Information Security Specialist
WHO WE ARE:
Freedom Financial Network is a family of companies that takes a people-first approach to financial services, using technology to empower consumers to overcome debt and create a brighter financial future. The company was founded in 2002 by Brad Stroh and Andrew Housser on the belief that by staying committed to helping people, you can ensure better financial outcomes for both the customer and the business. This Heart + $ philosophy still guides the vision of our growing company, which has helped millions of people find solutions for their financial needs.
What began with 2 people in a spare bedroom has now rapidly expanded to a vibrant business that employs over 2,200 employees (known internally as The Freedom Family) in two locations: San Mateo, CA and Tempe, AZ. When you visit either of our offices, you’ll understand why our employees have voted us the Best Place to Work for the last several years. It’s a place where the Heart + $ philosophy continues to thrive, where we believe that success is only achieved by doing what’s right for our customers, our employees, and our communities.
In order to create brighter futures for our clients, employees, and businesses, Freedom Financial Network holds itself to four core values that have grown out of our Heart + $ philosophy: to care for everyone around us, act with integrity every time, collaborate with everybody we work with, and get better at what we do every day.
The Information Security Specialist is a technical expert concerned with firewall logs, router logs, operating system logs, anti-virus system logs, intrusion detection systems, intrusion prevention systems, message authentication code checking systems, file hash checking routines, public key certificate checking systems, content filtering systems, data loss prevention systems, virtualization monitoring systems, and other automated mechanisms that immediately detect unauthorized activity on Freedom Financial Network information systems.
With a focus on both internal and external facing systems, the Information Security Specialist envisions, designs, specifies, implements, and monitors those controls that immediately detect that an intentional attack against Freedom Financial Network information systems is now underway. The Specialist also fosters automated integration and interoperability across multiple vendors’ security appliances; this integration is not just between those appliances that are deployed within Freedom Financial Network production systems, but also between those internal devices connected to outside parties.
- Regularly reviews the current configurations of Freedom Financial Network production information systems and networks, with an eye towards the steps that attackers must take to break through existing defenses, and recommends configuration changes, system setting changes, network topology changes, and other modifications that would enhance the overall level of security
- Designs, specifies, programs, deploys, and fine-tunes capabilities that analyzes the vast amount of log, audit trail, and other recorded activity, so as to be able to immediately detect unauthorized activity, especially intrusion by unauthorized parties and the execution of unauthorized software
- Acknowledging that manual responses to automated attacks are no longer sufficient protection, the Specialist designs automated scripts, automated contingency plans, and other programmed responses which are launched when an attack against Freedom Financial Network systems has been detected
- Designs, specifies, programs, and investigates middleware, and other system integration tools, which tie multiple security monitoring systems together so as to better meet Freedom Financial Network’s information security needs
- Integrates and interfaces information security monitoring systems with physical security monitoring systems so as to increase management visibility of the current situation, and also increase the overall level of security
- Works with Business Applications Programmers, Systems Programmers, and others who are building and modifying software and hardware for Freedom Financial Network, so as to better take advantage of the security monitoring tools deployed at Freedom Financial Network
- Fine-tunes the existing security monitoring systems so that false positives and false negatives are minimized, and so that both accurate and useful information is being actioned
- Works with the other technical staff who monitor information system activities, so as to be able to best utilize the information recorded on the systems that they monitor for information security purposes and tie these systems into information security monitoring systems
- Performs product evaluations for those information security monitoring systems that are being seriously considered for use on Freedom Financial Network production information systems
- Performs post-mortem analysis with logs, network traffic flows, and other recorded information to identify intrusions by unauthorized parties, as well as unauthorized activities of authorized users
- The desire to LEARN and GROW
- Bachelor's degree preferred
- 5 + years of enterprise systems security experience with emphasis on technical configurations
- Incident response and DLP
- Ability to identify problems, analyze data and present conclusions effectively
- Experience with Security Information Event Management (SIEM) tuning and reporting
- Solid understanding of Vulnerability Management, including an understanding of the process and activities required in vulnerability scanning, identification and reporting through to vulnerability remediation efforts
- Knowledge of frameworks, standards, and best practices (i.e. NIST, OWASP, PCI, ISO, COBIT,)
- CISSP, CEH, CISM or similar certifications
- Critical Thinking -- Using logic and reasoning to identify the strengths and weaknesses of alternative solutions, conclusions or approaches to problems.
- Active Listening -- Giving full attention to what other people are saying, taking time to understand the points being made, asking questions as appropriate, and not interrupting at inappropriate times.
- Writing -- Communicating effectively in writing as appropriate for the needs of the audience.
- Skilled at communicating and prioritizing threats and vulnerabilities to a diverse audience, and be able to confidently express and assist with proper remediation methods
CULTURAL FIT (Our Core Values):
- Care (for everyone): We show compassion and contribute to the well-being and growth of those around us. We only pursue products that improve the financial lives of our clients.
- Act with Integrity (every time): We take the right action even when it is hard and even when no one is watching. We treat our employees, clients, and communities the way they wish to be treated.
- Get Better (every day): We innovate, iterate, and improve each day. We are creative, take thoughtful risks, and ultimately learn and recover from failures.
- Collaborate (with everybody): We strive to work together toward a common purpose by proactively sharing information and inviting participation. We recognize the perspective of various groups and embrace healthy, constructive debate.
WHY JOIN THE FREEDOM FAMILY?
- Fast, continued growth – there’s a lot of opportunity for advancement
- Voted a Phoenix Best Place to Work 9 times by our employees including the #1 spot for 2 years in a row!
- Benefits start within 30 days
- 401k with employer match
- 3 weeks’ paid vacation (increased with tenure)
- 9 paid holidays & 5 sick days
- Paid time off for volunteer work and on your birthday
Attention Agencies & Search Firms: We do not accept unsolicited candidate resumes or profiles. Please do not reach out to anyone within Freedom Financial Network (FFN) to market your services or candidates. All inquiries should be directed to Talent Acquisition only. We reserve the right to hire any candidates sent unsolicited and will not pay any fees without a contract signed by FFN’s Talent Acquisition leader.