IT Security Analyst

About The Position

Requirements

• Knowledge of Wellby’s organizational functions and general operating policies and procedures.
• Knowledge of systems/computer field, including application design, hardware, software, and capabilities and limitations.
• Knowledge of network security resources such as intrusion prevention, network access control, port security, and network isolation techniques.
• Knowledge of endpoint threat detection and prevention technologies.
• Knowledge and understanding with SIEM platforms.
• Knowledge and understanding of data loss prevention and data governance tools.
• Knowledge and understanding of open-source penetration tools and threat-hunting platforms.
• Knowledge and understanding of TCP/IP, networking, routing, ACLs, and network devices.
• Knowledge of common programming languages is encouraged.
• Ability to work in a fast-paced team environment with exceptional member service skills.
• Ability to communicate clearly and concisely, orally and in writing.
• Ability to motivate others and to work in a large cross-functional team dynamic.
• Ability to efficiently understand and follow oral and written instructions, perform routine duties without close supervision, and establish and maintain effective working relationships with other team members.
• Ability to coordinate several concurrent activities simultaneously.
• Ability to explain technical information in understandable language to non-technical team members.
• Ability to develop, interpret and apply program regulations.
• Bachelor’s degree is required.
• Minimum three (3) to five (5) years of experience in information security or information technology.
• One year of relevant work experience may be substituted for one year of required education.
• Bondable

Nice To Haves

• One or more current industry-recognized information security certifications are highly desirable.

Responsibilities

• Willingness and ability to exhibit Wellby’s Core Values every day.
• Works with purpose and is driven to provide the best team member experience.
• Monitors security information and event management (SIEM) tools to detect and respond to security incidents, indicators of compromise, and breaches.
• Analyzes security incidents, indicators of compromise, and breaches, to determine their impact, origin, and resolution.
• Coordinates with IT teams and vendors to address and mitigate identified security threats.
• Conducts vulnerability assessments, penetration tests, and system hardening assessments to identify and address security weaknesses on an ongoing basis.
• Monitors security patches and updates to ensure system integrity.
• Collaborates with IT teams and vendors to ensure secure configuration and deployment of systems and applications.
• Analyzes security requirements for new systems, applications, and vendors.
• Recommends additional security measures and controls.
• Identifies hardware and software that are nearing the end of support.
• Promotes a culture of security awareness through training, education, and ongoing communication.
• Reviews violations of security processes and procedures.
• Keeps abreast of security best practices, new or improved security technologies, and cyber-threat intelligence and attack vectors.
• Monitors and restricts sensitive, confidential, or high-security data access.
• Participates in cyber-based risk assessments, audits, tests, and assessments to ensure the proper functioning of data processing activities and security measures.
• Helps to enforce security policies and procedures. Monitors the environment to ensure that applicable security-related compliance frameworks are being followed.
• Works effectively in a team atmosphere to perform duties and achieve daily operational goals.
• Meets productivity standards in accordance with Wellby’s confidentiality policies and organizational values.
• Responsible for all information concerning the Bank Secrecy Act, including: Reporting all suspicious activity to the BSA Officer. Attending required annual BSA training.
• Performs other related duties as assigned.