Job Description

Job Title: Information Security Analyst
Job Location: Oregon


  • Implement, and administer the life cycle of information security systems, including, but not limited to: vulnerability scanners, Security Information Event Management (SIEM) systems, antivirus solutions, and physical and virtual testing environments
  • Develop, document, and maintain procedures for assigned information security systems
  • Research information security best practices, vulnerability/exploit trends, and new information security technology
  • Investigate and mitigate information security-related incidents, including suspected or confirmed system intrusions and other information security related activity in accordance with adopted policies and procedures
  • Regularly collaborate and coordinate with information security analysts at local and partner credit unions regarding information security trends, product evaluations, information security controls, new technologies, and ISP concerns
  • Participate in industry collaborative efforts to monitor and discuss emerging information security threat intelligence
  • Collaborate with business units regarding the information security risk within business unit activities, and recommend risk mitigation options that align with credit union policies and Information Security Program (ISP)
  • Participate as a key member of the Cybersecurity Incident Response Team (CSIRT), to include coordinating yearly cyber incident response testing and documenting the results and lessons learned
  • Provide regular, ongoing physical and information security training for all employees
  • Tests information security controls regularly, including remediation verification testing
  • Administer and maintain an enterprise-wide information security vulnerability scanning regimen
  • Recommend changes to the Information Security Program (ISP) based on needs and/or best practices
  • Function as the information security Subject Matter Expert (SME), including but not limited to providing information security risk expertise toward information system risk assessment activities and participating in the evaluation process for new software and hardware systems
  • Lead the effort and coordinate with IT to complete the FFIEC Cybersecurity Assessment Tool (CAT) annually
  • Apply basic investigative techniques, including interviewing, validating factual information, and preparing clear and concise reports, written and oral
  • Actively engage and communicate with internal, external, and potential members in a friendly, professional manner in person, over the phone, and via e-mail
  • Adhere to federal and state regulations, the company's policies, and other compliance obligations
  • Consistently achieve stated goals
  • Actively participate in security, disaster recovery, fire training, and other meetings and training as requested
  • Demonstrate leadership skills and maintain Corporate Values, Mission Statement, and Service Promises
  • Represent the company with a high level of integrity and professionalism
  • Research, resolve and/or communicate issues and potential problems to management and/or other business units
  • Adapt to and endorse change to support the company's goals and direction

Required Qualifications:

  • Excellent written and oral communication skills
  • Ability to communicate effectively and project a professional image when giving and taking information in writing, in person, and over the phone
  • Ability to effectively present information to top management, internal groups, and/or outside parties
  • Strong interpersonal skills with the ability to work effectively with individuals and groups at all organizational levels
  • Ability to work independently and as part of a team
  • Ability to read, analyze, and interpret common security and computer industry publications and technical journals and regulations
  • Ability to respond to maintain composure while under pressure
  • Ability to define problems, collect data, establish facts, and draw valid conclusions
  • Ability to interpret extensive variety of technical instruction in diagram form and deal with several abstract and concrete variables
  • Ability to take initiative, assume responsibility, and prioritize tasks
  • Good time-management, organizational, problem-prevention, and problem-solving skills
  • Willingness and ability to adapt to changing business needs and deadlines
  • Ability to maintain confidentiality of sensitive information
  • Possess a work ethic that includes neatness, punctuality, and accuracy
  • Exhibit a professional, business like appearance and demeanor
  • Ability to concentrate in environment with background noise and complete or resume tasks despite interruptions
  • High School Diploma or equivalent
  • At least two years of Information Security experience including use of information security tools and activities (e.g., vulnerability scanning, IDS/IPS, port scanning, penetration testing and remediation, malware analysis, and security alert investigation)
  • At least five years of Information Technology experience
  • Certified Information Systems Security Professional (CISSP), or similar certification (e.g. GIAC, CEH)
  • Valid Driver’s License
  • Must be bondable

Preferred Qualifications:

  • Bachelor’s degree in Computer Science, Information Technology, or related field
  • Programming experience (e.g. PowerShell, Python, PERL)

QBH#: 2122

Application Instructions

Please click on the link below to apply for this position. A new window will open and direct you to apply at our corporate careers page. We look forward to hearing from you!

Apply Online