IT Security Analyst I

Middlesex Savings Bank-posted 2 days ago
$62,682 - $111,280/Yr
Full-time • Entry Level
Hybrid • Westborough, MA
501-1,000 employees
Resume
Match Score
Upload and Match ResumeTrack Jobs with Teal

The IT Security Analyst I is responsible for supporting the Bank's IT Security preventative and reactive measures including but not limited to Technology governance, risk, and compliance. IT governance-related duties include ensuring security controls are in place, effective, and that risks are recorded and actively being managed. Other tasks include configuration management, asset management, patch management, software/hardware lifecycle, threat intelligence, user activity monitoring, and reporting thereof. This role is expected to be fully aware of the Bank's security goals as established by its stated policies, procedures and guidelines and to actively work towards upholding those goals. Other duties include collaboration with senior IT Security personnel to optimize security tools and processes. Performs any functions, within scope of authority and expertise, to provide the highest level of service and responsiveness to customers and co-workers. This is a Hybrid work schedule, 3 days in the office and 2 days remote in Massachusetts.

  • Maintain the Bank’s IT security program control framework to ensure compliance with industry standards (NIST, CIS, FFIEC) and MSB’s IT security control requirements.
  • Develop systems and processes for identifying, managing, and reporting risks.
  • Provide governance, risk, and compliance data insights to drive improvement across the IT system.
  • Compile metrics/reporting for the weekly IT Governance report. Facilitate weekly presentation to stakeholders.
  • Design and implement security controls for our infrastructure and critical systems.
  • Assigns responsibility for IT Governance related issues and tracks them to resolution.
  • Continually working to improve the Banks overall security posture.
  • Track and understand emerging security practices and threats. Leverage this knowledge to improve security configurations across the enterprise and hunt for potential or active t threats.
  • Manage daily volume of offline computers. Triage and resolve issues so computers can join network and be managed.
  • Reconcile asset type risk scores regularly and report metrics and issues to IT Division.
  • Conduct hardening assessments of hardware and software to identify noncompliance of standards and define remediation requirements.
  • Regular maintenance of configuration hardening benchmarks.
  • Monitoring, delegation, and investigation of vulnerabilities in a severity-prioritized process.
  • Development, deployment, and automation of scripts for remediation of vulnerabilities.
  • Systematic testing, deployment, and reporting of system patches.
  • Monitor, triage, and report on Threat Intelligence alerts accordingly.
  • Reconciliation of end-of-life/end-of-support hardware and software.
  • Authorization of software based on weight of business need and risk.
  • Regular upkeep of software versions within Bank infrastructure.
  • Workstation ownership - building, securing, and ongoing management of assigned workstation assets.
  • Identifying and mitigating vulnerabilities on assigned assets and applications.
  • Application ownership – configuring, implementing, securing, and ongoing management of the Bank’s security applications.
  • Recommend additional security solutions or enhancements to existing security solutions to improve overall security.
  • Participate in investigations into problematic activity.
  • Consults with third party vendors/suppliers as required.
  • Bachelor's Degree in computer science, information systems or equivalent work experience is required
  • 2+ years experience supporting security components and applying security best practices across an enterprise application/network infrastructure is required
  • Experience with managing and securing Microsoft Windows or Linux is preferred.
  • Working knowledge of IT security controls and how to determine their effectiveness.
  • Understanding of common security technologies and functions (Endpoint AV, Patch Management, Encryption, Vulnerability Scanning, etc.)
  • Working knowledge of common operating systems (Windows, Linux, etc.) and basic endpoint security principles
  • Passion and enthusiasm for Cyber Security
  • Demonstrates excellent communication, facilitation, efficient decision making and problem solving skills
  • Certified Information Systems Security Professional (CISSP) or equivalent security related certification Preferred
Track Jobs with Teal

Job Search Resources

AI Resume Builder
IT Security Analyst Resume Examples
IT Security Analyst Cover Letter Examples

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service