ICCU is seeking a Senior Information Security Analyst specializing in Governance, Risk, and Compliance (GRC). This role will focus on monitoring and assessing cyber and technical controls used by credit union and its partners, along with overseeing and liaising in cyber related audits, assessments, and regulatory exams. ICCU has been voted as “Best Place to Work in Idaho” and offers a deep cyber career path for qualified applicants. While we welcome qualified applicants at all levels of experience for this role, preference will be given for those candidates with:

1. 2+ years’ experience in cyber GRC, including oversight and strong familiarity with cyber security frameworks such as NIST CSF, CIS Critical Controls, FFIEC CAT, SOCII/II, PCI, and similar.
2. 7+ years’ experience in Information Security or equivalent experience in roles with significant information security assignments and functions.
3. GRC related certifications such as the CISSP, CRISC, CISA, CISM, or similar.

The area of responsibility for the Senior Information Security Analyst is to maintain and improve the security posture of the Credit Union. The Senior Information Security Analyst position is responsible to:

1. Help ensure that Idaho Central Credit Union is secure through the development and implementation of best practices.
2. Provide information security thought leadership and risk-based security requirements.
3. Assess and oversee the technical and cyber controls set forth by the Idaho Central Credit Union Security Program.

• • Work with IT Management to develop and update the Idaho Central Credit Union Security Program, including relevant policies and procedures.
  • Have oversight and ownership of cyber GRC functions within key GRC systems.
  • Conduct and oversee the enterprise cyber risk management program.
  • Conduct Third Party Risk Management (TPRM) cyber assessments.
  • Oversee the credit units vulnerability management and assessment program.
  • Conduct, coordinate, and liaise with internal and external IT audits, assessments, and regulatory exams.
  • Oversee and manage the information security teams cyber controls assessment calendar.
  • Develop, propose, and coordinate the credit unions cyber awareness training program.
  • Conduct some cyber operational activities as assigned.
  • Other duties as assigned.

This position will fill an Information Security Analyst III or potentially an Information Security Analyst II role based on qualifications and experience.  Please refer to specific qualifications for each level.

Information Security Analyst II

A qualified candidate will have a bachelor’s degree in Computer Science, Computer Information Systems or engineering/math field of study. Additionally, a Master’s Degree or equivalent experience is required in computer related field such as Computer Science, Computer Security or Software Development. CISSP Certified, SANS GSEC Certification, or equivalent is required. 5-7 Years of work experience in the Information Security field. Ability to communicate with Executive Management, Credit Union personnel and communicate effectively through customized reports. Ability to always maintain confidentiality of Credit Union and member records.

Senior Information Security Analyst

A qualified candidate will have a bachelor’s degree in Computer Science, Computer Information Systems, or engineering/math field of study. A master’s degree in a computer related field such as Computer Science, Computer Security, Software Development, or equivalent experience is required. CISSP, SANS GSEC Certification, CISM, CRISC, GIAC Enterprise Defense (GCED), or equivalent certification is required. 7-11 Years of work experience in the Information Security field. A demonstrated ability to successfully lead and execute complex projects that require the contribution of other individuals to complete. Ability to communicate with Executive Management, Credit Union personnel and communicate effectively through customized reports. Ability to provide thought leadership in Information Security throughout the Credit Union. Ability to always maintain confidentiality of Credit Union and member records. High level understanding of technologies used in the Financial Industry sector.

Performance Standard:

A demonstrated ability to solve complex problems. Ability to research, understand and report on high level security issues. Attention to detail on many concurrent projects and initiatives. A demonstrated cooperative and positive attitude toward members and other Credit Union staff. Ability to work without supervision and lead in key areas of the information security program. Must be willing to comply with the Bank Secrecy Act and USA Patriot Act as implemented by Idaho Central Credit Union.

Additional Physical Requirements:

• Ability to work all hours of the day onsite and remote.

Physical Requirements:

• Perform tasks requiring manual dexterity (processing paperwork, filing, stapling, sorting, collating, typing, counting cash, etc.).
• Sit for extended periods of time.
• Lift 20-40 pounds of applicable supplies including but not limited to copy paper, cash drawers, marketing material, etc.
• Repetitive motion using wrists, hands, and fingers.
• Reach keyboards.
• Ability to operate basic office machines (calculator, computer, telephone, copy machine, fax machine, etc.).

The above statements reflect the general details considered necessary to describe the essential functions of the job and should not be construed as a detailed description of all the work requirements that may be inherent of the job.

Must be eligible for membership at Idaho Central Credit Union to obtain employment.

Idaho Central Credit Union is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, national or ethnic origin, sex, age, disability, protected veteran status or other characteristics protected by law.