Senior Information Security Analyst

Third Federal is a leading lender of conventional home mortgages lending in 27 states, plus the District of Columbia, with retail branch offices in Ohio and Florida. Our mission is to help people achieve the dream of home ownership and financial security while creating value for our customers, our communities, our associates, and our stockholders. Our value system of love (concern for others), trust, respect, a commitment to excellence, and fun is at the heart of our commitment to our mission, and just as importantly, to our company culture. Through this, we help people find the loan or savings product that makes sense for them.

At Third Federal, you will find strength and stability in your career. In our nearly 90-year history, we have never had layoffs, and have one of the lowest annual turnover rates at 6% (versus an industry average of nearly 19%). We have been certified as a 'Great Place to Work' multiple times in the last decade alone, and have been recognized with several additional workplace awards and recognitions. Because Third Federal associates are the foundation of our success, we take a genuine interest in each of them - from their professional development to their health and wellness.

About the Role

This is a senior-level position within the Information Security team. Responsibilities include monitoring and investigation of alerts, administration of software used by the team, and researching and implementing improvements to our Information Security posture. This position requires 8+ years of hands-on experience in multiple areas of Information Security, and knowledge and skills in areas such as networking, Windows, Linux, and Cloud platforms.

This position will be hybrid at our corporate location in Cleveland, OH (7007 Broadway Ave, Cleveland, OH 44105). The role will be onsite two days per week.

Responsibilities

• Respond to alerts, events, and incidents
• Perform detailed investigation and analysis of events
• Use personal knowledge, skills, and tools to monitor for threats
• Develop and implement monitoring rules and alerts
• During investigations act as the go-to person for junior members of the team
• Troubleshoot and support software and devices used by the Information Security team
• Maintain situational awareness about the entire Information Technology environment at Third Federal
• Regularly provide ideas and recommendations to improve the Information Security posture
• Awareness and understanding of current topics and threats occurring in the Information Security community
• Provide training to other members of the Information Security
• Implement new Information Security tools and products
• Create policies, playbooks, how-to guides, and other documentation
• Act as a technical leader on threat and vulnerability management by reviewing and analyzing vulnerability data to identify trends and patterns. Additionally, collaborate with colleagues in prioritizing vulnerability fixes and developing remediation plans.
• Provide technical guidance on secure system design and configurations
• Collaborate with the rest of the security team to enhance overall security posture
• Proactively hunt for cyber threats and vulnerabilities within the organization's environment
• Analyze security data and logs from multiple sources (DLP, SIEM, EDR tools, etc.) to detect anomalous activity
• Build and improve detection mechanisms to identify malicious behavior
• Perform incident response tasks related to emerging threats and vulnerabilities
• Act as a liaison between security, other technical teams, and the business to align security practices
• Additionally, the role involves participating in cross-departmental security projects, staying updated on industry trends, and advocating for information security through awareness initiatives

Qualifications

• Minimum 8-10 years of experience in an Information Security role
• Experience working with the following :
• Cloud security tools and concepts

Firewalls, IPS, WAF, SIEM, and EDR technologies

• DLP Tools and Technology
• Vulnerability scanning and threat analysis tools
• Email Protection and Phishing solutions
• Hands-on administration with a broad security understanding of one or more products such as anti-malware / anti-virus, firewalls, web proxies, SIEMs, vulnerability scanners, penetration testing, email filtering, DLP, etc.
• Fluency in SIEM systems with proven ability to understand all the inputs / data sources
• Ability and strong understanding of how to monitor networks for security breaches and analyzing network traffic, activity logs and system alerts
• Hands on experience with responding to security events, threats and / or incidents by investigating and analyzing to identify root causes
• Proven ability to prepare reports on security events, incidents and threats
• Ability to protect systems by using and maintaining software like firewalls and data encryption programs to protect sensitive information
• Capable of conducting security assessments, vulnerability testing (scanning) and risk analysis with having key abilities to identify vulnerabilities and assess their risk and impact to the organization
• Proven ability to create documentation for security related plans including incident response and disaster recovery plans
• Strong problem-solving skills to investigate and understand security events
• Ability to think critically and innovatively about the security solutions that can keep data secure
• Understanding of TCP / IP and networking
• Knowledge of best practices and frameworks used in Information Security
• Capable of explaining technical information to both I.T. and non-technical audiences
• Detailed orientated
• Ability to handle multiple projects and prioritize critical work
• Desire to self-educate on the ever-changing landscape of cyber tactics
• Superior written and verbal communication skills
• Bachelor's degree in computer science, information security, or related, preferred
• Certifications such as CISSP, CEH, Security+ etc., preferred
• Experience with Azure and AWS platforms is preferred
• Competitive compensation packages
• Medical, dental, vision, and more
• Exceptional culture and value system
• Strong work / life balance
• Growth opportunities
• Mortgage Discount Program
• Education Reimbursement Program

Third Federal is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, ethnicity, religion, sex, national origin, gender identification or sexual orientation, disability, protected veteran status or any other classification protected under law.

Equal Opportunity Employer / Protected Veterans / Individuals with Disabilities

The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor's legal duty to furnish information. 41 CFR 60-1.35(c)

Senior Information Security Analyst • Cleveland, OH, United States