Senior Information Security Analyst

About The Position

Requirements

• Solid understanding of network and system intrusion and detection methods; examples of related technologies include Next Generation Endpoint Detection and Response (EDR), Security information and event management (SIEM), hacking tactics techniques and procedures.
• Experience with Nessus, Metasploit, Splunk, Crowdstrike, and Fortinet firewalls.
• Proven ability to successfully partner with internal clients and vendors to align strategy with deliverables, identify business challenges and develop alternatives to mitigate.
• Strong service management and service delivery orientation.
• Strong written, oral, and interpersonal communication skills.
• Ability to present ideas in user-friendly language to a variety of constituent audiences.
• Proven ability to work within a changing environment and lead the implementation of change.
• Ability to assess the impact or potential impact of change management initiatives of various sizes and degrees of complexities on business financials and performance.
• Ability to effectively prioritize and execute tasks in a high-pressure environment.
• Ability to provide leadership and management at the departmental level with regards to projects, incident response, and team resources in an organized and effective manner.
• Act as a trusted advisor for enterprise initiatives, incidents, and projects.
• Bachelor's degree in related discipline or equivalent work experience.
• Minimum 5 - 6 years of progressively responsible professional experience in an Information Technology or Information Security environment with demonstrated experience in disaster recovery, Information Security. and/or IT audit.
• Prior experience implementing system solutions in a banking environment.
• Hands-on deployment of Splunk & Splunk ES use cases and log ingestion.
• Experience with creating Splunk dashboards and queries.

Nice To Haves

• Industry recognized Infosec certifications such as CompTIA Security+, CEH: Certified Ethical Hacker, GSEC: SANS GIAC Security Essentials, CISSP: Certified Information Systems Security Professional, CISM: Certified Information Security Manager, strongly desired.

Responsibilities

• Provide timely detection, identification, and alerting of possible attacks, anomalous activities, and misuse activities.
• Utilize an expertise in security solutions such as SIEM, IPS/IDS, End Point Security, Network Security, Database Security, Firewalls, Cloud Proxy, Network Access Control and Network Segregation to identify security risks.
• Ensure appropriate systems and controls exist to protect the confidentiality, integrity and availability of data residing on or transmitted to/from/through enterprise workstations, servers and other systems and in databases and other data repositories.
• Execute the deployment, integration and initial configuration of all new and enhanced information security solutions with IT partners in accordance with standard best operating practices and the enterprise’s documented information security procedures.
• Maintain information security documentation including procedures, processes and guidelines to ensure the organization’s information security and compliance with all applicable banking regulations.
• Coordinate and document incident reviews to ensure appropriate controls are implemented to prevent or mitigate risks for recurrence of security and continuity incidents and/or data breaches.
• Work with IT to maintain the bank’s Business Continuity and Disaster Recovery Plans, identify potential information security risks and develop mitigating controls where appropriate.
• Maintain ongoing communications with IT peers to ensure enterprise-wide understanding of information security goals, solicit feedback and foster co-operation.
• Support the information security activities of the bank’s external network sources.
• Maintain current knowledge and understanding of the IT security industry including awareness of new or revised security solutions, improved security processes and the development of new attacks and threat vectors.
• Understand the IT threat landscape for banking and financial services industry.
• Help deliver enterprise-wide security awareness training for all employees to ensure consistently high levels of compliance with enterprise security requirements.
• Active participant in Incident Response Plan tabletop exercises.
• Create/Maintain vulnerability scans, and then analyze data and integrate into reporting and dashboard creation.
• Update security software tools to maintain current versions.
• Review and recommend security policies, controls and cyber incident response planning.
• Approve and oversee identity and access management (IAM) policies and system access control.
• Ensure continued compliance with laws and applicable regulations.
• Schedule and participate in periodic security assessments.
• Choose and recommend security products as necessary.
• Coordinate electronic discovery and digital forensic investigations.
• Ensure an inventory of technology assets, classified by sensitivity and criticality is properly maintained.
• Review relevant logs for security events.
• Lead and/or manage departmental efforts and resources to accomplish the strategic goals of the department.