Job Description
Information Technology Security Analyst- Hybrid Northrop Grumman Federal Credi - 2.8 Gardena, CA Job Details Full-time $88,992 - $125,000 a year 4 hours ago Benefits Profit sharing Disability insurance Health insurance Dental insurance 401(k) Vision insurance 401(k) matching Life insurance Qualifications Incident investigation techniques for hazard identification Computer science Intrusion detection analysis Risk management compliance audits Internal controls Defect resolution root cause analysis Bachelor's degree in information technology Computer Science
NIST SP 800-53
Information security audit implementation Technical documentation ISO standards 5 years Security risk assessment investigation Reporting (security system operation) IT system monitoring IT security awareness training implementation Metrics Reporting Mid-level Security system vulnerability testing Cloud security Presentation skills Information Security Bachelor's degree Continuous improvement Data Security (Data management) Security Event Management (security operations) Log analysis tools Compliance documentation Industry knowledge of financial regulations Full Job Description Are you passionate about cybersecurity, risk management, and building stronger security programs in highly regulated environments? We're looking for an experienced Information Technology Security Analyst to help strengthen and evolve our Information Security Governance Program while protecting critical systems, sensitive data, and organizational operations. In this role, you'll work at the center of cybersecurity governance, compliance, risk management, and security operations—partnering with IT teams, leadership, auditors, and external security partners to continuously improve our security posture and cyber maturity. If you thrive in a collaborative environment, enjoy solving complex security challenges, and want to make a meaningful impact, we'd love to hear from you. What You'll Do As our Information Technology Security Analyst, you will: Security Governance & Compliance Support and enhance the organization's Information Security Governance Program Develop, maintain, and review security policies, standards, and procedures Ensure alignment with industry frameworks including NIST CSF, NIST 800-53, CIS
Controls, and ISO 27001
Assist with regulatory compliance efforts related to NCUA, FFIEC, GLBA, and related standards Prepare and present cybersecurity reports, metrics, and risk updates to leadership and board committees Risk Management & Assessments Conduct security risk assessments across infrastructure, applications, cloud platforms, and third-party vendors Review SOC reports, penetration test results, certifications, and vendor security documentation Lead Business Impact Assessments and support Business Continuity and Disaster Recovery initiatives Support enterprise risk management and vendor risk management activities Vulnerability & Security Operations Manage the full vulnerability lifecycle: identification, prioritization, remediation, and reporting Monitor daily security alerts and incidents across SIEM, endpoint protection, DLP, email security, and web filtering platforms Investigate incidents, perform root cause analysis, and coordinate remediation efforts Monitor for phishing sites, malicious domains, and emerging cyber threats Audits, Controls & Continuous Improvement Support internal and external audits, penetration tests, and ITGC reviews Audit system configurations against CIS benchmarks and security standards Track remediation activities and perform control testing Contribute to cyber maturity assessments and continuous improvement initiatives such as ACET and CAT Collaboration & Awareness Partner with internal teams, MSSPs, auditors, and business units to strengthen security practices Deliver cybersecurity awareness guidance on phishing, social engineering, and data protection Stay current on emerging threats, technologies, and regulatory developments What You Bring Required Qualifications Bachelor's degree in Cybersecurity, Information Security, Computer Science, Information Technology, or related field (or equivalent experience) 5+ years of experience in cybersecurity, information security, GRC, or technology risk Experience working in financial services or other regulated environments preferred Technical Knowledge & Skills Strong understanding of: NIST CSF NIST 800-53 CIS
Controls ISO 27001
Experience implementing and auditing CIS Critical Controls and security benchmarks Familiarity with NCUA, FFIEC, and GLBA requirements Experience with: Vulnerability management Penetration testing remediation Third-party/vendor risk assessments SOC report reviews SIEM and security monitoring tools Endpoint protection and DLP technologies Professional Skills Excellent analytical and problem-solving abilities Strong written and verbal communication skills Ability to translate technical concepts for non-technical audiences Experience presenting security metrics and risk updates to senior leadership and boards Strong organizational skills with the ability to manage multiple priorities effectively Commitment to continuous improvement and operational excellence Why Join Us? You'll have the opportunity to: Influence and strengthen enterprise cybersecurity strategy Work with leadership on meaningful security initiatives Contribute to regulatory readiness and organizational resilience Grow your expertise in governance, risk, compliance, and security operations Be part of a collaborative team focused on continuous improvement and innovation Physical Requirements This position may require standing, walking, sitting, reaching, climbing, kneeling, crouching, and lifting up to 50 pounds occasionally. Specific vision abilities required include close vision, distance vision, color vision, peripheral vision, depth perception, and focus adjustment. NGFCU offers competitive compensation and a rich benefits package including medical, dental, vision, disability and life insurance, and a 401(k)-profit sharing plan with employer matching. Compensation and Job Title is commensurate with experience and may fall under the following pay ranges: Information Technology Security Analyst- $88,992 to $125,000 Annually Please note that the salary information is a general guideline only. Northrop Grumman Federal Credit Union considers factors such as (but not limited to) scope and responsibilities of the position, candidate's work experience, education/training, key skills, internal peer equity, as well as market and business considerations when extending an offer. We offer a competitive total rewards package including a wide range of medical, dental, vision, financial, and other benefits. We perform thorough background checks including verification of previous employment, education, credit checks and pre-employment drug screening. Any discrepancies in reported dates, titles, or degree information may result in an employment offer to be withdrawn. NGFCU is an Equal Opportunity Employer Pursuant to the Los Angeles Fair Chance Ordinance, we will consider for employment-qualified applicants with arrest and conviction records. Monday through Friday 9:00 am to 6:00 pm
