Overview

Are you looking to take your career from good to great? As an employee of PenFed, every day is an opportunity to thrive, and be part of a team working to ensure our organization is providing world class service to our members, employees, and our communities. We exist to help our members realize their full potential, educate and encourage their dreams, and make every effort to follow our mission and help our members “do better.” Joining PenFed is more than being an employee; it’s about being a part of the PenFed family.

PenFed is hiring a (Hybrid) Part-time Engineer I, Digital Forensics & Incident Response (DFIR) at our Tysons, Virginia; San Antonio, Texas or Omaha, Nebraska location. The primary purpose of the DFIR Engineer I position is to perform incident response processes, and improve security capabilities for the PenFed ASIC. In support of that mission, this position will provide support in configuration and management of security monitoring devices on the network. This role will be a point of contact for the ASIC with regards to all cyber security issues related to the incident response process and security devices.

Responsibilities

Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. This is not intended to be an all-inclusive list of job duties and the position will perform other duties as assigned.

• Investigate, coordinate, bring to resolution, and report on security incidents as they are escalated or identified

• Forensically analyze end user systems and servers found to have possible indicators of compromise

• Complete analysis of artifacts collected during a security incident/forensic analysis

• Identify security incidents through ‘Hunting’ operations within a SIEM and other relevant tools and partner organizations/technologies

• Interface and communicate with server owners, system custodians, and IT contacts to pursue security incident response activities, including: obtaining access to systems, digital artifact collection, and containment and/or remediation actions

• Provide engineering and administrative functions for all tools in support of the CTI mission

• Troubleshoot security devices and work with vendor if necessary to identify issues with devices that support the SOC’s mission.

• Interact with other Security and Network teams to implement a cyber-ecosystem.

Qualifications

Equivalent combination of education and experience is considered.

• Bachelor’s Degree in information security / technology or related field, or equivalent combination of education & experience in information security in a large, highly-regulated enterprise.

• Minimum of four (4) years of work experience the Information Technology field.

• Minimum of two (2) years prior Network / Server or Security Operations Center experience.

• Knowledge of security response operations, threat identification and forensic analysis software, equipment, and processes required.

• Experience configuring and managing security systems.

• Experience configuring and managing UTM devices.

• Experience using Threat Intelligence Platforms for continuous monitoring.

• Experience using vulnerability management/scanning tools and obtaining valuable output for senior management.

• Strong Host based security experience. Ability to leverage Host based security systems to perform proper incident investigations and resolution.

• Knowledge of network and host forensics tools for incident response.

• Knowledge of the Cyber threat landscape and APT groups.

• Knowledge of the Cyber Kill Chain and ability to identify incident types and attack lifecycle.

• Knowledge of change management process and experience proposing and presenting changes to the enterprise infrastructure.

Licenses and Certifications

Must have at least one (1) certification in the field of information security from a respectable security organization. Desirable certifications include, but not limited to:SEC +, CYSA, GSEC, GCIH, GCIA, GCFE, GREM, GCFA, CEH, CISSP, CASP or equivalent Certifications

Work Environment

While performing the duties of this job, the employee is regularly exposed to an indoor office setting with moderate noise.

Most roles require working in an office setting with moderate noise and the ability to lift 25 pounds.

Travel

Limited travel to various worksites is required.

About Us

Established in 1935, PenFed today is one of the country’s strongest and most stable financial institutions with over 2.8 million members and over $36 billion in assets. We serve members in all 50 states and the District of Columbia, as well as in Guam, Puerto Rico and Okinawa. We are federally insured by NCUA and we are an Equal Housing Lender. We are available to members worldwide, via the web, seven days a week, twenty-four hours a day. We provide our employees with a lucrative benefits package including robust medical, dental and vision plan options, plenty of paid time off, 401k with employer match, on-site fitness facilities at our larger locations, and more. Equal Employment OpportunityPenFed management will maintain and observe personnel policies which will not discriminate or permit harassment or retaliation against a person because of race, color, creed, age, sex, gender, gender identity, gender expression, religion, national origin, ancestry, marital status, military or veteran status or obligation, the presence of a physical and/or mental disability or medical condition, genetic information, sexual orientation, and all statuses protected by applicable state or local law in all recruiting, hiring, training, compensation, overtime, position classifications, work assignments, facilities, promotions, transfers, employee treatment, and in all other terms and conditions of employment. PenFed will also prohibit retaliation against individuals for raising a complaint of discrimination or harassment or participating in an investigation of same. PenFed will also reasonably accommodate qualified individuals with a disability so that they can apply for a job or perform the essential functions of a job unless doing so causes a direct threat to these individuals or others in the workplace and the threat cannot be eliminated by reasonable accommodation or if the accommodation creates an undue hardship to PenFed. Contact human resources (HR) with any questions or requests for accommodation at 402-639-8568.