Security Analyst

About The Position

Requirements

• Bachelor's Degree or equivalent experience
• 3+ years minimum experience cybersecurity, vulnerability management, pen testing or a related IT security role.
• Banking experience preferred
• Relevant certifications such as CEH (Certified Ethical Hacker), Security+, CISSP, Azure Security Engineer

Nice To Haves

• Strong understanding of audit/risk management methodologies and regulatory requirements pertaining to information security, privacy and/or data security
• Basic understanding of industry standards (FFIEC, ISO, NIST, COBIT, COSO, ITIL)
• Ability to manage multiple complex priorities and competing agendas without express authority over delivery teams.
• Ability to interpret and apply policies and regulations.
• Analytical aptitude with an emphasis on investigative, methodical critical questioning and logical thinking; a data-driven decision maker
• High level of interpersonal skills to interact with leaders at multiple levels and facilitate team interactions.
• Strong written and oral communication skills. Must be able to effectively communicate with Operations staff, bank clients, auditors, and outside vendors.
• Collaboration - Ability to work across departments as needed.
• Strong attention to detail
• Excellent organizational and time management skills
• Capable of handling customer and teammate contact situations tactfully and professionally.
• Ability to think critically and interpret a variety of instructions.
• Mathematical abilities to ensure calculations are done correctly.

Responsibilities

• Review system security reports on a daily, monthly and yearly basis.
• Drive cyber security specific strategic initiatives through assigned LOB areas.
• Ensure LOB awareness of and compliance with IT/Security related policies and standards.
• Assist with ensuring adherence to information security policies, standards and procedures.
• Analyze security scan results, prioritize findings and provide clear guidance to technical teams for remediation.
• Advise on alternatives, such as compensating controls, to resolve issues and exceptions.
• Assist Systems/Network teams in identifying and remediating vulnerabilities in on-prem and cloud environments.
• Drive information protection strategy and initiatives through assigned LOB areas.
• Assist in security design and implementation of applications and equipment.
• Help identify and remediate business processes that are triggering data loss prevention 'DLP' monitoring tools. Develop and manage DLP parameters specific to LOB areas.
• Assist with internal and external audits.