YOUR LIFE'S MISSION: POSSIBLE
You have goals, dreams, hobbies and things you’re passionate about.
What’s Important to You Is Important to Us
We’re looking for people who not only want to do meaningful, challenging work, keep their skills sharp and move ahead, but who also take time for the things that matter to them—friends, family and passions. And we're looking for team members who are passionate about our mission—making a difference in military members' and their families' lives. Together, we can make it happen.
Don’t take our word for it.
The Information Security Engagement Analyst is a key role to advance the resiliency of Navy Federal systems and has experience and expertise in one or more sub-specializations of security (such as Cloud Computing). The core function of this role is: to analyze, design, implement, monitor and support an enterprise-wide technical architecture focusing on information security. To conduct analysis of critical information security systems, network architectures and infrastructures to detect information security deficiencies and provide complex problem resolution. A deep knowledge of information security leading practices is crucial to execute tactically in support of larger strategic efforts.
Engagement, contributions, and communication
• Designs, implements, supports and maintains operational security policies and security solutions based on security standards and best practices. Analyzes, evaluates and determines security risks for submitted requests. Participates reviewing and analyzing internal projects that may have an impact on information security. Participates in reviewing and analyzing external connectivity issues that may impact security of Navy Federal and customers’ information. Coordinates with and supports information security efforts and provide guidance on risks and vulnerabilities related to common application protocols and Web services security. Understand and advise on data governance approach for security concerns including encryption, confidentiality, authentication, privacy, etc.
• Supports a security philosophy of risk mitigation through proactive security awareness training, cost effective countermeasures, host-level security and security planning/integration. Assists in ensuring currency and authentication, encryption, and intrusion detection methods. Identifies and correlates security data and information technology and security risks.
• Serves as a consultant for security issues across Information Services, with an emphasis on Cloud. Evaluates problem, identifies the root causes, coordinates resources, determines temporary measures and/or permanent solutions and recommends and/or implements measures to restore full services. Escalates and works with Manager or leadership to resolve more complex situations and/or challenges.
• Participates in new technology evaluations and implementations of information security systems. Researches and evaluates impact of the implementation of new security measures, systems and technologies into the corporate infrastructure, ensuring security best practices are met. Maintains network security knowledge by investigating new state-of-the-art technologies and methodologies, attending educational workshops, reviewing technical publications, performing technical hands-on evaluations and making recommendations to Information Security management. Maintains technical certifications in enterprise-wide information security competencies, network operating systems, network configuration, and tools development languages.
• Participates in the design and development of training for technical staff on information security technologies, methodologies, and best practices. Participates in the development of maintenance of formal documentation and procedures for information security architecture.
• Performs other related duties as assigned
Qualifications and Education Requirements:
Minimum Knowledge & Skills Required:
• Bachelor's degree required (or equivalent background of work experience and military service)
• Experience that demonstrates knowledge and skill of information security technology
• Experience that demonstrates knowledge of information security analysis and design techniques
• Experience that demonstrates knowledge of data security practices and procedures, including risk assessment, authentication technologies, and security attack pathologies
• Experience in project planning and resource management
• Effective planning and organizational skills
• Effective research, analytical and problem solving skills
• Effective verbal, written and interpersonal communication skills, including skill in negotiating and persuading others
• Ability to present findings and conclusions clearly and concisely
• Knowledge of NCUA and FFIEC regulations, GLBA, PCI, and other information security requirements and NIST and ISO frameworks
• Knowledge of Cloud infrastructure and security frameworks for IaaS, PaaS, and SaaS configurations
Desired Qualifications and Education Requirements:
• Knowledge of Navy Federal operations
• Strong knowledge of the financial services industry
• Proficient industry knowledge: CISSP, CISM, and other security certifications preferred
• Proficient industry standards as shown by certifications: (ISACA, NIST, COBIT, COSO, ITIL)
• Experience (and preferably certification) in agile methods and ways of working
• Azure, AWS, and/or other Cloud certifications (preferred: AZ 500 certification)
Hours: Monday - Friday, 8:00am - 4:30pm
Location: 820 Follin Lane, Vienna, VA 22180
Equal Employment Opportunity
Navy Federal values, celebrates, and enacts diversity in the workplace. Navy Federal takes affirmative action to employ and advance in employment qualified individuals with disabilities, disabled veterans, Armed Forces service medal veterans, recently separated veterans, and other protected veterans. EOE/AA/M/F/Veteran/Disability
Navy Federal reserves the right to fill this role at a higher/lower grade level based on business need. An assessment may be required to compete for this position.
Bank Secrecy Act
Remains cognizant of and adheres to Navy Federal policies and procedures, and regulations pertaining to the Bank Secrecy Act.