Job Description
Senior Information Security Engineer Orange County's Federal Credit Union - 3.7 Santa Ana, CA Job Details Full-time $108,895 - $136,000 a year 1 day ago Benefits Paid holidays Health insurance Dental insurance 401(k) matching Life insurance Referral program Qualifications Containerization systems DevSecOps Practices Azure Threat Modeling (Architecture security) Security architecture risk management Information security compliance Virtualization tools AWS Cloud security best practices implementation Bachelor's degree Continuous integration Regulatory Frameworks (Architecture security) Server virtualization APIs Vulnerability management Cloud Architecture Design (Architecture design skills) DevOps automation Web Application Security Testing Cross-functional communication Full Job Description Senior Information Security Engineer Opportunity at Orange County's Federal Credit Union Are you a security leader ready to drive strategy, architect modern defenses, and elevate an enterprise‑wide security program? Join Orange County's Federal Credit Union as our Senior Information Security Engineer —a key, high‑impact role responsible for strengthening the confidentiality, integrity, and availability of our critical systems across on‑prem and cloud environments. Why Join Us? Be part of a mission‑driven organization where your expertise directly shapes security strategy and protects our members. You'll lead meaningful initiatives, collaborate with talented teams, and help advance a modern, resilient security program. At Orange County's Federal Credit Union , we don't just offer banking services, we create meaningful relationships that empower our members and enrich our community. With over 85 years of trust, $3 billion in assets, and 145,000+ members, we've built a reputation for excellence—and we're just getting started. Our commitment to people, performance, and purpose has earned us the #1 spot in the Orange County Register's 2024 Best Credit Union list, and the voices of our employees have earned us the Peter Barron Stark Award for Workplace Satisfaction. When you join us, you're not just taking the next step in your career; you're joining a team that loves where they work.
Perks & Benefits:
Health Coverage:
Comprehensive benefits, including Anthem, Delta Dental, and VSP, effective from your first day. Financial Security:
Life insurance at no cost and a 401(k) plan with an employer match up to 6%. Work-Life Balance:
13 days of vacation and seven (7) sick days annually and paid holidays. Recognition & Growth:
Annual merit increases, discretionary and referral bonuses, as well as educational grants up to $1,000 per year. What You'll Do As a Senior Information Security Engineer , you will: Lead complex risk, vulnerability, and purple‑team assessments to identify, validate, and remediate threats. Architect secure network, application, data, and cloud environments—covering AWS, Azure, DevSecOps pipelines, and enterprise platforms. Drive implementation of security tooling, automation frameworks, EDR/XDR, SIEM, SOAR, and secure configuration baselines. Partner with Engineering, Infrastructure, and external vendors to design and validate secure solutions. Serve on the Cybersecurity Incident Response Team, leading investigations and post‑incident improvements. Create and maintain security policies, training, and best practices, mentoring teams on zero‑trust and security‑by‑design principles. Designs, develops, and documents: (1) network security architecture and baseline configuration standards for firewalls, routers, switches, load balancers, and related network appliances; (2) device security architecture and baseline configuration standards for servers, workstations and mobile devices; (3) application and data security architecture and baseline configuration standards for databases and enterprise applications; and (4) cloud platform security architecture and baseline configuration standards for AWS and Microsoft Azure services. Provide expert guidance in areas such as vendor risk, cloud security, secure coding, and application security. Conducts and leads purple team risk and vulnerability assessments against systems and processes to ensure appropriate controls are in place, and recommends and implements controls to remediate risk findings. What You Bring Bachelor's Degree in Computer Science, Information Security, Information Assurance, or related technology field. 7+ years of hands‑on experience in enterprise information / cyber security and IT risk management. 3+ years of deep expertise in AWS and Azure security, cloud‑native tools, and modern security architectures. Strong background in threat modeling, network security, vulnerability management, automation, and secure engineering practices. Experience with industry frameworks such as NIST, CIS, PCI DSS, FFIEC.
Proven experience with regulations, policies, standards and framework pertaining to information and cyber security including PCI DSS standards, FFIEC guidelines on cybersecurity, CIS / NIST framework. Proven experience with secure coding standards and best practices; SAST/DAST/IAST
tooling; API security; and integration of security controls into CI/CD pipelines (DevSecOps). Proven experience with virtualization and container technologies, such as VMware, Citrix Xen, Docker, or Kubernetes. At least one relevant certification (CISSP, GIAC, Security+, AWS Security - Specialty, Azure Security Engineer, etc.). Ability to influence, partner cross‑functionally, and operate under urgency with sound judgment. The targeted annual salary range is $108,895 to $136,000. Final offer will be determined based on experience, education, training/certifications and specialized skills. Orange County's Federal Credit Union is an Equal Opportunity Employer. Pre-employment screenings, including background and credit checks, are required.
