Information Security Engineer

Date posted:

Department:

Information Technology

Location:

Long Island City (HQ) - Queens, NY

Description:

Responsible for assisting with the research, development, implementation and maintenance of systems, solutions, and technologies that ensure the confidentiality, integrity and availability of the organization’s systems as well as member, employee and corporate information.

Accountabilities:

• Primarily responsible for managing UNFCU’s global firewall infrastructure. This includes (a) design and implementation of new firewall rules and modification to existing firewall rules, as approved by the UNFCU management (b) review of all firewall rules to ensure existing rule sets are authorized, necessary and effectively protect UNFCU systems and networks (c) configuration and maintenance of Virtual Private Networks (VPNs) (d) firmware and software upgrades to firewall infrastructure as needed (e) management and timely renewal of support contracts
• Secondary responsibilities include:
o Support of Advanced Threat Protection, Intrusion Prevention, Secure Web Proxy Servers and Network Access Control solutions
o Assist in configuration, analysis and response to Security Information and Event Management (SIEM) systems logging, alerts and notifications.
o Manage hosted security services, including:
 Secure email gateway (encryption, malware and spam protection)
 Distributed Denial of Service (DDoS) prevention services
 Domain name, certificate and reputation management services
• Effectively respond to information security incidents including internal violations, targeted attacks and malware/virus detection/remediation
• Assist and act as escalation point for Service Desk to troubleshoot and resolve potential security systems/infrastructure related service issues and outages.
• Participate in organization wide security risk assessments. Contribute and assist in updating information security policies, architectures, standards, and/or other technical requirement documents.
• Remain current and proactive with emerging technologies and trends pertaining to the Information Security field.
• Develop detailed proposals and plans for new tools and solutions that would enhance security, increase situational awareness or reduce organizational risk. Lead or contribute to implementation, documentation and operational maintenance of approved solutions.
• Serve as a resource to the organization in the realm of information security for any and all projects and advice needed in the advancement of ensuring the security, integrity and availability of the organization’s member, staff and corporate information.
• Interface with Information Technology (IT) staff and end-users regarding the development of security specifications. Consistently seek to identify and implement solutions, which result in increased security awareness for the entire organization.
• Modify processes and procedures to proactively and reactively resolve network and end-user problems, while maintaining a high level of security.
• Implement and maintain all information security infrastructure and services required to enact UNFCU’s Disaster Recovery and Business Continuity plans.
• Advise and assist other departments and the PMO in identifying security issues, creating requirements and evaluating solutions for new and existing products and applications.
• Interact with auditors, examiners, and other regulatory agencies as required.
• Communicate and report security issues, status, and remediation to Management.
• Perform additional tasks as assigned by Management.

Qualifications:

TYPE & AMOUNT OF EXPERIENCE:
• Bachelor’s degree in Information Technology or related field and 5 years experience in IT/Security, including firewall administration and systems/networking support
• Experience independently managing Check Point firewalls and the GAiA operating system
• Check Point Certified Security Administrator (CCSA) certification highly preferred
• Check Point Certified Security Expert (CCSE) and Cisco Certified Network Professional (CCNP) certifications preferred
• Other security certifications such as CISSP, CISM, and CISA are a plus

TECHNICAL COMPETENCIES:
• Ability to independently design, configure, deploy, and troubleshoot firewall rules to ensure security and while allowing authorized communications between systems
• Experience establishing and maintaining site-to-site, client-to-site and SSL VPN’s
• Thorough understanding of networking principles and protocols
• Maintain an understanding of all the systems, solutions, and technologies administered and implemented by the Credit Union for the purpose of Information Security. The systems and technologies include, but not limited to Firewalls, Web Application Firewall, Anti-Malware/ Virus, DDoS, Remote Access, IPS, SIEM, DLP, Encryption, Vulnerability Scanning, Content Filtering, etc.
• Strong understanding of applicable business systems, industry trends and of layered/security in depth principles
• Awareness of accepted Information Security best practices and regulatory requirements
• Familiar with standard concepts, practices, and procedures

BEHAVIORAL COMPETENCIES:
• Ability to independently prioritize work and complete assignments with minimal oversight
• Highly detail orientated and process focused
• Professional communication skills, both verbal and written
• Ability to manage relationships at all levels throughout the organization
• Able to multi-task in a fast paced environment
• Maintain professional appearance
• Willingness to work flexible hours

WORK ENVIRONMENT/CONDITIONS:
• Standard office conditions

In addition to any specific job requirements in connection with Bank Secrecy Act and/or OFAC (BSA), employee must (i) be aware of BSA matters commensurate with the position; (ii) report any suspicious activity to the manager or compliance department; and (iii) satisfactorily complete any required BSA training.