Michigan IT Jobs

Mobile michigan-jobbank Logo

Job Information

United Federal Credit Union Senior Security Engineer in Niles, Michigan

Senior Security Engineer

Job Details



Job Location

Niles Corporate Building - Niles, MI

Position Type

Full Time

Education Level

Bachelors Degree

Travel Percentage



GENERAL SUMMARY(What is done and why)

The Senior Security Engineer will join a dynamic team of security professionals to identify and mitigate risk across the Credit Union environment, thus allowing for the enablement of business technologies. The Senior Security Engineer’s works collaboratively with other teams to identify risks with security impact to the company, communicate that impact to teams and management, and engineer solutions.

Primary duties include defining system security requirements, development of secure products and software tools used for design, and development and maintenance of infrastructure and platforms.Provides information assurance support for the development and implementation of security architectures to meet new and evolving security requirements. Other duties may also include, but are not limited to, managing and enforcing security policies, training and educating end-users on proper security practices, conducting security and risk assessments, mitigating risk via security controls, testing and evaluation to certify and accredit commercial security products, ensuring privacy of data throughout its lifecycle, vulnerability management (scanning, assessment, reporting, and mitigation verification), and business continuity and disaster recovery.


ESSENTIAL FUNCTIONS, IN PRIORITY ORDER(Majority of duties, but not meant to be all inclusive or prevent other duties from being assigned as necessary)

  • Participate in architectural reviews and break down the vision to technologies and services needed for protecting customer data and enabling internal and external users to do their work more accurately and efficiently. 25%

  • Evaluate any proposed technology solution for adherence to documented company standards, policies, and regulatory responsibilities, as well as, engineer and build enterprise solutions in support of the security program. 20%

  • Implement and continually improve the IT and security frameworks in order to integrate security into the long-term strategic vision of the credit union in support of overall business strategy and vision, including budgeting for short term and long-term security initiatives. Time: 15%

  • Serve as lead on business related and cross-functional projects managing time, cost, human and technical resources, and scope while ensuring that security policies, standards and procedures are implemented effectively within projects. Time:15%

  • Support developers and development teams with training and awareness around the secure development lifecycle. 10%

  • Serve in a supervisory capacity by participating in strategic and tactical planning, budget input, structured and unstructured training, as well as direction and guidance of staff. Time: 10%

  • Evaluate audit findings and collaboratively work with Risk & Compliance and Information Technology teams to arrive at balanced solutions where findings indicate recommended remediation steps. Time: 5%


EDUCATION(Minimum education required to perform the duties of this position)

  • Bachelor's degree in Computer Science or related field or two years of related work experience required.


EXPERIENCE(Minimum experience required to perform the duties of this position)

In additionto the education requirement:

  • Seven or more years direct experience in information security including security design, implementation, and consulting required.

  • 10 or more years hands on experience installing, configuring and troubleshooting server, networking, and application environments required.

  • Two advanced security certifications such as CISSP, CISM, GIAC, CASP, etc. required.

  • Additionally, one advanced IT certification (MCSA, MCSE, CCNA, CCNP, etc.) is required.

  • Industry recognized project management certification preferred (CompTIA Project+, CAPM,  PMP)


KNOWLEDGE, SKILLS AND ABILITIES(Minimum technical and communication skill levels and licenses/certificates normally required to perform the duties of this position)

  • Must be familiar with and have recent experience with security specific products such as SIEM, IDS/IPS, data loss prevention, application white listing, anti-virus, firewalls, MDM, proxies, etc.

  • Must have recent experience with various firewall products including CheckPoint, Juniper, Cisco, SonicWall, PaloAlto, etc.

  • Must demonstrate experience and proficiency with vulnerability scanning and assessment tools and methodologies.

  • Must be familiar with risk assessment methodologies and practices.

  • Understand regulatory compliance in the areas of Gramm-Leach-Bliley Act and PCI DSS.

  • Experience with project and time management methodologies.

  • Experience with and ability to present various technical and non-technical concepts to all levels of management within the organization.

  • Experience with Microsoft server products, Active Directory configuration as well as Cisco networking.


Required Competencies

  • Problem Solving

  • Dealing with Ambiguity

  • Time Management

  • Demonstrates Courage

  • Drive for Results

  • Interpersonal Savvy

  • Customer Focus

  • Integrity and Trust

  • Self-Development

  • Business Acumen


Mental Requirements

  • Analysis and interpretation of systems (hardware and software) used within the organization in order to implement system performance, security and efficiency standards.

  • Strong conceptual, practical application, and problem-solving skills and techniques.

  • Ability to identify needs and analyze appropriate options.

  • Ability to use good judgment and make sound decisions quickly.

  • Ability to work under pressure.

  • Ability to understand strategic objectives so that technology initiatives  support  and  help drive the actions.

  • Ability to grasp the concepts of various technologies.


Tools and Equipment Used

  • Firewalls

  • Intrusion detection and prevention systems

  • Networking equipment (routers, switches, etc.)

  • Communication technologies (web, email, IM, etc.)

  • File, print and application server systems

  • Network management and monitoring tools

  • Personal Computers (desktop and laptops)

  • Workstation and networked peripherals

  • Scripting and policy configuration tools

  • Diagnostic and benchmarking utilities

  • Carry and respond to pager and/or cellular phone as determined by supervisor


WORKING RELATIONSHIPS/CONTACTS(Positions with which incumbent has frequent contact)

  • Daily, personal/written/phone contact with management.

  • Daily, personal/written/phone contact with Credit Union staff.

  • As necessary, personal/written/phone contact with strategic partners, vendors, auditors, and examiners.


PHYSICAL DEMANDS(Physical effort generally associated with this position)

Work involves standing and walking for brief periods  of  time,  but  most  work  is  done  from  a seated position. There is potential for eyestrain from prolonged work at the computer. Individual must be able to travel to complete  applicable  assignments,  projects  and  training.  Deadlines,  workloads and pressure to achieve goals  may cause  increased  stress  levels.  Occasionally may be  required to  lift 50-100 pounds. Individual must be capable of maneuvering under and around office furniture.


WORKING CONDITIONS(Typical working conditions associated with this type of work and environmental hazards, if any, that may be encountered in performing the duties of this position)

Internal- Work is  normally  performed  in  climate  controlled  office  environment,  where  exposure to conditions of extreme heat/cold, poor ventilation, fumes and gases is very limited. Noise level is moderate and includes sounds of normal office equipment (computers, telephones, etc). No known environmental hazards are encountered in normal performance of duties. Length of day is unpredictable; long hours may be required to accommodate deadlines, special meetings, and manage incidents.


External- Some travel is required; however, information on environmental conditions is not available.