Please reference the schedule and minimum qualifications listed below before applying.

If you need assistance with filling out our application form or during any phase of the application, interview, or employment process, please notify our Human Resources Team at 801-366-6947 option 1 or email [email protected] and every reasonable effort will be made to accommodate your needs in a timely manner.

Job Summary

Job Description

To be effective, an individual must be able to perform each job duty successfully:

• Perform hands-on monitoring, triage, and investigation of security alerts across endpoint, network, cloud, and SaaS environments.
• Support on-call or escalation rotations as required for operational coverage.

• Execute day-to-day vulnerability management activities, including scanning, validation, risk analysis, and remediation tracking.

• Optimize policies and detections to improve signal quality and reduce false positives in cybersecurity tooling.

• Support the operational implementation of data classification, data loss prevention (DLP), and data protection controls.
• Monitor and investigate data protection alerts and events.

• Create, maintain, and continuously update security operations documentation, including runbooks, procedures, and standards.
• Participate in change management processes related to security tooling and review changes to controls for security impact and adherence to standards.

• Collaborate closely with Cybersecurity Engineering, Architecture, and Incident Response to provide operational feedback on tools, detections, and control effectiveness.
• Support audits, assessments, and regulatory activities by providing operational evidence and technical input.
• Stay current on emerging threats, vulnerabilities, and industry best practices, applying relevant insights to daily operations.

KNOWLEDGE, SKILLS, & ABILITIES

• 5+ years of progressive experience in cybersecurity operations or a closely related technical security role.
• Proven experience executing vulnerability management programs.
• Deep familiarity with managing endpoint security platforms (AV, EDR, XDR).
• Working knowledge of data classification, DLP, and data protection concepts.
• Strong analytical and troubleshooting skills with the ability to assess risk and prioritize response actions.
• Ability to produce clear, accurate technical documentation to support internal processes, regulatory and internal audits, and incidents.
• Ability to work independently with minimal oversight while collaborating effectively across teams.
• Self-starter with strong problem-solving, organizational, and time management skills.
• Adaptive to change and responds positively to altered circumstances or conditions.
• Possesses a desire and willingness to learn and continually update knowledge on security or business concepts, strategies, systems, etc.

EDUCATION & EXPERIENCE

• Bachelor’s degree in Information Security, Computer Science, or equivalent practical experience.
• Security+, CySA+, Security X, GCIH, GCED, GCIA, CISSP, or equivalent certifications. (Preferred)

PHYSICAL ABILITIES / WORKING CONDITIONS

• Physical Demands
  • Ability to sit, talk and hear consistently
  • Ability to lift up to 10 pounds frequently and up to 25 pounds occasionally.
• Environmental
  • There are no unusual environmental factors. Work is conducted in a typical office setting with moderate noise.

***This Job is not eligible to be performed in Colorado or Connecticut, either remotely or in-person.***

Mountain America Credit Union is an EEO/AA/ADA/Veterans employer.