Senior information security engineer

Join the People Helping People

Velera is the nation’s premier payments credit union service organization (CUSO) and an integrated fintech solutions provider. The company serves more than 4,000 financial institutions throughout North America, operating with velocity to help our clients keep pace with the rapid momentum of change and fuel growth in the new era of financial services. Our purpose: We accelerate partners’ success through innovative financial technology solutions and inspired service.

DUTIES:

Provide advanced analysis, troubleshooting, and resolution of complex technical problems that impact the Information Security structure at data, application, service, operating system, and network levels. Secure company systems and applications, monitor and analyze threats, identify potential IT security incidents, identify potential weaknesses, assess risk, conduct enterprise vulnerability analysis and assessments, and develop and outline mitigation and remediation strategies. Use systems and network knowledge to integrate appropriate security functions into the operational environment. Coordinate the deployment of security technologies and processes using structured project management methodologies. Resolve customer escalations involving phishing, malware, and anomalous network or server behavior. Use technical and customer services skills to identify security problems, policy violations, and high-risk threats. Use independent judgment to resolve issues in a timely manner before escalation is needed. Maintain knowledge of the IT security industry including the awareness of new or revised security solutions, improved security processes, and the development of new attacks and threat vectors. Recommend additional security solutions or enhancements to existing security solutions to improve overall enterprise security on-premise and in the cloud. Maintain, modify, and enhance automated Information Security functional system tests and evaluations, risk assessments, software and hardware evaluations, access control, and other related systems. Execute risk assessments and risk management planning related to the information security features of on-premise and clouds based systems, networks, and related administrative activities. Provide leadership in the coordination and maintenance of disaster recovery, contingency planning, and testing that will mitigate against system and information losses and assure a successful recovery of the systems and information. Provide leadership in the identification and analysis of information security business practice irregularities and information security inactions and violations. Conduct detailed inquires, assess potential damage, monitor corrective action, and recommend cost-effective preventative measures to preclude recurrences. Perform the deployment, integration, and initial configuration of all new security solutions and of any enhancements to existing solutions in accordance with standard best operating procedures and the enterprise’s security documents. Maintain and administer on-premise and cloud-based security tools that protect corporate data and network environments. Monitor security architecture for capacity and forecast for future system growth and capability. Provide technical security leadership when investigating security incidents. Provide 3rd level support for security questions and issues while supporting other security engineers. Architect and design security solutions with minimal oversight. Monitor, configure, and upgrade the necessary controls and procedures to cost-effectively protect information systems assets from intentional or inadvertent modification, disclosure, or destruction. Monitor systems and security tools for security alerts and escalate as needed. Perform other duties as assigned.

REQUIREMENTS:

Bachelor’s degree in Computer Science, Information Technology, or a related technical field required. At least one of the following Information Security certifications required: CISSP, CISA, CISM, CEH, CCSP, or Security+. Five years of experience required working in an IT security role, including any experience with: administrating and implementing security tools; maintaining endpoint security for Windows and Linux systems; securing complex multilayer networks; performing IT monitoring; cyber threat identification and response; vulnerability analysis and mitigation; and providing front line (SOC) Security Operations Center detection and response services. Two years of cloud security experience required managing and maintaining SaaS security tools and AWS cloud security (i.e., Macie, CloudWatch, GuardDuty, WAF, SecurityHub) and performing AWS log reviews, updates, patches, and documentation. Any experience required with: compliance-related issues to PCI DSS and PII data security; security frameworks (i.e., MITRE, NIST, CSF); deploying and maintaining cloud proxies, Cloud Access Security Broker (CASB), Data Loss Prevention (DLP), and Cloud Security Posture Management technologies (CSPM); platform/application-specific technology (i.e., intrusion detection, firewalls, host-hardening, vulnerability management, encryption, patch management, shell/web scripting); ISO 27001, ITIL, and other controls applicable to network security monitoring/analysis, event escalation, cyber threat analysis, and vulnerability analysis; and with authentication technologies and processes (i.e., VPN, SSL, SSH, PKI). May work remotely from any Velera-approved U.S. location.

About Velera

At Velera we are committed to fostering a workplace where every employee feels valued, respected, and connected. We understand, attract and engage a diverse workforce where every employee can live up to their full potential; ensuring that our employee base reflects the consumers we serve. The result of this effort is an inclusive environment where diverse talent thrives. We strive to foster a safe and inclusive work environment for people to bring their authentic selves in order to build a better community within our company and with our partners. Learn more about our commitment to Diversity, Equity, and Inclusion HERE !

Pay Equity

to

Actual Pay will be adjusted based on experience and other job-related factors permitted by law.

Great Work/Life Benefits!

• Competitive wages

• Medical with telemedicine

• Dental and Vision

• Basic and Optional Life Insurance

• Paid Time Off (PTO)

• Maternity, Parental, Family Care

• Community Volunteer Time Off

• 12 Paid Holidays

• Company Paid Disability Insurance

• 401k (with employer match)

• Health Savings Accounts (HSA) with company provided contributions

• Flexible Spending Accounts (FSA)

• Supplemental Insurance

• Mental Health and Well-being: Employee Assistance Program (EAP)

• Tuition Reimbursement

• Wellness program

• Benefits are subject to generally applicable eligibility, waiting period, contribution, and other requirements and conditions

Velera is an Equal Opportunity Employer. We consider applicants without regard to race, color, religion, age, national origin, ancestry, ethnicity, gender, gender identity, gender expression, sexual orientation, marital status, veteran status, disability, genetic information, citizenship status, or membership in any other group protected by federal, state or local law.

Velera is an Equal Opportunity Employer that complies with the laws and regulations set forth in the following "EEO is the Law" Poster . Velera will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the legal duty to furnish information.

Velera is an E-Verify Employer. Review the E-Verify Poster here . For information regarding your Right To Work, please click here .

As an ongoing commitment to reasonably accommodate individuals with disabilities please contact a recruiter at [email protected] for assistance.