Full-Time Information Security Analyst (J0000117)
As a member of the Information Security department, the Information Security Analyst will be responsible for implementing and operating security programs to protect computer systems, networks and data. This role is an ideal bridge or stepping stone for someone looking to transition from Desktop or User Support into the Information Security function.
The primary responsibility of the Information Security Analyst will be to develop operational processes and best practices for the organization in areas including, but not limited to, Identity and Access Management, Security Awareness and Training, Physical/Life Safety and Privacy. Other responsibilities include, system access reviews, risk assessments and other related activities in support of the team’s mission. Additionally, the Information Security Analyst assists in the response to business disruptions, security incidents and other control functions as necessary to satisfy the Information Security Team’s responsibilities.
This position is classified as sensitive. Sensitive positions are subject to a sensitive position background investigation.
- Implement information security processes, tools, techniques, and control activities defined by the Bank’s Information Security program.
- Manage the security awareness and training program.
- Conduct periodic access reviews for critical applications and server administrator access.
- Development and maintenance of standards, procedures, and guidelines necessary to satisfy the Information Security department’s operational responsibilities.
- Contribute to the development and administration of security monitoring and response tools, techniques, and procedures.
- Manage daily/weekly/monthly/quarterly operational activities required of the Information Security Governance program.
- Contribute to the development and maintenance of Information Security policies, standards, procedures, and guidelines.
- Conduct risk assessments to evaluate the effectiveness of existing controls and determine the impact of proposed changes to business processes, applications and systems.
- Provide recommendations to mitigate risks through the appropriate use of technical, procedural, and administrative controls in accordance with legal and regulatory compliance standards and established industry best practice.
- Participate in systems development projects to ensure that tasks assigned to the Information Security department are completed.
- Provide assistance to regulatory agencies, external auditors, internal auditors, and customers as required to respond to audits and examinations of the Bank’s control environment.
- Serve as the Records Retention Coordinator for the Information Security Department.
- Perform other duties of the Information Security department as assigned by management.
- Familiar with information security concepts, including provisioning, network security, application level security, disaster recovery and business continuity.
- Working knowledge of computer networking in a client/server environment, compliance monitoring tools, user provisioning, remote access and access reviews.
- Must be a motivated self-starter who can work independently or as part of a team.
- Good problem-solving and analytical skills.
- Creativity, ingenuity, leadership and teamwork skills.
- Must have good technical writing and documentation skills.
- Ability to communicate ideas effectively in a professional environment both verbally and in writing.
- Strong interpersonal skills.
- Must have strong organizational skills.
- Bachelor’s Degree in Computer Science, Management Information Systems or related field or comparable professional experience.
- 3-5 years Information Security or related experience preferably with a financial services firm.
1541 total views, 5 today