Information Security Analyst

About The Position

Requirements

• 3-5 years of information security experience in a financial or regulated environment
• Bachelors degree in a relevant Information Technology field
• Knowledge of financial regulations such as GLBA, NCUA, and FFIEC
• Experience with SIEM, EDR, and vulnerability scanning tools
• Understanding of networking, operating systems, and security architecture
• Ability to analyze threats and recommend mitigations strategies
• Strong documentation and communication skills
• Attention to detail, analytical thinking, cross team collaboration and adaptability in a regulated environment

Nice To Haves

• Security certifications such as Security+, CySA+, CEH, or CISSP associate
• Experience with core banking systems and financial applications
• Scripting or automation skills (Python, PowerShell)

Responsibilities

• Security monitoring and incident response: Investigate SIEM alerts, analyze logs, coordinate containment, and support post-incident reviews.
• Regulatory compliance support: Assist with GLBA, NCUA, NIST Cybersecurity Framework 2.0, and internal audit activities.
• Vulnerability management: Perform scans, validate findings, prioritize remediation, and track closure with IT teams.
• Access control administration: Support access review program and review identity protection logs.
• Risk assessments: Support periodic risk assessments, evaluate control effectiveness, and document mitigation plans.
• Vendor security reviews: Assess third-party risk, review SOC reports, ad ensure vendors meet security requirements.
• Security awareness initiatives: Deliver training, run phishing simulations, and promote a strong security culture.
• Audit and reporting: Prepare documentation for audits, board reports, and regulatory examinations.