0 suggestions are available, use up and down arrow to navigate them
What job do you want?

Analyst II, Information Security job in Tysons at PenFed Credit Union

Create Job Alert.

Get similar jobs sent to your email

List of Jobs

Apply to this job.
Think you're the perfect candidate?
Analyst II, Information Security at PenFed Credit Union

Analyst II, Information Security

PenFed Credit Union Tysons, VA Full-Time

Are you looking to take your career from good to great? As an employee of PenFed, every day is an opportunity to thrive, and be part of a team working to ensure our organization is providing world class service to our members, employees, and our communities. We exist to help our members realize their full potential, educate and encourage their dreams, and make every effort to follow our mission and help our members “do better.” Joining PenFed is more than being an employee; it’s about being a part of the PenFed family.

PenFed is hiring an Analyst II, Information Security at our Tysons, Virginia location. The primary purpose of this job is to perform complex analysis to assist in managing the risk and compliance of the controls environment used to protect PenFed data in internal and external systems used by the credit union. The Program Analyst II is a senior contributor who has recognized expertise in their field, acts as a project lead and as a subject matter expert for IT Security tools and processes.


Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. This is not intended to be an all-inclusive list of job duties and the position will perform other duties as assigned. 

Under general direction from the Director, Information Security Risk and Compliance, this position creates, implements, and manages governance, risk and compliance (GRC) components of the information security program:

  • Document and maintain Cybersecurity Risk Register
  • Conduct Cybersecurity risk assessments to evaluate information systems, programs and procedures.  
  • Understand security standards and frameworks, including the Framework, Critical Security Controls, FFIEC, NCUA ACET, IT general controls and application controls, and others.
  • Develop departmental operating standards and procedures.
  • Monitor and manage compliance of implemented enterprise Cybersecurity controls.
  • Support and facilitate audits of enterprise information systems.
  • Assist training and awareness activities.
  • Provide reporting, metrics, and testing as needed.

Essential Skills

  • Demonstrated knowledge of information systems and security technologies.
  • Knowledge and ability to run reporting programs and security applications.
  • Experience in computer and Cybersecurity assessment, administration, and management.
  • Experience in with implementing and monitoring security controls in a regulated environment.
  • Ability to contribute and manage self-contained projects for assessments, audits, and remediation.
  • Understanding of one or more security controls frameworks FFIEC, NCUA ACET, and Cybersecurity Framework (CSF).
  • Skills in presenting findings to technical and business.
  • Excellent customer service skills.
  • Strong research, analytical, and problem solving skills
  • Excellent oral and written communication skills, including technical writing.
  • Ability to function independently and as a team member.

Desired Skills

  • Experience working in a GRC application (e.g. RSA Archer, ServiceNow, LockPath, etc.)
  • Experience in conducting IT controls audits or supporting regulatory reviews of IT controls environments.

Special Requirements

  • Ability to physically operate and occasionally move computer equipment.


Education and Experience

  • Equivalent combination of education and experience is considered.
  • Bachelor’s Degree in a relevant field.
  • Minimum of five (5) years of experience in Cybersecurity or a combination of education and experience, which meet the requisite skill level.

Supervisory Responsibility

  • This position will not supervise employees.

Licenses and Certifications

  • Professional Security Certification required:  Archer Administrator - Expert
  • Professional security certifications such as CISSP, CISA, CRISC, CISM, CTPRP, or technical certifications such as those from SANS preferred.

Work Environment

While performing the duties of this job, the employee is regularly exposed to an indoor office setting with moderate noise.

*Most roles require working in an office setting with moderate noise and the ability to lift 25 pounds.*


Ability to travel to various worksites is required.

Special Message Regarding COVID 19

PenFed is continuing to hire and train exceptional individuals to help us serve our 2 million members both here and around the world.  In light of the current situation with COVID-19, we have modified our hiring, onboarding, training, and deployment protocols in order to comply with applicable current local and state guidance.

About Us

Established in 1935, PenFed today is one of the country’s strongest and most stable financial institutions with over 2 million members and over $26 billion in assets. We serve members in all 50 states and the District of Columbia, as well as in Guam, Puerto Rico and Okinawa. We are federally insured by NCUA and we are an Equal Housing Lender. We are available to members worldwide, via the web, seven days a week, twenty-four hours a day.

We provide our employees with a lucrative benefits package including robust medical, dental and vision plan options, plenty of paid time off, 401k with employer match, on-site fitness facilities at our larger locations, and more.

Equal Employment Opportunity

PenFed management will maintain and observe personnel policies which will not discriminate or permit harassment or retaliation against a person because of race, color, creed, age, sex, gender, gender identity, gender expression, religion, national origin, ancestry, marital status, military or veteran status or obligation, the presence of a physical and/or mental disability or medical condition, genetic information, sexual orientation, and all statuses protected by applicable state or local law in all recruiting, hiring, training, compensation, overtime, position classifications, work assignments, facilities, promotions, transfers, employee treatment, and in all other terms and conditions of employment. PenFed will also prohibit retaliation against individuals for raising a complaint of discrimination or harassment or participating in an investigation of same.

PenFed will also reasonably accommodate qualified individuals with a disability so that they can apply for a job or perform the essential functions of a job unless doing so causes a direct threat to these individuals or others in the workplace and the threat cannot be eliminated by reasonable accommodation or if the accommodation creates an undue hardship to PenFed. Contact human resources (HR) with any questions or requests for accommodation at



Recommended Skills

  • Administration
  • Analytical
  • Assessments
  • Auditing
  • Business Informatics
  • Certified In Risk And Information Systems Control
Apply to this job.
Think you're the perfect candidate?

Help us improve CareerBuilder by providing feedback about this job:

Job ID: 9103

CareerBuilder TIP

For your privacy and protection, when applying to a job online, never give your social security number to a prospective employer, provide credit card or bank account information, or perform any sort of monetary transaction. Learn more.

By applying to a job using CareerBuilder you are agreeing to comply with and be subject to the CareerBuilder Terms and Conditions for use of our website. To use our website, you must agree with the Terms and Conditions and both meet and comply with their provisions.