Cybersecurity Engineer

STCU is consistently rated one of the top-performing credit unions in the nation, and has been named one of Fortune Magazine’s Great Places to Work. We look for employees who have a strong desire to serve others, are lifelong learners, are committed to working hard, have a fun-loving attitude, and who want to make a difference in our members’ lives. We love people who share our core values: Joyfulness, generosity, belonging, goodness, and striving. We believe in being a force for good in the community, while helping members achieve their financial goals and dreams.

STCU offers excellent benefits: 
•  Paid time off—plus 11 paid holidays!
•  Medical, dental, vision and life insurance 
•  Flexible schedules and remote-work opportunities
•  Training and career development
•  Success sharing plan
•  401(k) matching contributions
•  Tuition reimbursement

An overview of the benefits can be found here.  
Salary range: $48.43 - $67.80 per hour

*Must currently live in Washington, Idaho, Oregon, Florida, Texas, or Wyoming and able to work 8am - 5pm Pacific Time Zone*

The Cybersecurity Engineer is responsible for the secure design and implementation of STCU’s cloud and physical infrastructure and services to meet organizational strategic initiatives. The position will provide practiced guidance based on current best practices and industry standards to ensure STCU employs controls that are consistent with the STCU risk appetite and sufficient to maintain the confidentiality, integrity and availability of STCU resources.

Core Job Requirements/Outcomes

• Design and implement a secure STCU technology infrastructure by applying practiced and proven methodology based on industry best practices.
• Ensure secure deployment and maintenance of STCU’s cloud and on-premises infrastructure while facilitating completion of strategic objectives by serving as the subject matter expert on security and an engaged mentor for IT peers.
• Provide clarity and consistency in infrastructure deployment expectations by creating and communicating documentation of standards and guidelines regarding required controls and monitoring.
• Facilitate efficiency and automation for secure operations by utilizing technology to create deployment templates that enforce a standard subset of controls as guardrails for new implementations.

Other Essential Functions

• Provide expert guidance and direction in the completion of organizational initiatives by exhibiting a high level of awareness and knowledge regarding cybersecurity trends, best practices and methodology.
• Regularly engage with other IT departments to ensure integration of Cybersecurity best practices within STCU systems, software development, and processes to promote the continuous integration of cybersecurity within business strategies and requirements.
• Provide clarity and consistency in infrastructure deployment expectations by creating and communicating documentation of standards and guidelines regarding required controls, sufficient logging and appropriate monitoring.
• Perform escalated incident response to contain, investigate, and prevent security breaches by promptly responding to and investigating events and potential incidents.

Education: Bachelor’s degree in Computer Science or related field is required. An equivalent combination of education and experience may be considered lieu of the degree requirement.

Job Experience: Minimum five years’ experience managing and securing cloud and/or physical infrastructure in a midsize organization.

Certifications: At least three security-based certifications. At least one must be Azure security related at the intermediate level (ex. SC-300, SC-200, AZ-500). A minimum of one currently active standardized Cybersecurity industry certification. (From: GIAC, ISC2, ISACA, EC-Council). One additional standardized professional certification from above or from an STCU utilized vendor.

Software Skills: Demonstrated knowledge of application and operating system hardening, vulnerability assessments, security audits, penetration testing, TCP/IP and UDP operation and analysis, intrusion prevention systems, firewalls, VPNs, and other security control systems. Proven knowledge of various operating system implementations including Windows, Linux, and virtualization technology.

Physical Demands: Must be able to regularly talk, hear and operate a computer, keyboard and mouse and occasionally lift, pull/push and carry up to 20 pounds with accommodations.

Work Conditions: Exposure to constant or intermittent sounds at a low or moderate level consistent within an office setting. Exposure to high-stress, fast-paced, deadline-oriented environment. This role is part of an on-call rotation with <1hr response time.

Ready to apply? Click on I'm interested!