Your browser cookies must be enabled in order to apply for this job. Please contact if you need further instruction on how to do that.

Information Security Specialist

IT | San Francisco, CA | Full Time

Job Description



POSITION: Information Security Specialist

DEPARTMENT: Information Security & Risk Management (ISRM)

REPORTS TO: Information Security Manager



Position Summary

The Information Security Specialist is responsible for the ongoing administration, deployment, development and maintenance of San Francisco Federal Credit Union’s (SFFedCU) security infrastructure. Responsible for maintaining a good enterprise security posture for the Credit Union. Actively supports the information security program by ensuring compliance with the regulatory standards and best practices. All employees of San Francisco Federal Credit Union are proactive, results driven and fully committed to the Credit Union’s mission and vision by striving to achieve the highest standards of excellence and consistently exceeding the expectations of member, team and community experiences. They are also enthusiastic and willing ambassadors of the Credit Union through participation in CommunityShare projects and initiatives.


Essential Functions and Responsibilities


Network Security Administration

  • Development and deployment of technical information security controls to help mitigate security risks and automate repeatable procedures.

  • Performs the integration and initial configuration of all new security solutions and of any enhancements to existing ones.

  • Maintaining the configurations of content of various security solutions/tools in alignment with the Security strategy of the Credit Union

  • Identification of new and emerging threats and development of mitigation plans

  • Incident response, mitigation and reporting

  • Support processes to monitor the effectiveness, and optimize the capabilities, of the security tools being used by the Credit Union

  • Develop innovative monitoring and detection solutions using the enterprise available tools and other skillsets such as scripting

  • Work with system/business owners and other stakeholders to find innovative ways to solve or improve existing production security issues

  • Responsible for the scheduled vulnerability scans and review of findings with clear precise remediation support

  • Tier 2 escalation from contracted SOC services

  • Responsible for malware analysis and threat modeling


Security Architecture & Governance

  • Prepare, document and maintain standard operating procedures and technical references for security solutions/tools

  • Monitor adherence to the architecture and system-wide policies

  • Participates in the planning and design of an enterprise Business Continuity and Disaster Recovery plan, under the direction of the Manager

  • Actively involved in the Security awareness program

  • Maintains up-to-date detailed knowledge of the IT security industry including awareness of new or revised security solutions, improved security processes and the development of new attacks and threat vectors

  • Actively collaborates with IT department staff to identify and eliminate root causes of process and technology inefficiencies



Knowledge Skills and Abilities

  • Proven experience in building and maintaining security systems

  • Deep knowledge of IT core infrastructure and cybersecurity components/devices

  • Thorough understanding of the latest security principles, techniques and protocols

  • Strong experience with penetration testing, vulnerability scanners and vulnerability management

  • Strong hands-on experience working with security systems, including firewalls, intrusion detection systems, anti-virus software, data loss prevention, authentication systems, log management, content filtering, etc.

  • Deep knowledge of diverse operating systems, networking protocols and system administration

  • Deep knowledge of log, network and system forensic solutions

  • Working knowledge of malware analysis and threat modeling

  • Experience aligning technical controls with NIST CSF objectives.

  • Ability to work with staff and members in a professional, approachable, and positive manner

  • Excellent problem solving, critical thinking and analytical skills

  • Strong communication skills – written and verbal

  • Must be able to work independently as well as in a team oriented environment

  • Ability to work weekends and evenings when needed

  • Ability to effectively manage multiple tasks and deadlines simultaneously

  • Demonstrates commitment to self-improvement by taking the initiative of learning new skills, systems and procedures as well as taking advantage of the continuous education opportunities within and outside of the Credit Union


Background Education and Experience

  • Bachelor’s degree in Computer Science, IT Security or technology related field or related experience

  • A minimum of 5 years’ experience in networking and security systems (preferably in a credit union or bank)

  • Network and Security vendor certifications (CCNP, OSCP, GIAC, CISM, CISSP etc.) will be an added advantage

  • Experience with scripting (Perl, Python, Ruby etc.) will be preferred.


Physical Requirements, Reasonable Accommodation and Work Environment

All reasonable accommodations will be made to ensure a safe and functioning working environment for

those individuals who will require such accommodations

• Ability to stand, bend, stoop, sit, walk, twist, turn and drive

• Ability to lift up to 50 pounds

• Ability to use a computer keyboard, calculator, and mouse

• Work environment is indoors; majority of the time is spent sitting at a desk



EEO Statement

SFFedCU does not discriminate in employment opportunities or practices on the basis of race, color, religion, creed, sex, national origin, age, disability, marital status, pregnancy, childbirth, breastfeeding or related condition, ancestry, medical condition including genetic characteristics, veteran or military status, sexual orientation, gender expression, any persons holding an undocumented “AB” 60” driver’s license, or any other characteristic protected by law. This provision also includes the perception that anyone has any of the above characteristics, or is associated with a person who has or is perceived as having any one of these characteristics. All such discrimination is unlawful.


DISCLAIMER* This job description is not an exclusive or exhaustive list of all job functions that an employee in this position may be asked to perform from time to time. All employees are to maintain a positive work atmosphere by acting and communicating in a manner so that you get along with customers, clients, co-workers, and management.