Information Security Threat Engineer

Patelco Credit Union is a not-for-profit credit union with a purpose to build financial health and wellbeing for our members. Since 1936, Patelco has grown from $500 in assets to over $9 billion in assets and is the 7th largest credit union in California with branches throughout Northern California.

We are here for our members throughout all their stages of life. Meeting them with the products and services to help them plan purposefully for their futures and to secure our life-long partnership as their trusted financial advocate. As one team, we are all committed to delivering service, empowering financial literacy, creating products, and providing new technology for our members.

We believe that work should be rewarding, challenging, and enjoyable. We're dedicated to creating a positive and supportive culture where our team members can thrive. If you're looking to use your skills and knowledge to make a difference in our members' lives, Patelco could be the perfect fit for you.

The Information Security Threat Engineer will collaborate with cross-functional teams to create innovative detection strategies and help develop a best-in-class Cybersecurity Monitoring program. The candidate will build tailored security detections to enhance Patelco's Information Security Program by leveraging Security Information and Event Management (SIEM), Security Orchestration Automation and Response (SOAR), Endpoint Detection, and Response (EDR), and Network Detection and Response (NDR) services. The IS Threat Engineer should have an adversarial mindset, purple team technical depth, and entrepreneurial spirit.

• Respond to network and host based advanced security events
• Lead network and host-based security investigations
• Analyze common application protocols to detect anomalous/reconstruct malicious activity
• Analyze various Operating System logs to detect anomalous/reconstruct malicious activity
• Investigate, correlate, and assess the impact of hits on indicators of compromise (IOCs)
• Develop innovative ways to detect threats and anomalous behavior leveraging host, network, and data logs
• Ability to participate in detecting, investigating, and resolving security events
• Capable of working independently
• Lead detecting, investigating, and resolving security events
• Conduct detailed security event analysis from network traffic attributes and host-based attributes (memory analysis, binary analysis, etc.) to identify information security incidents
• Identify and propose areas for improvement within the Threat Detection & Response Center
• Make predictions about cyber criminals and their future activities based on what is already known about them
• Verify discovered vulnerabilities; correlate and collate the information; and create intelligence reports that communicate the results of the analyses to people * who need to know them (e.g., C-Suite, executives, government decision-makers, security officials)
• Perform other duties as assigned

• BS in Computer Science, Information Security, or a related field is highly desirable
• 5+ years of experience in information security, especially in a security engineering role
• Certified Information Systems Security Professional (CISSP) or equivalent required
• Extensive experience working with SIEM, Log Aggregators, Incident Response Management solutions
• Strong technical knowledge of Networking, Operating Systems and enterprise integrations
• Experience managing standards, developing Security Operations Process, reporting and dashboards
• Excellent communication, collaboration, relationship management and leadership
• Self-directed and able to perform tasks without supervision
• Information Security Principles, Technologies, and Practices
• Proven experience with multiple security event detection platforms
• Thorough understanding of TCP/IP
• Understand IDS / IPS rules to identify and/or prevent malicious activity
• Demonstrated integrity in a professional environment
• Good social, communication and technical writing skills
• Thorough understanding of application protocols
• Ability to code in one or more major programming or scripting language
• Ability to multi-task and prioritize work effectively,
• Highly motivated Self-Starter, attention to detail, strong sense of ownership and driven to manage tasks to completion
• Ability to identify emerging and persistent threats to the organization's networks, systems, and applications
• Ability to independently research and comprehensively analyze actionable cyber threat observables pertinent to the organization.
• Ability to identify potential security exposures that may currently exist or may pose a potential future threat to applications
• Ability to identify, monitor, assess, and counter the threat posed by cyber actors
• Ability to perform advanced threat hunt operations using known adversary tactics, techniques, and procedures as well as indicators of attack in order to detect adversaries with persistent access to the enterprise
• Ability to assess cyber threat actor intent and future activities
• Ability to develop reports using data hosted in multiple sources (e.g. spreadsheets, databases) and communicate clearly to management and other team members
• Ability to collect information about Internet-based malware-related criminal activities and the people behind them
• Malware RE and rule development as well as understanding of sandbox and static (malware) analysis output

$113,281 - $141,603 / per year

Please note that the salary information is a general guideline only. Patelco Credit Union considers factors such as (but not limited to) scope and responsibilities of the position, candidate's work experience, education/training, key skills, internal peer equity, as well as market and business considerations when extending an offer. We offer a competitive total rewards package including a wide range of medical, dental, vision, financial, and other benefits.

Physical Health:

• Exceptional Medical, Dental, Vision, and Life Insurance benefits
• Onsite fitness center at HQ and rewards for completing wellness related activities

Financial Health:

• Competitive compensation packages with bonus opportunity
• 401(k) with 3% Safe Harbor and 5% employer match
• Discounts on loan products
• Tuition reimbursement

Emotional Health:

• Employee Assistance Program (EAP)
• PTO for part-time and full-time positions
• Paid holidays

Personal Development:

• On-the-job training and skills development
• Internal transfer opportunities for career growth
• Volunteer work

Flexible work arrangements available for specific positions

Patelco Credit Union is an Equal Opportunity Employer including individuals with disabilities and protected veterans

IND123