Overview
Are you looking to take your career from good to great? As an employee of PenFed, every day is an opportunity to thrive, and be part of a team working to ensure our organization is providing world class service to our members, employees, and our communities. We exist to help our members realize their full potential, educate and encourage their dreams, and make every effort to follow our mission and help our members -do better.- Joining PenFed is more than being an employee; it's about being a part of the PenFed family.
PenFed is hiring an Analyst II, Information Security at our Tysons, Virginia location. The primary purpose of this job is to perform complex analysis to assist in managing the risk and compliance of the controls environment used to protect PenFed data in internal and external systems used by the credit union. The Program Analyst II is a senior contributor who has recognized expertise in their field, acts as a project lead and as a subject matter expert for IT Security tools and processes.
Responsibilities
Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. This is not intended to be an all-inclusive list of job duties and the position will perform other duties as assigned.
Under general direction from the Director, Information Security Risk and Compliance, this position creates, implements, and manages governance, risk and compliance (GRC) components of the information security program:
Document and maintain Cybersecurity Risk Register
Conduct Cybersecurity risk assessments to evaluate information systems, programs and procedures.
Understand security standards and frameworks, including the Framework, Critical Security Controls, FFIEC, NCUA ACET, IT general controls and application controls, and others.
Develop departmental operating standards and procedures.
Monitor and manage compliance of implemented enterprise Cybersecurity controls.
Support and facilitate audits of enterprise information systems.
Assist training and awareness activities.
Provide reporting, metrics, and testing as needed.
Essential Skills
Demonstrated knowledge of information systems and security technologies.
Knowledge and ability to run reporting programs and security applications.
Experience in computer and Cybersecurity assessment, administration, and management.
Experience in with implementing and monitoring security controls in a regulated environment.
Ability to contribute and manage self-contained projects for assessments, audits, and remediation.
Understanding of one or more security controls frameworks FFIEC, NCUA ACET, and Cybersecurity Framework (CSF).
Skills in presenting findings to technical and business.
Excellent customer service skills.
Strong research, analytical, and problem solving skills
Excellent oral and written communication skills, including technical writing.
Ability to function independently and as a team member.
Desired Skills
Experience working in a GRC application (e.g. RSA Archer, ServiceNow, LockPath, etc.)
Experience in conducting IT controls audits or supporting regulatory reviews of IT controls environments.
Special Requirements
Qualifications
Education and Experience
Equivalent combination of education and experience is considered.
Bachelor's Degree in a relevant field.
Minimum of five (5) years of experience in Cybersecurity or a combination of education and experience, which meet the requisite skill level.
Supervisory Responsibility
Licenses and Certifications
Professional Security Certification required: Archer Administrator - Expert
Professional security certifications such as CISSP, CISA, CRISC, CISM, CTPRP, or technical certifications such as those from SANS preferred.
Work Environment
While performing the duties of this job, the employee is regularly exposed to an indoor office setting with moderate noise.
Most roles require working in an office setting with moderate noise and the ability to lift 25 pounds.
Travel
Ability to travel to various worksites is required.
Special Message Regarding COVID 19
PenFed is continuing to hire and train exceptional individuals to help us serve our 2 million members both here and around the world. In light of the current situation with novel coronavirus (COVID-19), we have modified our hiring, onboarding, training, and deployment protocols in order to comply with current local and state guidance around social distancing.
About Us
Established in 1935, PenFed today is one of the country's strongest and most stable financial institutions with over 2 million members and over $26 billion in assets. We serve members in all 50 states and the District of Columbia, as well as in Guam, Puerto Rico and Okinawa. We are federally insured by NCUA and we are an Equal Housing Lender. We are available to members worldwide, via the web, seven days a week, twenty-four hours a day.
We provide our employees with a lucrative benefits package including robust medical, dental and vision plan options, plenty of paid time off, 401k with employer match, on-site fitness facilities at our larger locations, and more.
Equal Employment Opportunity
PenFed management will maintain and observe personnel policies which will not discriminate or permit harassment or retaliation against a person because of race, color, creed, age, sex, gender, gender identity, gender expression, religion, national origin, ancestry, marital status, military or veteran status or obligation, the presence of a physical and/or mental disability or medical condition, genetic information, sexual orientation, and all statuses protected by applicable state or local law in all recruiting, hiring, training, compensation, overtime, position classifications, work assignments, facilities, promotions, transfers, employee treatment, and in all other terms and conditions of employment. PenFed will also prohibit retaliation against individuals for raising a complaint of discrimination or harassment or participating in an investigation of same.
PenFed will also reasonably accommodate qualified individuals with a disability so that they can apply for a job or perform the essential functions of a job unless doing so causes a direct threat to these individuals or others in the workplace and the threat cannot be eliminated by reasonable accommodation or if the accommodation creates an undue hardship to PenFed. Contact human resources (HR) with any questions or requests for accommodation at 240-224-4256.
