Information & Physical Security Representative/Specialist

Description

Job Reporting Relationships

     Supervised by: Physical and Information Security Officer 

     Supervises: None

Basic Qualifications - Representative

Education/Training: Associate’s or bachelor’s degree in information technology, Cybersecurity, Computer Science, or a related field normally required. Relevant coursework in network fundamentals, security principles, and/or risk management preferred. 

Skill(s): Clearly communicates in English; moderate reading, writing, grammar, and mathematics skills; working knowledge of current banking regulations; moderate interpersonal relations and communicative skills; proficient PC and technology skills; moderate knowledge of complex networks, user security, and active directory administration; demonstrated analytical skills as well as visual, and auditory skills; Familiarity with access control, endpoint protection, and basic security tools; valid driver’s license.

Experience: A minimum of one (1) year of related experience normally required with Information and/or Physical Security experience preferred.

Basic Qualifications - Specialist

Education/Training: Bachelor’s degree in Cybersecurity, Information Assurance, Computer Science, or a related technical field normally required. Advanced coursework in cryptography, ethical hacking, and security architecture as well as CompTIA Security+, Certified Ethical Hacker (CEH), or similar subject matter coursework and/or certifications preferred. 

Skill(s): In addition to the skills listed above: advanced knowledge of complex networks, user security, and active directory administration; moderate knowledge of access control, endpoint protection, and security tools; proficiency in SIEM tools, firewalls, IDS/IPS, and vulnerability management platforms as well as risk assessments, audits, business continuity planning, business impact analysis performance, and policy development.

Experience: A minimum of two (2) years of progressive experience in information security, cybersecurity operations, or IT risk management minimally required. 

General Responsibilities

Supports the Bank’s Physical and Information Security Program by actively participating in the review, identification, implementation, mitigation and maintenance of security technologies, policies, and procedures including the Bank’s digital and physical environments. Ensures compliance with internal operating standards and external regulatory requirements. Contributes to the development, testing, and ongoing management of the Bank’s Business Continuity Plan (BCP) and Business Impact Analysis (BIA). Collaborates with management and staff to enhance the Bank’s security posture through regular communication, reporting, and training.

Essential Duties – Representative and Specialist

1.  Participates in reviewing security polices, procedures, and programs. Provide operational support, maintain documentation, recommend changes, and implement as directed.
2. Ensures effective operation and maintenance of security equipment including the testing of security and emergency equipment. Performs duties related to Emergency Notification System.
3. Assists in managing physical access at all location including the assignment of keys/fobs and conducting inspections for compliance and security risks. Assists in investigations (physical/information security and fraud) including interviews with witnesses and draft documentation working with appropriate departments, as needed.
4. Monitors, maintains and configures secure email gateway solutions to filter spam, phishing, and malware looking for email traffic containing anomalies and ensure compliance with email security policies. Responds to phishing emails by analyzing headers, links, and attachments blocking malicious senders. 
5. With direction, completes projects and work with vendors in support of security infrastructure.
6. Collaborates with IT and business units to ensure secure system architecture and software. 
7. Participates in required training, making recommendations and assisting in employee training/retraining.
8. Abides by the current laws and organizational policies and procedures designed and implemented to promote an environment which is free of harassment and other forms of illegal discriminatory behavior in the workplace.
9. Cooperates with, participates in, and supports the adherence to all internal policies, procedures, and practices in support of risk management and overall safety and soundness and the Bank's compliance with all regulatory requirements; works to ensure that assigned personnel adhere to the same.
10. Assists in preparation of annual security reports to the Board of Directors and periodic reports to the Physical and Information Security Officer and other groups as required throughout the Bank.
11. Reports pertinent information to the immediate supervisor as requested, or according to an established schedule; compiles information as necessary or as directed and provides data to appropriate Bank personnel in order to integrate goals and activities.
12. Responds to inquiries relating to his/her particular area, or to requests from other Bank personnel, within given time frames and within established policy.

Additional Responsibilities – Specialist

1. Assists with technical testing and monitor networks for security concerns with review of access control reports for compliance.
2. Monitors security alerts and assist in analyzing/responding to threats. Works with IT and vendors to identify and remediate vulnerabilities.
3. Reviews and maintains tools like firewalls, SIEM, IDS/IPS, endpoint protection, and DLP systems. Ensures adherence to encryption, password, and data loss prevention protocols.
4. Recommends staff adherence concerning security policies, procedures, and standards aligned with FFIEC, GLBA, PCI-DSS, etc. 
5. Participates in risk assessments and supports audits/exams. Participates in and assesses vulnerabilities and penetration testing efforts. 
6. Provide security awareness training to employees and stakeholders, as directed. 

Ancillary Duties

1. Performs tasks which are supportive in nature to the essential functions of the job, but which may be altered or re-designed depending upon individual circumstances.

Job Location

Support Center

1055 Texas Palmyra Highway

Honesdale, PA 18431

Various outside locations

Equipment/Machines

1. Automobile with bank defined minimum insurance
2. Telephone
3. Cellular telephone that supports mobile application management solution. 
4. PC/Computer keyboard
5. Multi-Function Device
6. Security equipment

Salary Range: NE04