Incident Responder 21-0638

$89,000 - $112,000 yearly
  • Schools First Federal Credit Union
  • Sacramento, CA, USA
  • Aug 20, 2021
Full time Information Technology

Job Description

Who We Are

SchoolsFirst FCU is the largest credit union in California and the nation’s largest credit union serving the educational community. We exclusively serve California school employees and their families. We were recently ranked the #1 credit union in California by Forbes, and recognized as one of the 50 Most Engaged WorkplacesTM in North America by Achievers. We’re growing and looking for talented, service-oriented people to join our team.


What We Believe

There’s a reason we love coming to work every day. We have the privilege of serving those who build the future: school employees, and the families whose sacrifices make their work possible. Not only are we passionate about living our mission of providing Members with world-class personal service and financial security, but we’re also dedicated to providing service to each other. That means creating an environment where you’re empowered to do what you do best every day, with opportunities for ongoing development and growth. So you can provide the trusted advice and financial expertise that makes a positive difference in the lives of our Members. It’s a truly unique culture, in an organization with a truly unique mission.

Position Summary

Participates as Incident Manager to handle all major incidents during business hours and extended business hours; maintains IT Incident Management program. Support unified monitoring of Infrastructure, Application and Business & IT services to proactively detect, predict and prevent service, application and security problems.

Essential Job Functions

  • Responsible for maintaining Security and Network Operations SLAs 24/7
  • Participates within the call rotation supporting the production environment 24x7x365
  • Assess and manage escalated issues to ensure timely resolution and to meet the operational service level targets and quality standards
  • Act as Incident Manager accountable for handling escalated issues to ensure timely resolution and to meet the operational service level targets and quality standards
  • Coordinate with vendors for technical support and escalated issues
  • Maintaining inter-divisional IT services & applications Available Dashboards; provides input and guidance for creating intra-divisional IT Availability Dashboards, including ServiceNow, Orion, Splunk, Tenable, and App Dynamic; ensures historical and real-time end-to-end visibility into critical IT services and applications.
  • Monitor and correlate multiple system events and apply advanced analytics to quickly detect potential security breach attempts and protect financial privacy. Leverage real-time monitoring, incident response and insider threat detection.
  • Proactively communicate incident status to respective stakeholders throughout incident lifecycle.
  • Design SPLUNK for data modeling, summary indexing, and reporting for trend and real-time monitoring
  • Leverage SPLUNK data for proactive fault detection by building/configuring tools to perform the function in a repeatable fashion; reduce alert fatigue and increase uptime
  • Execute automated cyber security and availability incident playbooks
  • Design and maintains automated response playbooks
  • Manage components of application performance monitoring (APM) and develop rules, alerts and notifications
  • Adhere to availability, response time metrics, and KPI reporting dashboards for the consumption of the Enterprise Availability and Continuity (EACO) team and various other interested teams within the organization
  • Collaborate with business, R&D, infrastructure, operations and other key partners to ensure operational readiness of new solutions and ongoing optimization/improvement of existing solutions
  • Assist with security vulnerability threat modeling/hunting of technical weaknesses
  • Research new technologies and products related to end-to-end application and infrastructure monitoring to suggest new monitoring solutions, insuring the enterprise is using current technology
  • Maintain knowledge on monitoring platform best practices; recommend changes to platforms or architecture as necessary to ensure adherence to best practices
  • All teammembers must comply with regulatory compliance and assigned training requirements including but not limited to BSA regulations corresponding to their specific job duties. Failure to do so may result in disciplinary and other employment related actions.
  • Performs other related duties as assigned or requested.



Education/Years of Experience/Certifications

  • Bachelor’s Degree, with a technical major, such as engineering or computer science or equivalent years of experience
  • 5 – 7 years of technical operations experience within a 24x7 environment (Production) with complex, multi-tiered, and highly available clustered systems (Linux/Windows) on premises and cloud required
  • Three (3) years of experience, implementing and maintaining Enterprise Monitoring Application required
  • Three (3) years administering SPLUNK with ITSI experience preferable
  • Scripting experience with languages such as VB, Java, PowerShell, and/or Python required
  • Three (3) years of managing medium to large-scale projects involving the coordination of other groups
  • Three (3) years of experience working with ITIL incident and problem management framework
  • Three (3) years of experience working with Tenable Security solution
  • Demonstrated ability to solve both structured and non-structured problems
  • Excellent written and verbal skills


One or more certifications or relevant experience:

  • CISSP (Certified Information Security Professional)
  • CCSP (Certified Cloud Security Professional)
  • MCSE (Microsoft Certified Systems Engineer)
  • CCNP (Cisco Certified Network Professional)


Technical Level Certifications (Required):

  • COMPTIA Security+
  • ITIL Foundation
  • Splunk Enterprise/Splunk Cloud Security Certified Admin
  • Splunk Power User



Additional Skills

Expert knowledge with 8 years of experience with several of the following Applications/Programs:

  • Microsoft Active Directory, Microsoft Exchange, Microsoft SQL
  • Enterprise network operations
  • SIEM management
  • SMA OpCon (workflow scheduling platform)
  • PowerShell / Python
  • Change Management
  • System Hardening
  • SOC Management Program
  • Proficient understanding of industry standard security guidelines: ISO 27001, NIST 800-53