ISD Analyst II/III (Desktop Risk Mitigation)

Company: Navy Federal Credit Union
Location: Pensacola
Posted on: May 26, 2023

Job Description:

YOUR LIFE'S MISSION: POSSIBLE You have goals, dreams, hobbies and things you're passionate about.What's Important to You Is Important to UsWe're looking for people who not only want to do meaningful, challenging work, keep their skills sharp and move ahead, but who also take time for the things that matter to them-friends, family and passions. And we're looking for team members who are passionate about our mission-making a difference in military members' and their families' lives. Together, we can make it happen.Don't take our word for it.* Military Times 2022 Best for Vets Employers* Yello and WayUp Top 100 Internship Programs* Forbes 2022 The Best Employers for New Grads* Fortune Best Workplaces for Women* Fortune 100 Best Companies to Work For* Fortune Best Place to Work for Financial and Insurance Services* Computerworld Best Places to Work in IT* Ripplematch Campus Forward Award - Excellence in Early Career HiringBasic Purpose As an Analyst for Desktop Risk Mitigation, you will be responsible for mitigating risks to increase NFCU's security posture, which includes ensuring the timely coordination of desktop hardware and software patch remediation for known and/or potential vulnerabilities. You will support desktop compliance and remediation activities pertaining to audit, risk, and vulnerability management within the Navy Federal Credit Union environment. You will be part of a remarkable and hard-working IT team who apply their desktop and information security expertise to research and analyze workstation compliance and vulnerability data to help remediate and bring devices back into compliance in an efficient and timely manner.Responsibilities* Support ISD efforts to continuously evaluate workstation security, data vulnerability, business continuity, and compliance risks* Perform comprehensive analysis of vulnerability scan results, assign ownership, and perform remediation efforts* Review, file, and oversee Issue management and security/policy exceptions to ensure compliance with Information Security standards* Coordinate with stakeholders, management, and other groups to plan, and ensure corrective actions are implemented to address identified vulnerabilities within SLAs* Provide support to address issues and escalations related to vulnerability findings, breaches, and/or remediation plans* Determine the root cause for vulnerabilities by type and how to improve the front-end processes to reduce the impact of future scans* Research and analyze outstanding patches and perform patch remediation.* Research and remediate non-compliant devices and configuration items to bring devices back into compliance* Diagnose issues through technical analysis of Navy Federal hardware/software assets* Assess operational procedures (or lack thereof), identify hazards, recommend, and implement controls, and monitor those controls* Review, track and manage various audit, risk & vulnerability assessments for the department; Review results of audit, risk, and vulnerability assessments, and establish mitigations* Collaborate with Information Security and respond to risk and vulnerability assessments for desktop applications and operating systems* Document standard operating procedures for installations, configurations and/or administrative tasks* Develop metrics and reporting; performs data analytics and trend analysis to measure performance and identify improvement opportunities* Perform qualitative and quantitative analysis using analytical techniques, tools, models, and simulation.* Prepare reports and presentations for senior management.* Train team members and/or peers on functional processes and procedures.* Full life-cycle project management o Establish and lead project teams o Develop project plan/scope/schedule/cost/communications o Procure and/or manage resources/timelines/deadlines/quality o Risk, Issue, and Change management o Ensure successful project implementation o Scope of responsibilityQualifications * Bachelor's degree in Business Administration, Information Technology (IT), Risk Management, Cybersecurity or related field, or the equivalent combination of education, training, and experience* 3 years' IT/ Information Security work experience in a risk and vulnerability management capacity* 3 years' experience with ServiceNow Vulnerability Response, ServiceNow Issue Management, and Rapid 7 and/or Tenable* 5 years' experience with SharePoint, Microsoft Word, Microsoft Excel, Power BI, MECM (Microsoft Endpoint Configuration Manager), Defender for Endpoint, and other Microsoft owned applications* 3 years' experience with Jamf, and MacOS systems* Significant experience in diagnosing and troubleshooting IT system issues and presenting technical solutions and/or recommendations* Advanced knowledge of technical inter-relationships between software/hardware and desktop/LAN/Host systems* Experience reviewing and analyzing vulnerabilities, assessing the level of risk, and ability to provide reasonable recommendations for remediationExperience with manipulating large sums of vulnerability and compliance data, and in the execution of risk mitigations* Strong experience in MS Excel pivot tables, data analytics, evaluating team productivity and performance metrics, ServiceNow dashboards, and other related tools and reporting.* Experience with network security concepts and principles and endpoint operating system security.* Experience in multiple platforms Citrix, Windows, & MAC* Practical working knowledge of coding practices, and automation* Experience in project management, coordination, user testing, and meeting facilitation.* Effective communication and documentation skills to write technical and end-user documentation* Experience in establishing and/or driving process improvement or re-engineering, i.e., Kaizen.* Strong experience with development and/or operations framework methodologies, including Information Technology Infrastructure Library (ITIL), Systems Development Life Cycle (SDLC), etc.* Advanced organizational, planning, and time management skills with the ability to prioritize and execute.* Ability to work independently and in a team environment* Ability to guide, and mentor less experienced staff* Excellent written and verbal communication skills, especially experience with executive-level communications* Advanced research, analytical, and problem-solving skills; ability to apply professional-level functional knowledge to identify and solve complex problemsDesired Qualifications* CISSP and/or GIAC certification(s)* System/Process Automation (Orchestration) experience* Experience implementing systems/applications using Agile/Scrum* Master's degree in Business Administration, Information Technology, Risk Management, Cybersecurity, or related fieldHours: Monday - Friday, 8:00AM - 4:30PMLocation: 820 Follin Lane, Vienna, VA 22180 - 5550 Heritage Oaks Dr. Pensacola, FL 32526 - 141 Security Dr. Winchester, VA 22602 Navy Federal is now hybrid! Our standard enterprise requirement for a hybrid schedule is to report on-site 4-16 days each month. The number of days reporting on-site will ultimately be determined by the employee's leadership and business unit needs. You will learn more throughout the hiring and on boarding process.Salary Range: $85,500 - $146,300 annuallyNavy Federal Credit Union assesses market data to establish salary ranges that enable us to remain competitive. You are paid within the salary range, based on your experience, location and market position.Posting End Date: 06/11/2023Job postings are subject to close early or extend out longer than the anticipated closing date at the hiring team's discretion based on qualified applicant volume.#LI-Hybrid Equal Employment Opportunity Navy Federal values, celebrates, and enacts diversity in the workplace. Navy Federal takes affirmative action to employ and advance in employment qualified individuals with disabilities, disabled veterans, Armed Forces service medal veterans, recently separated veterans, and other protected veterans. EOE/AA/M/F/Veteran/DisabilityDisclaimerNavy Federal reserves the right to fill this role at a higher/lower grade level based on business need. An assessment may be required to compete for this position.Bank Secrecy ActRemains cognizant of and adheres to Navy Federal policies and procedures, and regulations pertaining to the Bank Secrecy Act.

Keywords: Navy Federal Credit Union, Pensacola , ISD Analyst II/III (Desktop Risk Mitigation), Professions , Pensacola, Florida