Job Details
Description
Who We’re Looking For
- A security-minded professional with 2–5 years of cybersecurity or information security experience, ideally in a regulated or financial services environment
- Strong working knowledge of access control, vulnerability management, and security monitoring tools within Microsoft-based environments
- An independent, analytical problem-solver who communicates clearly and exercises sound judgment with sensitive information
What You’ll Be Doing
- Monitoring and responding to security alerts, participating in incident response, and helping investigate and remediate security events
- Managing identity and access controls, performing user access reviews, and supporting vulnerability and risk management efforts
- Supporting policies, audits, exams, and security awareness initiatives while collaborating with IT, business teams, and vendors
Why Join Us
- Heritage Family Credit Union is a dynamic and member-centric organization committed to making a positive impact on the lives of our members. We believe in delivering not just financial services but fostering meaningful relationships that enhance the overall well-being of our members and communities. With a focus on education, integrity, and community, we strive to be the preferred financial partner for our community.
- Benefits Include:
- Paid time off in addition to paid federal holidays
- Medical, dental, and vision benefits to employees who regularly work 24+ hours a week
- 401k match
- Ongoing training opportunities
- 8 hours of volunteer time with an organization important to you
- Reimbursement each month for Gym membership (up to $25), hobby reimbursement (up to $25) and fresh local foods (up to $25 on a seasonal basis)
Salary Range: $53,524.50 - $66,905.63
Position Title: Information Security Analyst
FLSA Status: Exempt
Department: Information Technology
EEO Code: Professionals
Reports To: Chief Technology & Information Security Officer
Grade: 9
Summary
The IT Security Analyst is responsible for independently executing core information security functions to protect Heritage Family Credit Union’s information assets across on‑premise and cloud environments. This role supports security operations, access control, vulnerability management, risk assessment, and regulatory compliance activities. The IT Security Analyst works cross‑functionally with IT, business units, and vendors to ensure security controls are effective, documented, and aligned with regulatory expectations.
Essential Functions
Security Monitoring & Incident Response
- Monitor, investigate, and respond to security alerts from security tools (e.g., SIEM, firewall, endpoint protection).
- Serve as an active member of the Cybersecurity Incident Response Team (CIRT).
- Assist with incident containment, root‑cause analysis, documentation, and remediation tracking.
- Escalate high‑risk or complex incidents to senior leadership as appropriate.
Access Control & Identity Governance
- Administer and enforce role‑based access controls across systems and applications.
- Perform periodic user access reviews and ensure timely remediation of exceptions.
- Review and approve access requests in accordance with internal policies and procedures.
- Ensure all access changes are properly documented through the help desk system.
Vulnerability & Risk Management
- Perform vulnerability assessments and coordinate remediation efforts with system owners.
- Track remediation progress and report unresolved or high‑risk findings.
- Support application security reviews and vendor risk assessments.
- Assist with enterprise and system‑level risk assessments.
Policy, Compliance & Governance Support
- Maintain and update information security policies, standards, and procedures.
- Support regulatory examinations and internal/external audits by preparing evidence and documentation.
- Ensure security requirements are incorporated into projects, system changes, and vendor engagements.
- Assist with maintaining security metrics and reporting.
Security Awareness & Collaboration
- Support phishing simulations and security awareness initiatives.
- Review reported phishing attempts and coordinate appropriate response actions.
- Provide security guidance to IT staff and business users as needed.
Qualifications
Education
- Bachelor’s degree in information technology, Information Security, or a related field required.
Experience
- 2–5 years of experience in cybersecurity, information security, or a related IT role.
- Experience in a regulated industry (financial services preferred).
Certifications (Preferred)
- CompTIA Security+, CISA, CISSP (or progress toward certification).
Technical Skills
- Proficiency with Microsoft Active Directory, Azure/Entra ID, and Microsoft 365.
- Working knowledge of vulnerability management tools and security monitoring concepts.
- Familiarity with FFIEC guidance and general regulatory expectations.
Core Competencies
- Strong analytical and problem‑solving skills.
- Ability to work independently with minimal supervision.
- Strong documentation and business writing skills.
- Sound judgment when handling sensitive or confidential information.
- Ability to collaborate effectively across technical and non‑technical teams.
Physical Requirements
- Ability to sit for extended periods and work primarily at a computer workstation.
- Frequent use of keyboard, mouse, and phone.
Work Environment
- Professional banking environment
BSA/Risk: Employees will ensure adherence to BSA (Bank Secrecy Act) and risk compliance standards in all job responsibilities, maintaining the organization's regulatory integrity and mitigating potential risks
Equal Opportunity Employer
Heritage Family Credit Union is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status, or any other characteristic protected by law.