Mgr, IT Security Engineering
Develop, implement, and administer comprehensive program to ensure security by proactively preventing security vulnerabilities through effective configuration, management, testing, and monitoring of all points of vulnerability.
Identify foreseeable data security risks, implement security initiatives, and maintain heightened readiness to react to emerging threats.
Coordinate the management of information security systems such as firewall and intrusion detection systems in support of incident monitoring and response..
Direct and conduct testing and auditing of information security measures to verify compliance with information security policies and standards.
Administer network and computing security devices/systems that enforce security policies and audit controls in Windows, Mac, and Unix based environments.
Provide hands-on support for wide range of security technologies including, but not limited to SIEM, IDS/IPS, HIDS, malware analysis and protection, content filtering, logical access controls, identity and access management, data loss prevention, content filtering technologies, application firewalls, vulnerability scanners, LDAP, forensics software, and security incident response.
Research, test, develop, deploy, and support hardware and software related to network application security. Coordinate security patch deployment and tracking overall activity related to security implementations across systems and support groups.
Develop, administer, and ensure IT information security policies, standards, and procedures for PenFed and subsidiaries.
Establish and enforce the security standards for all assets connecting to the corporate network.
Ensure all workstations, servers, networking components are properly configured and secured prior to authorizing installation and configuration in the PenFed infrastructure.
Manage, track, and report compliance activities.
Resolve routine operating problems as they arise.
Ensure the appropriate level of security knowledge and certifications for self and security team personnel.
Define and collaborate on information security design, architecture, standards, and industry best practices.
Conduct in-depth information technology risk assessments, including identifying and documenting control risks associated with a breach of sensitive credit union systems and data.
Create process flows, identify potential gaps and/or inconsistencies, and make sound recommendations for improvement or mitigation.
Assist PenFed security and legal entities with confidential security incidents including response, analysis, forensics, and investigations.
Provide security program management support.
Provide management on-call and off-hours support as needed.
Assist in the development of baseline system security standards.
Bachelor’s Degree in Information Technology, Computer Science, Business or related field is required.
Master’s Degree in Information Assurance or Cyber Security is preferred.
Minimum of seven (7) years’ of experience in IT with at least three (3) of those in a technical security role are required.
Knowledge of security management practices and tools (ISO 27001) and risk management methodologies (ISO 27005, OCTAVE, NIST RMF) is preferred.
This position will mentor and supervise employees.
CISSP and PMP certifications are preferred. Additional security related certifications are a plus.
Bending, Stretching or Reaching
Talking on the phone, person-to-person & in group
xHearing on the phone, person-to-person & in group
xVision for near, mid-range, far, peripheral, depth and color
xUse of computer
xUse of telephone
xUse of office equipment
xPushing/pulling/lifting/ carrying from 5 to 50 lbs.
Founded in 1935, and still growing, we began as the War Department Federal Credit Union. Today, PenFed is one of the country’s strongest and most stable financial institutions with over 1.5 million members and over $21 billion in assets. We serve members in all 50 states and the District of Columbia, as well as on military bases in Guam, Puerto Rico and Okinawa.
Our mission isn’t simply to help our members get by. We exist to help them realize every ounce of their potential. We exist to educate, and to encourage. We exist to usher their dreams into the land of reality.
We provide our employees with a lucrative benefits package including robust medical, dental and vision plan options, plenty of paid time off, 401k with employer match, on-site fitness facilities at our larger locations, and more.
PenFed is an Equal Opportunity EmployerPenFed will maintain and observe personnel policies which will prohibit discrimination or harassment against a person because of race, color, creed, age, sex, gender, religion, national origin, ancestry, genetic information, military or veteran status or obligation, the presence of a physical and/or mental disability and all other statuses protected by applicable state or local law in all recruiting, hiring, training, compensation, overtime, position classifications, work assignments, facilities, promotions, transfers, employee treatment, and in all other terms and conditions of employment. PenFed will also prohibit retaliation against individuals for raising a complaint of discrimination or harassment or participating in an investigation of same. PenFed will also reasonably accommodate qualified individuals with a disability so that they can apply for a job or perform the essential functions of a job unless doing so causes a direct threat to these individuals or others in the workplace and the threat cannot be eliminated by reasonable accommodation or if the accommodation creates an undue hardship to PenFed. Contact human resources (HR) with any questions or requests for accommodation at 703-838-1568.