Information Security Analyst I

About The Position

Requirements

• Bachelor’s degree in computer science, information security, business administration, or similar; relative years of work experience can be substituted for a bachelor’s degree
• 2 or more years of related work experience in vendor management, risk management, or related roles
• Basic proficiency in scripting languages such as Python or PowerShell
• Experience with SIEMs, firewalls, email security, vulnerability management, IDS/IPS, and cloud technologies
• Ability to manage multiple tasks and work in a fast-paced environment
• Cyber security investigation, research, and troubleshooting
• Understanding of data privacy and security concepts
• Proficiency in Microsoft Office, particularly Excel, Word, and PowerPoint
• Adaptability to changing priorities and deadlines
• Analytical, critical thinking, and problem-solving skill with attention to detail
• Ability to work independently and collaboratively in a team environment

Nice To Haves

• Security+, SSCP, GIAC, or similar industry certifications
• Prior experience working in a regulated environment

Responsibilities

• Monitor and analyze daily threat intelligence feeds and alerts using threat intelligence tools, identifying potential threats and escalating as necessary.
• Conduct regular threat hunting activities using threat intelligence tools, focusing on indicators of compromise (IOCs) and suspicious behaviors.
• Assist in vulnerability management processes, including reviewing scan results and supporting remediation efforts.
• Support the development and updating of threat intelligence playbooks, ensuring alignment with the NIST Cybersecurity Framework.
• Assist in analyzing security incidents related to threat management, email security, endpoint security, network security, and physical security devices, providing reports and improvement suggestions.
• Prepare and distribute weekly threat intelligence reports, summarizing trends, potential risks, and mitigation recommendations.
• Participate in threat simulation, incident response, and red team exercises to test and improve the bank's detection and response capabilities.
• Assist in quarterly vulnerability assessments, providing actionable recommendations for risk mitigation.
• Assist in firewall management and reviews to ensure proper configurations and functionality.
• Support email security monitoring activities, investigating potential phishing or malware incidents using email security platforms.
• Collaborate with the physical security team to ensure the security and proper maintenance of physical security devices.
• Contribute to the monthly review and update of physical security device configurations, ensuring compliance with security policies and guidelines.

Benefits

• Robust medical, dental, and vision insurance packages
• Generous time off, including paid federal holidays and paid day off for your birthday
• 401(k) retirement savings plan
• Tuition reimbursement, professional development, and career growth opportunities
• Employee assistance program
• Comprehensive wellness program