|
Connexus Credit Union - Who We Are: Serving members across all 50 states, Connexus Credit Union is a member-focused cooperative that is proud to return profits to member-owners through high yields for checking accounts and deposit products, as well as competitive rates on our loans. We are a remote first employer with the majority of our employees residing in the upper Midwest. As an employer we foster collaboration and high performance to achieve excellence. We holistically care for and develop our employees to thrive personally and professionally. We are proud to share our success with our employees and those we serve. Connexus offers an Amazing Benefits package:
25 days of paid time off and 8 paid holidays 16 hours of paid Volunteer Time Off 401K Retirement with up to 6% employer match Excellent Health, Dental, Vision insurance, including multiple plan options Health Savings Account with generous employer contributions Employer paid Life insurance, Short-Term and Long-Term Disability Tuition Reimbursement from $4,000 - $7,000 per calendar year Robust Learning and Development program that includes an annual professional development stipend
About the Role: Information Security Risk Analyst II is tasked with identifying, assessing, and managing security risks. This role requires expertise in cybersecurity, risk management, and regulatory compliance, coupled with a strong grasp of offensive tactics. The ideal candidate will take ownership of risks and collaborate effectively with the Information Security team across the organization. What the Analyst will do: Risk Assessment and Analysis:
Policy Development:
Compliance and Audits
Identity and Access Management
Training and Awareness:
Collaboration and Communication:
Communicate risk assessment findings and recommendations to stakeholders and senior management. Demonstrate ownership of risks that includes communicating the business impact, performing risk assessment, prioritizing the risk, getting consensus with stakeholders, managing remediation/acceptance, and tracking over time.
Responsibilities: Security Operations & Administration
Monitor, triage, and perform initial investigations on security alerts from various security systems Serve as second escalation point for 3rd party SOC/MDR provider and level 1 analysts Assist with investigative forensics to collect and retain evidence(s) related to security incidents Assist in tuning efforts to improve detection engineering capabilities and reduce security alert false positive rate(s) Develop and maintain security incident response runbooks/playbooks based on historical security incident investigations and latest best practices for various threat type(s) Assist with vulnerability remediation activities in partnership with IT operations team(s) Serve as initial point of contact for internal customers, assisting with security tooling and standards adoption as needed Assist in metrics and report generation based on security threats and other activities as needed Provide support in the investigation and remediation of potential threats and assists with general information system control reviews, risk, and vulnerability assessments to identify weaknesses and assess the effectiveness of existing controls, recommends remedial action as needed. Provide threat and vulnerability analysis as well as security advisory services
Security Governance, Risk & Compliance
Assist and support federal exam/3rd party audit efforts by gathering and compiling requested evidence(s) Assist and support rollout of technical hardening controls (CIS benchmarks, golden image mgmt., secure environment configurations, etc.) driven by internal policy and compliance initiatives Report on technical control gaps across applications/systems and assist in driving remediation efforts via IT Exceptions process Support the technology risk assessment process with the goal of ensuring alignment with the organization's risk tolerance and risk profile Assist in developing and delivering security awareness training, development of information security documentation and the maintenance and testing of disaster resiliency strategies and procedures. Support activities to assess adherence to the information security policies and procedures Support security-based risk assessments of business and technology sponsored projects and initiatives, including engagements with third parties.
Security Architecture & Engineering
Assist and support system design and implementation for security programs and tooling Assist and support workflow, process, and procedural development and maintenance efforts relating to security tooling and initiatives Provide Information Security guidance through all phases of a project when identified as a necessary resource to design/build/run, improve or maintain software, systems and processes. Conduct periodic reviews of deployed security technologies to ensure that the solutions continue to provide the intended protections efficiently and effectively.
Other Responsibilities
Perform continuing education as needed on latest security threats, best practices, and emerging technologies Comply with all Federal Regulations as they pertain to your job duties, including BSA.
Position Requirements:
This position is Remote. Associate's degree or commensurate experience is Required. One or more of the following security certifications: GSEC, GCLD, CISSP, CISA, GCIH, Security+ is Required. 5+ years of experience within Information Security is Required. Strong knowledge of cloud environments and cloud security is Required. Experience with securing Windows operating systems is Required. Experience with securing Linux operating systems is Required.
Connexus Credit Union's Employer Recognitions:
2024 Best in Class Employer, Gallagher 2025 Best Place to Work in IT, Computer World
Equal Opportunity Employer/Disabled/Veterans/41 CFR 60-1.4, 41 CFR 60-1.35
|
Connexus Credit Union
life insurance, vision insurance, paid time off, paid holidays, tuition reimbursement, 401(k)
Aug 04, 2025