Find The RightJob.

IT Audit & Remediation Analyst

Our Purpose
At Vibe, we are driven by our mission to elevate community and create opportunity. We believe in fostering an environment of inclusivity where every team member has the chance to grow professionally. Guided by our core values — be inclusive, educate, embrace change, and seek opportunities — we are dedicated to making a positive impact in the lives of our members and communities. As we continue to grow and expand our team, we are seeking passionate individuals who share our vision and are eager to join us in our journey. If you are someone who is passionate about making a difference and is committed to creating a brighter future for our communities, we invite you to explore this exciting opportunity at Vibe!

Your Role: IT Audit & Remediation Analyst
As the IT Audit & Remediation Analyst, you will manage, coordinate, and drive the remediation of IT and cybersecurity findings resulting from NCUA examinations, internal and external audits, vulnerability assessments, penetration testing, and third‑party risk assessments. Your work ensures control gaps—including advanced vulnerabilities affecting network, infrastructure, cloud/hybrid, and endpoint assets—are remediated in a timely, risk‑based, and sustainable way, with documentation aligned to regulatory expectations and industry best practices.

This role is ideal for someone who can translate technical findings into actionable plans, partner across teams to drive completion, and ensure remediation is done the right way—addressing process, technology, and people factors to reduce repeat issues.

What You’ll Do:

Own the remediation lifecycle: Manage end‑to‑end remediation for IT and cybersecurity findings from exams, audits, assessments, and third‑party reviews.
Turn findings into action: Translate findings into clear remediation tasks with scope, owners, milestones, and target completion dates.
Keep remediation audit‑ready: Maintain the centralized tracking system and ensure updates are accurate, timely, and documentation is ready for review.

Drive advanced vulnerability remediation across:

Network devices (firewalls, routers, switches, VPN concentrators, WAFs)
Servers & infrastructure services (AD, DNS, DHCP, email, virtualization platforms)
Endpoints
Cloud/hybrid assets (IaaS/PaaS configurations, security groups, identity controls)

Partner to implement and verify corrective actions such as:

Patch/firmware upgrades, secure configuration changes, service hardening
Removing insecure protocols/ciphers; tightening VPN and remote access settings
Segmentation improvements, ACL refinement, reducing lateral movement paths
Identity and privileged access hardening (MFA enforcement, admin tiering, credential hygiene)
Ensure lasting fixes: Confirm corrective actions address root causes
Build complete documentation packages: Remediation plans, approvals, implementation records, and before/after evidence (screenshots, logs, tickets, scan outputs).
Support change control: Coordinate remediation work through formal change management processes.
Report to leadership: Support reporting of vulnerabilities/remediation progress to the IT Steering Committee and Board of Directors.
Support exams & audits: Assist with collecting evidence documentation for IT audits and examinations.
Improve readiness: Support tabletop exercises and control reviews to reduce repeat issues and strengthen preparedness.

What We’re Looking For:

Education & Experience

Four‑year degree preferred in Information Technology (or strong business acumen)
Audit, risk, cybersecurity, technical, or network certifications preferred
3–5 years’ experience in IT infrastructure and security operations
3–5 years’ experience in IT risk management
Familiarity with NCUA and DIFS regulatory requirements preferred
3-5 years experience with vulnerability management
Working knowledge of network devices and endpoint security.
Experience with financial technology vendors/platforms (credit union industry) preferred

Skills & Abilities

Technical proficiency across systems and network infrastructure (Windows/macOS/Linux, network environments)
Strong analytical/problem‑solving skills for complex technical issues
Adaptability and ability to stay current with evolving threats, tools, and trends
Strong collaboration skills—able to work independently and cross‑functionally
Deep knowledge of information security frameworks, threat detection, vulnerability management, and incident response
Understanding of financial regulations and privacy laws (NCUA, FFIEC, GLBA)
Ability to assess, mitigate, and communicate security/technology risk effectively
Demonstrated positive communication approach and strong organizational skills

Why You’ll Love It Here

You’ll have real impact—your work strengthens security, resilience, and regulatory readiness across the credit union.
You’ll partner across IT, risk, and leadership to drive meaningful, lasting improvements, not just check-the-box fixes.
You’ll work in a mission‑driven organization where protecting systems and data helps ensure we can continue elevating community and creating opportunity for members.
You’ll be trusted with high‑visibility work that improves processes, strengthens controls, and supports long‑term growth.

Physical Requirements
These physical demands are representative of the physical requirements necessary for an employee to successfully perform the essential functions of the position. Reasonable accommodations can be made to enable people with disabilities to perform the described essential functions of the position. While performing the responsibilities of the job, the employee is required to hear, see, talk, stand, walk, stoop, kneel, lift, push, pull, and grasp.

Similar jobs