Direct Federal Credit Union

Cybersecurity Engineer

Direct Federal Credit Union$80K — $110K *
Westbrook, ME 04092In-Person
Information Technology
Less than 5 years of experience
1 month ago
Job Overview by Ladders

Qualifications

  • Bachelor's degree in a related field (Information Systems, IT, etc.)
  • 3-5 years of experience in info security, SOC, or incident response
  • Strong problem solving and analytical skills
  • Effective verbal and written communication abilities
  • Hands-on experience with incident response practices
  • Familiarity with regulatory security standards in financial services
  • Knowledge of security monitoring and detection tools

Responsibilities

  • Monitor security tooling to identify and triage alerts
  • Investigate suspicious activities by analyzing logs and telemetry
  • Execute incident response actions in partnership with IT teams
  • Collect and preserve incident evidence for forensic purposes
  • Develop and enhance incident response playbooks and procedures
  • Tune detections and reduce false positives with tool owners
  • Coordinate with internal teams and external partners during incidents

Benefits

  • Comprehensive healthcare plans
  • Retirement savings options
  • Opportunities for professional development
  • Flexible work arrangements
  • Access to cutting-edge security technologies
Full Job Description
Role Accountability

In this role, you will support the Credit Union's cybersecurity operations with a primary focus on incident response by monitoring for threats, triaging alerts, investigating suspicious activity, coordinating containment and remediation, and partnering with internal teams and our managed detection and response (MDR) provider to reduce risk and improve resilience.

Specific Accountabilities
  • Monitor security tooling (e.g., SIEM, EDR, email/web security, firewall/VPN logs) and triage alerts to determine scope, severity, and required response actions.
  • Investigate suspicious activity by analyzing logs and telemetry, correlating events across systems, and documenting findings in tickets and incident records.
  • Execute incident response actions (containment, eradication, and recovery) in partnership with IT and application teams, including isolating hosts, blocking indicators, and supporting remediation.
  • Collect and preserve incident evidence (logs, timelines, indicators) and support forensic activities as needed while maintaining chain-of-custody expectations.
  • Develop, maintain, and improve incident response playbooks and procedures; participate in tabletop exercises and post-incident reviews to drive corrective actions.
  • Tune detections and reduce false positives by partnering with tool owners; recommend improvements to alert logic, correlation rules, and response automation.
  • Support vulnerability response by validating exposure, tracking remediation, and coordinating patching or mitigating controls for critical findings.
  • Coordinate with internal teams and external partners (including our managed detection and response (MDR) provider, technology vendors, and law enforcement as directed) during investigations and response activities.
  • Implement and validate security changes that support incident response outcomes (e.g., blocks, access adjustments, segmentation changes) and follow through on hardening items identified during investigations.
  • Participate in an incident response on-call rotation (as required), provide timely escalation and status updates to stakeholders, and support incident communications aligned to severity and business impact.
  • Leverage frameworks such as MITRE ATT&CK and perform light threat hunting (hypothesis-driven investigations) to proactively identify malicious activity and validate control effectiveness.
  • Stay current on the threat landscape, attacker techniques, and incident response best practices; recommend process and control improvements based on lessons learned.


Requirements

Knowledge, Skills and Abilities

  • Strong problem solving and analytical skills; must possess the ability to make quick decisions and use good judgment during incident response.
  • Strong verbal and written communication skills; can clearly and confidently communicate information security concepts to all areas of the business.
  • Highly adaptable to a constantly changing business and technology environment.
  • Familiarity with regulatory and legal security standards and requirements relevant to financial services/credit unions such as GLBA, NCUA, FFIEC guidance, PCI DSS, and Sarbanes-Oxley (as applicable).
  • Hands-on knowledge of incident response practices (triage, investigation, containment/eradication, recovery) and the ability to follow and improve playbooks and procedures.
  • Ability to analyze security telemetry (Windows/Linux logs, firewall/VPN logs, DNS, proxy, authentication logs) to identify indicators of compromise and suspicious behavior.
  • Experience with security monitoring and detection tools (e.g., SIEM queries/dashboards, endpoint detection and response) and familiarity with alert tuning and correlation concepts.
  • Knowledge of Identity and Access Management concepts (MFA, privileged access management) and common investigation points for authentication-related incidents.
  • Familiarity with data protection controls (e.g., DLP) and how to investigate and respond to potential data exposure events.
  • Knowledge of risk management processes (e.g., methods for assessing and mitigating risk) and how incidents impact business risk.
  • Knowledge of national and international laws, regulations, policies, and ethics as they relate to cybersecurity.
  • Knowledge of cyber threats and vulnerabilities.
  • Knowledge of specific operational impacts of cybersecurity lapses.
  • Knowledge of cybersecurity principles and organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
  • Knowledge of network traffic analysis concepts (tools, methodologies, processes), including basic packet capture/analysis and web filtering technologies.
  • Knowledge of what constitutes a network attack and the relationship to both threats and vulnerabilities.
  • Working knowledge of networking fundamentals used in investigations (TCP/IP, DNS, HTTP/S, routing, VPN concepts) and common attacker techniques in enterprise environments.

Education and Experience
  • Bachelor's degree in Information Systems, Information Technology, Management Information Systems, Computer Science, Computer Engineering, or related field.
  • 3-5 years of experience in information security, SOC operations, or incident response, including hands-on investigation and response to security events.
  • Professional certifications preferred: Security+, CySA+, GCIH/GCIA (or similar), or CISSP/CCSP (a plus).

About Direct Federal Credit Union

Direct Federal Credit Union is a federally chartered credit union based in Needham, Massachusetts. It was founded in 1953 and has grown to serve over 25,000 members. The credit union offers a range of financial products and services, including checking and savings accounts, loans, mortgages, and credit cards. Direct Federal Credit Union is committed to providing its members with personalized service and competitive rates. The credit union is also actively involved in the local community, supporting a variety of charitable organizations and initiatives.
Learn more about Direct Federal Credit Union
Size
120 employees
Industry
Finance & Insurance
* Ladders Estimates

Similar Jobs

Ad banner background

Get Ready For Your
Next Interview

More Jobs at Direct Federal Credit Union

More Information Technology Jobs

Find similar Cybersecurity Engineer jobs:

NationwideWestbrook, ME