Senior Information Security Analyst

About The Position

Requirements

• Associate degree or bachelor’s degree in the related field
• 3+ years in Information Security or Information Technology role
• Thorough knowledge of and security aspects of network systems.
• Familiarity with network security concepts including firewalls, IPS and IDS
• Knowledge of tools in following categories: WEB Filtering, EDR, SIEM, AV, IAM, PAM and Email Protection Systems
• Ability to work under stress of meeting numerous deadlines and requests that sometimes compete in priority.
• Ability and willingness to work a flexible schedule including weekends as necessary.
• Ability to troubleshoot problems and implement suitable solutions.
• Must keep current with technical aspects of position and know and use job-related functions and skills.
• Ability to communicate effectively with both technical and non-technical colleagues.
• Experience with risk assessment, certification and accreditation and enterprise security planning.
• Understanding of best practice security methodologies.
• Knowledge of any of: Critical Security Controls, FFIEC Examination Handbooks, NIST Cyber Security framework and Mitre ATT&CK framework.
• Ability to train others.

Nice To Haves

• At least one of: Security+, SSCP, CEH, GIAC, CISSP, CISA, CISM, or comparable certification highly desired

Responsibilities

• Management of various security tools used by the bank: EDR, SIEM, Email Security, Webfilter, vulnerability management program and privilege access management
• Research emerging security trends and provide recommendations for improvement of security policies, procedures, training, and incident response
• Support the execution of critical bank projects by representing the IS department as a project team member and providing directions on security implementation
• Responsible for supporting the bank’s information security oversight of policy through monitoring and analyzing security system alerts, incidents, vulnerabilities and coordinating the triage, analysis, and remediation process
• Manage internal security projects to implement best practice security practices throughout organization by working hand in hand with IT staff on implementation
• Collaborate with business lines to ensure security processes and tools are aligned with overall organization risk appetite
• Author, test, and evaluate security policy and controls to support the maturation process of the organization’s information security standards
• Develop and present Information Security training to organizations to improve end user behaviors
• Assist the Audit organization in documenting evidence of technology controls and compliance in meeting regulatory and legal requirements

Benefits

• Team members accrue paid time-off (PTO), receive Holiday (PTO) and are eligible to participate in the bank’s Health and Wellness benefits including Medical, Dental and Vision Plans, Flexible and Health Savings Accounts, and a 401(k) Retirement Plan.
• In addition, the company provides Disability Insurance, an Employee Assistance Program, and Basic Life Insurance.
• Company sponsored Tuition Disbursement and Loan Repayment programs are also available.
• Voluntary benefits include Supplemental Life Insurance, Accident, Critical Illness, Hospital Indemnity and Legal plans.