
Information Technology Security Analyst- Hybrid
Northrop Grumman Federal Credit Union · Gardena, CA
- On site
- Full-time
- $125,000 / year
- Gardena, CA
Email the hiring manager to get a response.
Get their verified email + an intro that's ready to send.
Subject: Interested in the Information Technology Security Analyst- Hybrid role at Northrop Grumman Federal Credit Union
Hi Avery — I came across the Information Technology Security Analyst- Hybrid opening and wanted to reach out directly. I've spent the last few years doing exactly this kind of work, and Northrop Grumman Federal Credit Union stood out because…
✎ Personalized to your résumé after sign-up.
- ✓ Verified email of the hiring manager
- ✓ Intro email personalized to your résumé
- ✓ $9/mo = unlimited — any job link
Secure checkout · cancel anytime
Job highlights
- Strengthen cybersecurity and governance programs.
- Conduct risk assessments and manage vulnerabilities.
- Monitor security alerts and investigate incidents.
- Support audits and drive continuous improvement.
- Collaborate with teams on security practices.
About the role
Information Technology Security Analyst - Hybrid at Northrop Grumman Federal Credit Union
Are you passionate about cybersecurity, risk management, and building stronger security programs in highly regulated environments? We’re looking for an experienced Information Technology Security Analyst to help strengthen and evolve our Information Security Governance Program while protecting critical systems, sensitive data, and organizational operations.
In this role, you’ll work at the center of cybersecurity governance, compliance, risk management, and security operations—partnering with IT teams, leadership, auditors, and external security partners to continuously improve our security posture and cyber maturity.
If you thrive in a collaborative environment, enjoy solving complex security challenges, and want to make a meaningful impact, we’d love to hear from you.
What You’ll Do
As our Information Technology Security Analyst, you will:
Security Governance & Compliance
- Support and enhance the organization’s Information Security Governance Program
- Develop, maintain, and review security policies, standards, and procedures
- Ensure alignment with industry frameworks including NIST CSF, NIST 800-53, CIS Controls, and ISO 27001
- Assist with regulatory compliance efforts related to NCUA, FFIEC, GLBA, and related standards
- Prepare and present cybersecurity reports, metrics, and risk updates to leadership and board committees
Risk Management & Assessments
- Conduct security risk assessments across infrastructure, applications, cloud platforms, and third-party vendors
- Review SOC reports, penetration test results, certifications, and vendor security documentation
- Lead Business Impact Assessments and support Business Continuity and Disaster Recovery initiatives
- Support enterprise risk management and vendor risk management activities
Vulnerability & Security Operations
- Manage the full vulnerability lifecycle: identification, prioritization, remediation, and reporting
- Monitor daily security alerts and incidents across SIEM, endpoint protection, DLP, email security, and web filtering platforms
- Investigate incidents, perform root cause analysis, and coordinate remediation efforts
- Monitor for phishing sites, malicious domains, and emerging cyber threats
Audits, Controls & Continuous Improvement
- Support internal and external audits, penetration tests, and ITGC reviews
- Audit system configurations against CIS benchmarks and security standards
- Track remediation activities and perform control testing
- Contribute to cyber maturity assessments and continuous improvement initiatives such as ACET and CAT
Collaboration & Awareness
- Partner with internal teams, MSSPs, auditors, and business units to strengthen security practices
- Deliver cybersecurity awareness guidance on phishing, social engineering, and data protection
- Stay current on emerging threats, technologies, and regulatory developments
What You Bring
Required Qualifications
- Bachelor’s degree in Cybersecurity, Information Security, Computer Science, Information Technology, or related field (or equivalent experience)
- 5+ years of experience in cybersecurity, information security, GRC, or technology risk
- Experience working in financial services or other regulated environments preferred
Technical Knowledge & Skills
- Strong understanding of: NIST CSF, NIST 800-53, CIS Controls, ISO 27001
- Experience implementing and auditing CIS Critical Controls and security benchmarks
- Familiarity with NCUA, FFIEC, and GLBA requirements
- Experience with: Vulnerability management, Penetration testing remediation, Third-party/vendor risk assessments, SOC report reviews, SIEM and security monitoring tools, Endpoint protection and DLP technologies
Professional Skills
- Excellent analytical and problem-solving abilities
- Strong written and verbal communication skills
- Ability to translate technical concepts for non-technical audiences
- Experience presenting security metrics and risk updates to senior leadership and boards
- Strong organizational skills with the ability to manage multiple priorities effectively
- Commitment to continuous improvement and operational excellence
Why Join Us?
You’ll Have The Opportunity To
- Influence and strengthen enterprise cybersecurity strategy
- Work with leadership on meaningful security initiatives
- Contribute to regulatory readiness and organizational resilience
- Grow your expertise in governance, risk, compliance, and security operations
- Be part of a collaborative team focused on continuous improvement and innovation
Physical Requirements
This position may require standing, walking, sitting, reaching, climbing, kneeling, crouching, and lifting up to 50 pounds occasionally. Specific vision abilities required include close vision, distance vision, color vision, peripheral vision, depth perception, and focus adjustment.
NGFCU offers competitive compensation and a rich benefits package including medical, dental, vision, disability and life insurance, and a 401(k)-profit sharing plan with employer matching.
Compensation and Job Title is commensurate with experience and may fall under the following pay ranges:
Information Technology Security Analyst- $88,992 to $125,000 Annually
Please note that the salary information is a general guideline only. Northrop Grumman Federal Credit Union considers factors such as (but not limited to) scope and responsibilities of the position, candidate's work experience, education/training, key skills, internal peer equity, as well as market and business considerations when extending an offer. We offer a competitive total rewards package including a wide range of medical, dental, vision, financial, and other benefits.
We perform thorough background checks including verification of previous employment, education, credit checks and pre-employment drug screening. Any discrepancies in reported dates, titles, or degree information may result in an employment offer to be withdrawn.
NGFCU is an Equal Opportunity Employer
Pursuant to the Los Angeles Fair Chance Ordinance, we will consider for employment-qualified applicants with arrest and conviction records.
Key skills/competency
- Information Technology Security Analyst
- Cybersecurity
- Risk Management
- Information Security Governance
- NIST CSF
- NIST 800-53
- CIS Controls
- ISO 27001
- NCUA Compliance
- Vendor Risk Management
Skills & topics
- Information Technology Security Analyst
- Cybersecurity
- Information Security
- GRC
- Risk Management
- NIST
- Compliance
- SIEM
- Vulnerability Management
- Financial Services
How to get hired
- Tailor your resume: Highlight cybersecurity, GRC, and risk management experience. Emphasize regulated environment work.
- Showcase technical skills: Detail your knowledge of NIST CSF, ISO 27001, and SIEM tools.
- Quantify achievements: Use numbers to demonstrate impact in vulnerability reduction or compliance efforts.
- Prepare for interviews: Be ready to discuss complex security challenges and your problem-solving approach.
- Research NGFCU: Understand their mission, values, and commitment to security in financial services.
Technical preparation
Behavioral questions
Frequently asked questions
- What are the key responsibilities of an Information Technology Security Analyst at Northrop Grumman Federal Credit Union?
- The Information Technology Security Analyst at Northrop Grumman Federal Credit Union is responsible for enhancing the Information Security Governance Program, conducting risk assessments, managing vulnerabilities, monitoring security operations, supporting audits, and collaborating with internal and external teams to improve the organization's security posture.
- What qualifications are required for the Information Technology Security Analyst role?
- A Bachelor's degree in a related field (or equivalent experience) and 5+ years of experience in cybersecurity, information security, GRC, or technology risk are required. Experience in financial services or regulated environments is preferred.
- What technical knowledge is essential for this Information Technology Security Analyst position?
- Essential technical knowledge includes strong understanding of NIST CSF, NIST 800-53, CIS Controls, ISO 27001, vulnerability management, penetration testing remediation, vendor risk assessments, SIEM tools, and endpoint protection.
- How does Northrop Grumman Federal Credit Union approach cybersecurity compliance?
- Northrop Grumman Federal Credit Union ensures alignment with industry frameworks like NIST CSF, NIST 800-53, CIS Controls, and ISO 27001, and assists with regulatory compliance related to NCUA, FFIEC, and GLBA.
- What opportunities for growth are available for an Information Technology Security Analyst at NGFCU?
- This role offers opportunities to influence enterprise cybersecurity strategy, work on meaningful security initiatives with leadership, contribute to regulatory readiness, grow expertise in GRC and security operations, and be part of an innovative, collaborative team.
- What is the work arrangement for the Information Technology Security Analyst position?
- The Information Technology Security Analyst position is a hybrid role, allowing for a combination of on-site and remote work.
- What is the typical salary range for an Information Technology Security Analyst at Northrop Grumman Federal Credit Union?
- The annual salary range for an Information Technology Security Analyst at Northrop Grumman Federal Credit Union is approximately $88,992 to $125,000, commensurate with experience and other factors.
