Information Security Engineer

Financial Partners Credit Union

Costa Mesa, CA

JOB DETAILS
SKILLS
Access Control, Analysis Skills, Antivirus, Authentication, Automation, Best Practices, CISSP - Certified Information Systems Security Professional, Cloud Computing, CompTIA Security+, Computer Science, Computer Security, Corporate Policies, Credit Union, Documentation Standards, Enterprise Protection, Finance, Financial Systems, Firewalls, Hardware Installation, Identity Data Management, Incident Response, Information Technology & Information Systems, Information/Data Security (InfoSec), Internet Security, Intrusion Detection and Prevention (IDP), Law Enforcement, Leadership, Maintain Compliance, Microsoft Product Family, Network Integration, Network Routers, Network Security, Network Switching, Network Systems, OAuth, OpenID, Privacy Controls, Protective Services, Regulations, Research Skills, Risk Analysis, Risk Management, SSL-TLS (Secure Socket Layer - Transport Layer Security), Security Analysis, Security Assertion Markup Language (SAML), Security Information and Event Management (SIEM), Security Infrastructure, Security Monitoring, Security Protocols, Software Installation, Standard Operating Procedures (SOP), Standards Development, Team Player, Technical/Engineering Design, Trend Analysis, U.S. National Institute of Standards and Technology (NIST), VPN (Virtual Private Network)
LOCATION
Costa Mesa, CA
POSTED
9 days ago


PURPOSE OF JOB:

Under the direction of the VP Information Security & Data Privacy, the Information Security Engineer will be responsible for the implementation, maintenance, and integration of our identity security capabilities while contributing broadly across our information security program. 

This individual will be responsible for building and maturing identity governances, including user provisioning and access reviews, while also partnering across teams to strengthen network security controls, data protection and enterprise security posture. 


ESSENTIAL RESPONSIBILITIES:

  1. Design, engineer, implement, maintain, and monitor security measures for the protection of the FPCU network and systems. Devices will include routers, switches, firewalls, intrusion detection/prevention, antivirus, SIEM, VPN, SSL and other security components.
  2. Performing analysis of security needs and contributes to design, integration, and installation of hardware and software.
  3. Ensure cyber security best practices are implemented and followed. Maintains compliance with all guidelines and regulations such as FFIEC, NIST, GLBA, and any other relevant regulations.
  4. Monitors information systems for security incidents and vulnerabilities; develops monitoring and visibility capabilities; reports on incidents, vulnerabilities, and trends.
  5. Responds to information systems security incidents and vulnerabilities including investigation of, countermeasures to, and recovery from computer-based attacks, unauthorized access and policy breaches; interacts and coordinates with third-party incident responders including law enforcement.
  6. Monitor and analyze changes in the threat and regulatory landscape to assess organizational risk; develop and execute risk mitigation and compliance strategies, including self-assessments and third-party evaluations, while contributing to the development and maintenance of information security governance frameworks (policies, standards, procedures, and guidelines).
  7. Develop and implement security solutions, tools, and automations, while contributing to the creation and documentation of standard operating procedures and security protocols.
  8. Design, implement, and manage enterprise identity and access management capabilities, including identity governance, lifecycle automation, privileged access, and authentication controls, to enforce least privilege access and strengthen organizational security posture.
  9. Performs other related duties as required.
  10. We share a collaborative obligation to ensure that we conduct ourselves in the utmost ethical manner and that we hold each other accountable to the values and standards of the organization. Every Partner has the responsibility to ask questions, seek guidance, and report concerns and/or violations of company policy or ethical standards. Financial Partners has several processes in place to communicate with leadership and expects that partners will have a commitment to integrity and uncompromising values.
  11. All areas of responsibility are essential to the satisfactory performance of this position by any/all incumbents, with reasonable accommodation, if necessary. Any non-essential functions are assumed to be included in other related duties as assigned.

 

KNOWLEDGE & EXPERIENCE: 

  • Bachelor’s degree in computer science, information security, or related field, or equivalent practical experience. 
  • 5+ years of experience in information security, with a strong focus on identity and access management.
  • Experience conducting or supporting information security risk assessments across IT environments.
  • Experience developing or contributing to security policies, standards, and governance frameworks.
  • Experience designing and implementing user life cycle management including user access reviews.
  • Experience implementing and managing privileged access management (PAM) solutions and controls.
  • Knowledge of Secure Access Service Edge (SASE) concepts, including the integration of network and security services such as secure web gateways, zero trust network access (ZTNA), and data protection controls to securely enable access to applications and resources.
  • Strong understanding of modern authentication and authorization protocols (e.g., SAML, OAuth, OpenID Connect)
  • Experience implementing and managing Microsoft cloud security and identity platforms.
  • Working knowledge of cloud security principles and identity integration within cloud environments.
  • Ability to conduct research into issues and products as required.
  • Knowledge of credit union operations and financial industry systems preferred.


CERTIFICATES, LICENSES, REGISTRATIONS:

Any security or relevant certifications (e.g., CompTIA Security+, Microsoft SC-300, CISSP) are strongly desired. 

 


About the Company

F

Financial Partners Credit Union