Cybersecurity Advisor

If you are ready to join a company that truly cares about its employees our members and our community then you have come to the right place!

Summary of Role:

The Cybersecurity Advisor role in Cyber Assurance is responsible for recommending changes maintaining and managing a suite of detective preventative and corrective controls. The Specialist will ensure that systems such as log management XDR SIEM DLP VM CSPM eDiscovery Forensics etc. are performing according to defined guidelines and goals. The Specialist will review updates configuration changes bulletins from vendors and related data to ensure that operational goals of tools are achieved including ensuring that all assets in Broadview are appropriately covered by applicable tooling and integrating onboarding appropriately into the IT Asset Management Lifecycle.

The Advisor will have deep technical knowledge of networking applications and operating systems and will leverage this knowledge to ensure that controls are effectively tuned and configured for maximum efficacy with minimal operational impact. Documentation on solutions configurations and as-built environments will be regularly updated to ensure appropriate transparency into controls for stakeholders.

The Advisor will document all solutions findings and recommendations considering the audience and the purpose of the communication while considering risk and business impact.

The Advisor will participate in Security Incident Response/ CSIRT when necessary including serving as Incident Manager Communication Coordinator or Technical Lead as required.

The Advisor will participate in daily rotation duties and on call duties as assigned by manager.

The Advisor will maintain continued awareness of trends in cybersecurity including shifts in control design and new techniques for defending the enterprise.

The Advisor will apply a risk-based approach to all solutions issues and problems faced with. The role is that of a risk advisor with security expertise.

Essential Job Functions/Responsibilities:

• Develop and maintain information security documentation including procedures and standards related to security domain areas (i.e. vulnerability management data loss protection/prevention etc.) as assigned.

• Advisors should have broad and deep security knowledge to provide back up as needed.

• Serve as an SME for multiple security controls with comprehensive understanding of the scope and depth of the controls.

• Configure and maintain controls such as log management XDR SIEM Managed Security Services DLP VM CSPM eDiscovery Forensics etc.

• Ensure that vulnerability detection covers all assets via authenticated or agent-based scans regularly following up with asset owners when agent or authentication is not possible.

• Monitor that all needed logging and event collection systems are operational and adapt systems to the changing needs of the environment.

• Detect and implement opportunities for automation to streamline management.

• Review changes in Cloud and On-premises technical controls to ensure Broadview is appropriately leveraging capabilities provided by platforms.

• Maintain technical documentation.

• Develop and maintain incident response play books CSRIT and response program for Cyber Assurance staff.

• Execute incident response procedures.

• Coordinate the enhancement and implementation of technical controls in coordination with IT and change management when necessary.

• Ensure appropriate confidentiality when dealing with sensitive issues.

• On Call support

• Participate in corporate projects Big Ideas and Proof of Concepts initiatives to ensure security requirements are identified and tested as needed to ensure proper implementation Broadviews assets and data.

• Recommend changes to controls security solutions/tools procedures and standards to ensure we maintain a best-in-class information program while always considering risk and business impact.

• Assist in the evaluation of the impact of security detections as needed.

• Other duties as assigned.

Minimum Job Qualifications:

• Bachelors degree in computer science engineering or other related field; and a minimum of eight (8) years experience in Information Security or an equivalent combination of education and experience.

• Minimum of twelve (12) years experience in information technology including AWS M365 Microsoft Operating Systems and Linux.

• Experience in developing maintaining and executing an incident response/CSIRT program as Incident Manager Technical Lead and Communication Coordinator.

• Experience in executing an incident response /CSIRT program as Incident Manager Technical Lead and Communication Coordinator.

• CISSP or equivalent is preferred. Must obtain an approved security certification within 3 years of hire.

• Knowledge of best practices for securing Cloud and On-Premises systems and components.

• Knowledge of NIST CSF 2.0 security framework.

• Excellent communication customer service and documentation skills are required.

• Ability to work independently in a proactive and self-directed manner and collaboratively as a team leader or member is required.

• Complex problem-solving and analytical skills; strong troubleshooting skills.

• Ability to multi-task prioritize and be detail oriented.

• The ability to understand risk and ensure a risk approach is followed and recommendations of any kind brought to senior management are risk based.

• Ability to document complex information in a straightforward and easy to consume manner.

Compensation:$77414 $98703 plus a competitive benefits package

Bilingual individuals who are fluent in a second language in addition to English are highly encouraged to apply.

We are an equal opportunity employer. We do not discriminate on the basis of race creed color national origin religion sex age veteran status disability genetic information gender identity or any other protected class.

Broadview FCU is committed to ensuring individuals with disabilities and/or those whohave special needs participate in the workforce and are afforded equal opportunity to apply and compete for jobs. If you would like to contact us regarding the accessibility of our Website or need assistance completing the application process please contact us at