Join a member-driven leader in a fast-paced, challenging and collaborative environment with the shared mission of supporting America’s network of rural electric cooperatives. Since its formation in 1969, National Rural Utilities Cooperative Finance Corporation, or CFC, located in Dulles, Virginia, has provided capital and industry-leading financial products to more than 900 not-for-profit, consumer-controlled utility systems across the United States. Our exceptional team delivers the “CFC Difference” that encompasses our values of service, integrity and excellence in all our interactions.
CFC has a need for an Information Security Engineer in the BID - Business Technology Services group. In this position you will mitigate information security risk by supporting the design, implementation and operations of information security solutions and services and provide support for security operations.
As an Information Security Engineer, you will:
• Asses security risk, develop mitigation plans, and support the design, implementation and operation of security tools and services.
• Responsible for security vulnerability management and remediation activities.
• Responsible for the administration of assigned security systems.
• Responsible for security event analysis and correlation
• Provide security consulting services as a trusted adviser to management, BTS business partners and Members.
• Participate in writing and maintaining security policies, training materials, practices and procedures
• Participate in security audit and compliance activities.
• Support security engineering projects and solution delivery.
• Maintain and reports on security metrics.
To be successful, you will need:
• Bachelor’s degree in Engineering, Computer Science, IT field or equivalent in experience, Master’s degree is a plus.
• 4 years of information security experience.
• CISSP, CISM, CISA, CEH or other industry certification preferred.
• Experience on project teams, process improvement and knowledge sharing is preferred.
• Proven in-depth knowledge of Information Security principles, technologies and processes.
• Excellent verbal, written and interpersonal communication skills.
• • Advanced knowledge of best practices in the information security field and information security threat landscape and environment.
• Advanced knowledge, and ability to use, information security technologies.
• Advanced knowledge of Qualys, Okta, Palo Alto Firewalls, FireEye, CarbonBlack, Splunk, Symantec Endpoint Protection, O365 ATP Security, Email Security (DKIM, SPF, DMARC), FirePower SourceFire, CyberArk, Varonis, Imperva, Window Defender, DLP, SSL Decryption, NIST CSF, CIS Controls, Puppet, Shell Scripting, Pentesting, Powershell, PKI Certificate Management
We offer a comprehensive benefits package that includes short-term and long-term incentive opportunities; an employer-paid pension plan; 401(k); medical, dental and vision insurance; a generous leave policy; onsite gym; and more—all in a friendly, professional work environment. For additional information, please visit our website at [ Link removed ] - Click here to apply to Information Security Engineer.
CFC is an Equal Opportunity Employer committed to workforce diversity.
Certified Information Systems Security Professional
Certified Information Security Manager
Certified Ethical Hacker