Emotional Health:
Employee Assistance Program (EAP)
PTO for part-time and full-time positions
Paid holidays
Personal Development:
On-the-job training and skills development
Internal transfer opportunities for career growth
Volunteer work
Flexible work arrangements available for specific positions
Patelco Credit Union is an Equal Opportunity Employer including individuals with disabilities and protected veterans
IND123
Patelco Credit Union is a not-for-profit credit union with a purpose to build financial health and wellbeing for our members. Since 1936, Patelco has grown from $500 in assets to over $9 billion in assets and is the 7th largest credit union in California with branches throughout Northern California.
We are here for our members throughout all their stages of life. Meeting them with the products and services to help them plan purposefully for their futures and to secure our life-long partnership as their trusted financial advocate. As one team, we are all committed to delivering service, empowering financial literacy, creating products, and providing new technology for our members.
We believe that work should be rewarding, challenging, and enjoyable. We’re dedicated to creating a positive and supportive culture where our team members can thrive. If you’re looking to use your skills and knowledge to make a difference in our members’ lives, Patelco could be the perfect fit for you.
Overview:
The Information Security Engineer will be responsible for providing engineering design, analysis, and support for information security platforms and devices, routers, firewalls, networks, and operating systems, identifying relevant threats, recommending corrective actions, developing solutions for security issues, and investigating security incidents and breaches. The Information Security Engineer will help plan and carry out the organization’s information security strategy and program to include developing a set of security standards and best practices for the organization, developing policy, standards and procedure, recommending security enhancements to management as needed, and developing strategies to respond to and recover from a security breach.
Responsibilities:
Conduct regular Vulnerability Assessments & Penetration Testing to identify & mitigate risks.
Analyze vulnerability scan results, prioritize vulnerabilities based on risk, threat intelligence, and potential business impact
Review and collaborate with developers to remediate Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST) findings
Collaborate cross-functionally with teams including IT/Enterprise, Security/Compliance, Engineering/Production and Leadership, ensuring vulnerabilities are addressed expeditiously and effectively.
Aggregate vulnerability assessment results from partner teams, utilizing a combination of automated tools and manual reviews to identify potential weaknesses in systems, networks, and applications
Prioritize vulnerabilities based on severity, risk level, and potential impact on the Patelco's business, functional & technical operations
Facilitate remediation plans for identified vulnerabilities, collaborating with asset owning teams to ensure timely resolution.
Monitor and track the progress of vulnerability remediation efforts, providing regular reports to management on the overall effectiveness of the program
Implement vulnerability detection capabilities within the continuous integration and continuous delivery (CI/CD) pipeline and software development lifecycle (SDLC).
Enhance the current Vulnerability Management Program for Patelco Credit Union
Performs risk assessments to determine our stature against specific threats in order to recommend solutions
Develop and recommend policies, standards and procedures that are in compliance with statutory and regulatory requirements that cover internal and external parties, physical security systems, internet and computer systems
Backing up the Information Security Officer as needed
Qualifications:
Experience in Vulnerability Management or related field such as Penetration Testing
Strong knowledge of common vulnerabilities and exploitation techniques
Strong knowledge of offensive security tactics techniques and procedures
Proficiency with at least one scripting language (e.g.: Perl, Python, PowerShell)
Knowledge of risk assessment tools, technologies, and methods
Demonstrated ability to map vulnerability exploitation vectors commonly identified in frameworks like OWASP Top 10 & STRIDE.
Knowledge of CIS Benchmarks and best practices for the secure configuration of information systems and applications.
Experience maintaining and running vulnerability scanning and other security testing tools (e.g., Tenable/Nessus, Qualys, Snyk, Burp, ZAP etc.)
Technical experience working with industry-wide frameworks and standards like MITRE ATT&CK
Ability to communicate network security issues to peers and management
An understanding of business needs and commitment to delivering high-quality, prompt, and efficient service to the business
An understanding of organizational mission, values, and goals and consistent application of this knowledge
Experience with regulatory compliance, including risk management frameworks (e.g., NIST CSF/RMF)
Experience with Security Orchestration, Automation, and Response (SOAR) platforms.
Strong understanding of PCI, GLBA, and IS/IT risk assessment, the Federal Financial Institution Examination Council (FFIEC) IT examination handbooks, and National Institute of Standard and Technology (NIST) 800-53 and Cybersecurity Framework.
Minimum Qualifications
BS in Computer Science, Information Security, or a related field is highly desirable
5+ years of experience in information security, especially in a security engineering role
3+ years of past experience in a role on a Computer Incident Response Team (CIRT), Computer Emergency Response Team (CERT), Computer Security Incident Response Center (CSIRC) or a Security Operations Center (SOC) is highly desirable
Certified Information Systems Security Professional (CISSP, OSCP, GPEN etc. ) or equivalent required
Target Base Pay:
$113,283 - $141,603
Compensation at Patelco:
Please note that the salary information is a general guideline only. Patelco Credit Union considers factors such as (but not limited to) scope and responsibilities of the position, candidate's work experience, education/training, key skills, internal peer equity, as well as market and business considerations when extending an offer. We offer a competitive total rewards package including a wide range of medical, dental, vision, financial, and other benefits.
We Offer:
Physical Health:
Exceptional Medical, Dental, Vision, and Life Insurance benefits
Onsite fitness center at HQ and rewards for completing wellness related activities
Financial Health:
Competitive compensation packages with bonus opportunity
401(k) with 3% Safe Harbor and 5% employer match
Discounts on loan products
Tuition reimbursement
Emotional Health:
Employee Assistance Program (EAP)
PTO for part-time and full-time positions
Paid holidays
Personal Development:
On-the-job training and skills development
Internal transfer opportunities for career growth
Volunteer work
Flexible work arrangements available for specific positions
Patelco Credit Union is an Equal Opportunity Employer including individuals with disabilities and protected veterans
IND123
Reference: 203142471
Share this job:
Alert me to jobs like this:
Amplify your job search:
Expert career advice
Increase interview chances with our downloads and specialist services.
Visit Blog