At VyStar, we offer competitive pay, an excellent benefit package that includes a 401(k) Plan, an extensive paid technical and on-the-job training program, and tuition reimbursement--available to all full and part time employees. Part time positions start at a minimum of 30 hours per week.

We encourage you to become a part of VyStar Credit Union's family of employees.

ESSENTIAL FUNCTIONS:

Support Security Enablement via an Agile Method: Support multiple concurrent security integration initiatives with various business units for various development and deployment projects in offset phases within an agile framework with a dedicated staff of specialists through the requirements, design, development, and operating phases.

Support the AVP, Application and Product Security in implementing a robust Customer Identity and Access Management (CIAM) function to ensure security and privacy aspects to registration, authentication, self-service, personalization of experience and privacy of member data is secure and meets required regulatory requirements.Specifically,

• Supports scalability of platform to meet the needs of members based on product or services enablement.
• Implement required authentication and identity parameters (e.g., SSO, MFA, geo-location, etc.)
• Implement attack protection for CIAM across enterprise public-facing platforms through enablement of services such as Web Application Firewall (WAF), DDoS, Bot protections ensuring robust monitoring, alerting and actionable policies are in place to protect against external threats.
• Support program strategy for API security, mergers and acquisitions evaluations, and open-source security.

Support the AVP, Application and Product Security in the implementation of secure engineering practices such as design & code reviews, threat modeling, penetration testing, continuous integration, and security focused behavior-driven development.Specifically:

• Threat Modeling: Support threat modeling for platform/applications/services that deliveries core services to B2B and B2C customers.
• Secure Software Development: Implement and support security services and practices including static and dynamic scanning and code review, Penetration testing, open and internal sourced component lifecycle management, SDLC policies and standards.
• Support the design development, and validation of secure code of systems, solutions and processes from a security perspective and premise, hybrid and with multiple cloud providers.
• Support secure code reviews with internal and external product teams.
• Support application security continuous improvement plan and drive execution by driving best practices within teams with respect to security policies, procedures, standards, and guidelines in line with industry leading practices for on-prem, hybrid and cloud specific environments, application and product development.
• Support secure development through the CI/CD pipelines, toolchains, and operations on secure code practices.
• Perform other duties and responsibilities as assigned.

JOB QUALIFICATIONS

EDUCATION

• High school diploma or GED required
• Bachelor's degree in Information Security, Computer Science, Information Systems, or another related field is preferred

CERTIFICATIONS

• Security+ and GSEC security certifications are preferred. Career development plan to include certifications upon hire.

EXPERIENCE

• 0-2+ years Information Security experience
• 0-2+ years Application/Product Security experience

KNOWLEDGE, SKILLS, & ABILITIES

• Knowledge of security offerings within one or multiple major cloud platforms (Microsoft Azure, Amazon Web Services (AWS), Google Cloud Platform (GCP), etc.) preferred.
• Knowledge of container and service-oriented security architecture for cloud-based services preferred.
• Knowledge with a modern SDLC including CI/CD pipelines, cloud architecture, API economies, and container deployment preferred.
• Knowledge of enterprise applications (support, and troubleshooting) preferred.
• Knowledge of application security tools, functions, and services similar to Snyk, Veracode, Netsparker, BurpSuite, Imperva, Radware, BugCrowd, SD Elements, OPSWAT, Okta, ThreatMetrix, and Auth0 preferred.
• Demonstrated self-starter with strong analytical skills.
• Ability to manage multiple tasks simultaneously and meet established deadlines.
• Ability to collaborate with business teams on technology & security-related controls, tasks, and projects.
• Ability to work productively while remote and communicate effectively in a virtual team and on location hybrid work environment.
• Ability to work within agile and waterfall project methodology.
• Ability to stay current with new technology.
• Ability to support appropriate Information Security and Technology standards to meet business requirements.

DISCLAIMERS AND WORK ENVIRONMENT

Nothing in this position description is an implied contract for employment. The position description is intended to be an accurate account of the essential functions. The functions are not all encompassing and are subject to change at any time by management. The work environment characteristics described are representative of those that an employee encounters while performing the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. As required or requested, may exert up to 20 pounds of force occasionally and/or a negligible amount of force constantly to lift, carry, push, pull or otherwise move objects.

VyStar Credit Union is not seeking outside assistance or accepting unsolicited resumes from staffing agencies or search firms for employment or contractor opportunities. Any resumes submitted by an outside vendor to any employee at VyStar via e-mail, internet, or directly to hiring managers without a valid written search agreement with the Talent Acquisition / HR department will be deemed the sole property of VyStar Credit Union.

No placement fee will be paid if a candidate is hired as a result of the referral, or through other means.

Thank you for your inquiry regarding our current job opening. Your resume will be carefully reviewed against the position requirements. Should your experience and skills match, you will be contacted by one of our Human Resources department staff members.

Thank you again for your interest in this position!

VyStar Credit Union Human Resources