This job posting is no longer active

Senior Cyber Action Officer

Location: FL Pensacola - Operations Full/Part Time: Full-Time Regular/Temporary: Regular

Job Description


You have goals, dreams, hobbies and things you’re passionate about.

What’s Important to You Is Important to Us
We’re looking for people who not only want to do meaningful, challenging work, keep their skills sharp and move ahead, but who also take time for the things that matter to them—friends, family and passions. And we're looking for team members who are passionate about our mission—making a difference in military members' and their families' lives. Together, we can make it happen.

Don’t take our word for it.

  • FORTUNE 100 Best Companies to Work For®
  • Computerworld® Best Places to Work in IT
  • FORTUNE® Best Workplaces for Millennials
  • Forbes® America’s Best Employers


Basic Purpose

The Cybersecurity Operations Center (CSOC) Incident Response & Monitoring (IRM), Cyber Action Group (CAG) provides operational oversight to all cybersecurity training exercises across the NFCU Enterprise.  In addition, the CAG is NFCU’s lead element when participating in external cybersecurity training exercises.  The CAG is responsible for maintaining the Enterprise Incident Response (IR) plan and will ensure all stakeholders understand their roles and responsibilities.  If called upon, the CAG will serve as a main component in support of an actual IR involving NFCU employees, members, information or information systems.  The CAG will report directly to IRM leadership and work closely with Security and the various BU’s to develop relevant exercise scenarios and conduct internal cybersecurity training. 


• Ensure NFCU’s cybersecurity tabletop (TTX) exercise program meets any compliance requirements. 
• Project management skills that can be applied to exercise planning.
• Conduct two enterprise wide TTXs within the calendar year to test the enterprise IR plan.
• For strategic BU partners, conduct monthly mini-TTX’s.
• Manage any vendor engagement with respect to exercises or real-world IR efforts.
• Document and maintain exercise lessons learned.
• Create exercise scenarios that addresses current risks to the organization.
• Maintain and keep current the Enterprise IR plan to include annual program review.
• Educate Enterprise IR stakeholders as to roles and responsibilities.
• Lead real-world NFCU IR efforts.
• Escalating issues to management in a timely manner with appropriate information regarding risk and impact.
• Execute ad-hoc tasks or lead small projects as needed.
• Provides exceptional customer service.
• Complete 20 hours of professionalized training annually.


• Two to three years of experience developing and facilitating major cybersecurity exercises.
• Expert-level understanding and experience in the practical application of the Incident Response Lifecycle and associated best practices.
• Demonstrated knowledge of enterprise-grade security technologies and capabilities to include Security Information and Event Management (SIEM), log management and search, incident case management, intrusion detection/prevention systems, antivirus, full packet capture, data loss prevention (DLP), firewall, web proxy, user/endpoint behavior analytics (UEBA)
• An understanding of the current threat landscape and adversary tactic, techniques and procedures (TTP's).
• Demonstrated knowledge of information security programs and operations, and data security practices and procedures, including risk identification/assessment.
• Ability to facilitate a major cybersecurity exercise in a 100% virtual environment.
• Strong problem solving and critical thinking abilities.
• Effective attention to detail.
• A strong desire for continuous process improvement and excellence.
• Excellent verbal and written communication skills to include the ability convey technical details in a clear and understandable manner to both, technical and non-technical audiences alike.
• Strong leadership qualities to include the ability to team-build, lead, mentor, and motivate others.
• The ability to foster team work and collaboration across operational teams.
• Strong planning and organizational skills.

• Five-plus years of experience developing and facilitating major cybersecurity exercises.
• Knowledge of industry Standards and Frameworks including ISO, ITIL, COBIT and NIST.
• Previous experience within the financial sector.
• Preferred Certifications - GIAC (e.g., GCIH, GCIA, GCFA, etc.), CEH, CISSP, or Security+.
• Experience with ServiceNow and Splunk Enterprise Security (ES).

Hours: Monday - Friday, 8:00am - 4:30pm

820 Follin Lane, Vienna, VA 22180
5550 Heritage Oaks Drive, Pensacola, FL 32526

Equal Employment Opportunity

Navy Federal values, celebrates, and enacts diversity in the workplace.  Navy Federal takes affirmative action to employ and advance in employment qualified individuals with disabilities, disabled veterans, Armed Forces service medal veterans, recently separated veterans, and other protected veterans.  EOE/AA/M/F/Veteran/Disability


Navy Federal reserves the right to fill this role at a higher/lower grade level based on business need.
An assessment may be required to compete for this position.

Bank Secrecy Act

Remains cognizant of and adheres to Navy Federal policies and procedures, and regulations pertaining to the Bank Secrecy Act.