Information Security Analyst

At Axiom Bank, we encourage you to aim for the sky and leverage your expertise and passion to excel. We are a growing, dynamic organization – this is an exciting time to get on board!

We believe in the value of promoting a healthy work/life balance and are committed to recognizing the role everyone plays in our ongoing success. We offer the following benefits to our Full Time Employees:

• 12 Paid Holidays
• Generous Paid Time Off
• 4% Match on our 401(k)
• Medical, Dental and Vision Benefits
• 100% Company Paid Life, AD&D Insurance, Short and Long Term Disability

Key Responsibilities and Accountabilities

The Information Security Analyst works directly with the Information Security Officer (ISO) as a member of the Bank information security team. This position collaborates with Risk Management, Information Technology, Third-Party Risk Management, Enterprise Risk Management, Bank Compliance, Audit, HR, and Bank Operations personnel to maintain the Bank information security program and report on information security program compliance.

The Information Security Analyst’s Key Accountabilities include, but are not limited to the following:

• The Information Security Analyst’s key responsibilities and accountabilities include, but are not limited to the following:

• In support of ISO, respond to and work with internal and external auditors and regulators to maintain the information security program
• Perform assigned technical and administrative information security activities, such as
  • Manage user access review process
  • Perform vulnerability scans and configuration reviews
  • Monitor, analyze, and respond to suspicious information security events
  • Assist with tracking remediation of testing and assessment findings
  • Perform information security application administration functions for assigned technologies
• Support the ISO in the maintenance and implementation of information security documentation
• Participate in information security and third-party risk management activities
• Participate in information security program assessments and audits
• Participate in business continuity, disaster recovery, and incident response exercises
• Analyze and prepare response plans to internal and external assessments and audit tests conducted by internal teams and independent third parties
• Provide recommendations for information security improvements to the ISO
• Stay current with information security trends and industry research
• Other duties as assigned

Supervision of Personnel

• None

Working Conditions

• The responsibilities of this position are typically performed in a regular office work environment. Activities will require bending, reaching, analyzing information, spending considerable time in front of a computer screen, and may require lifting up to 50 lbs. The incumbent will be expected to be able to work Monday through Friday and work will mainly be performed at the Maitland location; occasional evening and weekend work will be required. Flexibility with work location and hours may be granted if circumstances permit.

Travel

• Up to 10 percent

Qualifications Summary

Education

• Bachelor’s degree in information systems, cybersecurity, or similar preferred
• Certified Information System Security Professional (CISSP) or significant progress towards this or a similar recognized professional certification (e.g., GIAC Security Essentials, CompTIA Security+, CISA)

Experience

• 3-7 years’ hands-on experience with information security governance, risk management or operations
• Deep knowledge of industry recognized information security standards (e.g., NIST CSF, ISO 27001, NIST 800-53, FFIEC, PCI)
• Experience working with external regulators and auditors in a heavily regulated industry preferred
• Experience working with one or more automated GRC platforms a plus.

Knowledge & Skills:

• Knowledge of applicable banking compliance regulations (e.g., FFIEC, OCC, GLBA)
• Strong Interpersonal skills and customer service are crucial
• Skilled in assessing technical system controls including access rules, authentication, encryption, data protection, configurations, and similar
• Knowledge of system security vulnerabilities and remediation techniques, including penetration testing and the development of exploits
• Knowledge of operating systems (Microsoft Windows) and networking (TCP) security
• Expert in the use of Microsoft Office
• Ability to work with managed security service providers, vendors, and partners in the delivery of information security services
• Ability to gather, review, and analyze forensic evidence during investigations preferred         
• Able to meet deadlines and resolve problems in a timely manner
• Must remain well versed in security trends and threats in the banking industry
• Organized, detailed oriented professional committed to accuracy and quality

Other Duties - Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities and activities may change at any time with or without notice.

The salary range for this position is $90,000-$125,000 and is commensurate with experience. 

(Reasonable accommodations may be made to enable individuals with disabilities to perform these tasks. If you need an accommodation, please contact us at hr@axiombanking.com)

Axiom Bank does not discriminate in employment opportunities or practices on the basis of any protected status. It is the policy of Axiom Bank to conduct background, credit reference and drug screening tests as a condition of employment. Drug Free Workplace. EOE/AA/Minority, Female, Disabled, Veteran

Axiom Bank is not seeking assistance or accepting unsolicited resumes from search firms for employment or contractor opportunities. Any resumes submitted without a valid contract will be considered the sole property of Axiom Bank and no fee will be paid.