• Conduct manual penetration testing against web applications, mobile applications, APIs, infrastructure, and cloud environments. • Configure and operate penetration testing tools and scripts to identify vulnerabilities and validate exploitability. • Document security findings and produce clear, high-quality reports including detailed remediation guidance. • Develop proof-of-concept exploits demonstrating the real-world impact of vulnerabilities. • Participate in client calls including kickoff meetings, technical walkthroughs, and remediation discussions. • Collaborate with project managers and testers to ensure engagements are delivered on time and at a high level of quality. • Perform internal QA reviews of penetration testing deliverables when required.

This description is a summary of our understanding of the job description. Click on 'Apply' button to find out more. Role Description Under limited supervision of the AVP Network Infrastructure, maintain and monitor reliability, performance, and security of the Credit Union’s computer systems and networking equipment to ensure corporate productivity. Maintains the security and availability of the systems that are used to serve the member. Evaluates new technology that can be used to provide increased efficiency, productivity or achieve compliance for the organization. - Maintain network by monitoring circuit status and network performance and installing upgrades and patches. - Resolve vulnerability assessments in a punctual manner. - Monitor network equipment logs to determine impending failures. - Authorized to contact vendor (under maintenance agreement) to replace component equipment such as hard drives, circuit boards and network appliances. - Use network management tools to identify network traffic and recommend solutions to optimize network performance. - Troubleshoot and resolve technical issues and cause. - Design/plan for expansion or enhancement of network infrastructure. - Troubleshoot network hardware or software issues. - Analyze problem, identify the cause and resolve the problem in a timely manner. - Consult with vendor technicians and/or IT leadership when necessary. - Support projects: Is a contributing member of various project teams with the possibility of multiple team projects overlapping. - Manage time and productivity to ensure projects stay within time and cost constraints. - Work effectively with project manager and stakeholders, maintaining communications. - Maintain users and security controls for local and remote network access. - Maintain log for patches, upgrades, maintenance and repairs. - Support disaster recovery and business continuity: Assist with the ongoing testing of systems and data restores to ensure optimal processes are in place in case of disaster. - Participate in routine disaster recovery and business continuity exercises. - Replace network equipment and install new network equipment as necessary. - Inventory network support contracts to ensure current licenses are in place. - Support and participate in continuous improvement activities. - Represent the Credit Union in a positive professional manner. - Maintain member and other sensitive information with confidentiality. - Other related duties as assigned. Qualifications - 3 to 5 years progressive experience in network support and analysis. - Solid knowledge of TCP/IP protocols and the OSI model, Windows server suite, exchange network and network security. - Must have working knowledge and understanding of network architecture. - Exceptional interpersonal skills, with a focus on listening and questioning skills. - Excellent verbal and written communication skills. - Excellent diagnosis and troubleshooting skills. Requirements - 2 + years’ experience in network management, 5 + years’ overall experience in IT field. - Working knowledge of SD-WAN devices (Silverpeak preferred). - Cisco switching and routing. - VPN and Firewall devices (Cisco ASA and Fortinet preferred). - Wireless access points and VPN devices (Meraki preferred). - Ability to conduct research into a wide range of computing issues as required. - Ability to absorb and retain information quickly. - Ability to present ideas in user-friendly language to non-technical staff and end-users. - Cisco CCNA, Microsoft MCSE certification. Education - BS Computer Science or equivalent combination of formal education and work experience. Benefits - Medical - Dental - Vision - Life Insurance - Flexible Spending Account - 401(k) Matching - Paid Time Off - Training Provided - Tuition Reimbursement

• Provide the AO with an independent risk assessment of assigned systems and authorization. • Advise Program Managers on AO determination utilizing OVL documentation. • Provide senior advisory support to OUSW (R&E) AO regarding authorizations of OUSW (R&E) capabilities. • Utilize expert knowledge and experience regarding risk management strategies in support of a major DoW program. • Providing support regarding the agile authorization and OVL processes. • Provide independent risk analysis and recommendation. • Collaborate between the AO and the program as well as Program leadership. • Identify the security baseline based on the mission and security impacts to the system. • Determine assessment criteria, develop, review, and create a plan to assess the security requirements. • Assess the security requirements in accordance with the assessment procedures defined in the Security. • Assessment Plan (SAP). • Prepare the Security Assessment Report (SAR). • Monitor POAM actions based on findings and reassess remediated risk(s) as appropriate. • Develop the Risk Recommendation and AO Determination Brief. • Develop a system-level continuous monitoring strategy. • Author and present briefs regarding status of authorizations to AO and other senior Government officials. • Provides security architecture and DoW compliance advisory support. • Perform other duties as assigned or required.

• Own end-to-end information security strategy across cloud, application, infrastructure, and corporate environments. • Define a pragmatic security roadmap aligned to business risk, regulatory requirements, and engineering velocity. • Serve as the executive owner for security posture, risk management, and incident response. • Act as a trusted advisor to the CTO and executive team on security, risk, and operational tradeoffs. • Drive a DevSecOps-first operating model, embedding security into CI/CD pipelines, infrastructure as code, and developer workflows. • Partner deeply with engineering leadership to make security scalable, automated, and measurable. • Lead threat modeling, secure design reviews, and risk assessments for new platform initiatives. • Champion policy-as-code, guardrails, and automation over manual process. • Own security architecture and operations for a primarily AWS-based environment. • Lead application security programs, including secure SDLC, dependency scanning, SAST/DAST, penetration testing, and vulnerability management. • Build and run effective security operations, including monitoring, investigation, incident response, and post-incident learning. • Manage vendor relationships, including CrowdStrike, Flashpoint, RAD, and Okta. • Lead end-user computing, device management, endpoint security, identity lifecycle management, and access controls.