Information Technology Security Analyst- Hybrid

Information Technology Security Analyst – Hybrid Full Time Gardena, CA, US Salary: $88,992 to $125,000 annually. If you are unable to complete this application due to a disability, contact us to request an accommodation or an alternative application process. What You’ll Do Support and enhance the organization’s Information Security Governance Program. Develop, maintain, and review security policies, standards, and procedures. Ensure alignment with industry frameworks including NIST CSF, NIST 800‑53, CIS Controls, and ISO 27001. Assist with regulatory compliance efforts related to NCUA, FFIEC, GLBA, and related standards. Prepare and present cybersecurity reports, metrics, and risk updates to leadership and board committees. Conduct security risk assessments across infrastructure, applications, cloud platforms, and third‑party vendors. Review SOC reports, penetration test results, certifications, and vendor security documentation. Lead Business Impact Assessments and support Business Continuity and Disaster Recovery initiatives. Support enterprise risk management and vendor risk management activities. Manage the full vulnerability lifecycle: identification, prioritization, remediation, and reporting. Monitor daily security alerts and incidents across SIEM, endpoint protection, DLP, email security, and web filtering platforms. Investigate incidents, perform root‑cause analysis, and coordinate remediation efforts. Monitor for phishing sites, malicious domains, and emerging cyber threats. Support internal and external audits, penetration tests, and ITGC reviews. Audit system configurations against CIS benchmarks and security standards. Track remediation activities and perform control testing. Contribute to cyber maturity assessments and continuous improvement initiatives such as ACET and CAT. Partner with internal teams, MSSPs, auditors, and business units to strengthen security practices. Deliver cybersecurity awareness guidance on phishing, social engineering, and data protection. Stay current on emerging threats, technologies, and regulatory developments. What You Bring Required Qualifications Bachelor’s degree in Cybersecurity, Information Security, Computer Science, Information Technology, or related field (or equivalent experience). 5+ years of experience in cybersecurity, information security, GRC, or technology risk. Experience working in financial services or other regulated environments preferred. Technical Knowledge & Skills Strong understanding of: NIST CSF NIST 800‑53 CIS Controls ISO 27001 Experience implementing and auditing CIS Critical Controls and security benchmarks. Familiarity with NCUA, FFIEC, and GLBA requirements. Experience with: Vulnerability management Penetration testing remediation Third‑party/vendor risk assessments SOC report reviews SIEM and security monitoring tools Endpoint protection and DLP technologies Professional Skills Excellent analytical and problem‑solving abilities. Strong written and verbal communication skills. Ability to translate technical concepts for non‑technical audiences. Experience presenting security metrics and risk updates to senior leadership and boards. Strong organizational skills with the ability to manage multiple priorities effectively. Commitment to continuous improvement and operational excellence. Why Join Us? Influence and strengthen enterprise cybersecurity strategy. Work with leadership on meaningful security initiatives. Contribute to regulatory readiness and organizational resilience. Grow expertise in governance, risk, compliance, and security operations. Be part of a collaborative team focused on continuous improvement and innovation. Physical Requirements This position may require standing, walking, sitting, reaching, climbing, kneeling, crouching, and lifting up to 50 pounds occasionally. Specific vision abilities required include close vision, distance vision, color vision, peripheral vision, depth perception, and focus adjustment. Benefits NGFCU offers competitive compensation and a rich benefits package including medical, dental, vision, disability, and life insurance, and a 401(k) profit‑sharing plan with employer matching. Background Check We perform thorough background checks including verification of previous employment, education, credit checks, and pre‑employment drug screening. Any discrepancies in reported dates, titles, or degree information may result in an employment offer being withdrawn. Equal Opportunity NGFCU is an Equal Opportunity Employer. Pursuant to the Los Angeles Fair Chance Ordinance, we will consider for employment‑qualified applicants with arrest and conviction records. Working Hours Monday through Friday 9:00 am to 6:00 pm. #J-18808-Ljbffr