Information Security Operations Analyst

Summary:

Responsible for monitoring threats and assessing risk across the Bank while fostering collaboration between Information Security and Information Operations in order to help prioritize network and data security.

Qualifications:

Education: Bachelor's Degree in information systems or related field or equivalent combination of education and experience/training.

Licenses/Certifications: Valid Ohio's Driver's License.

Experience: A minimum of three years of combined experience in requirements development, operations analysis, testing controls or enterprise risk management.

Essential Functions:

Job Specific:

• Proactively monitors the environment to detect and implement steps to mitigate cyber-attacks before they occur.
• Provides technical expertise regarding security-related concepts to operational teams within the Information Technology Department and the business.
• Reviews, investigates, and responds to real-time alerts within the environment.
• Reviews real-time and historical reports for security and/or compliance violations.
• Monitors online security-related resources for new and emerging cyber threats.
• Assesses new security technologies to determine potential value for the enterprise.
• Conducts vulnerability assessments of the bank's systems and networks.
• Manages systems owned by the Information Security Team.
• Identifies and addresses security weaknesses within the bank's systems and networks.
• Monitors and assesses the bank's security protocols, processes, and procedures to identify threats and vulnerabilities.
• Communicates and documents security processes like vulnerability scanning and activity monitoring.
• Works with cross-functional teams, collaborating with IT security and operations teams to identify and prevent security threats.

Knowledge/Skills/Abilities:

• Excellent verbal and written communications at both business and deep technical levels.
• Advanced knowledge of multiple end-to-end systems development life cycles.
• Strong understanding of and experience with process improvement and process mapping.
• Identifying and testing controls.
• Strong understanding of ISO, NIST, FFIEC and other control frameworks.
• Strong understanding and experience of enterprise risk management.
• Excellent interpersonal skills.
• Strong knowledge of the business area that is being supported.
• Self-directed and motivated.
• The ability to manage multiple tasks.
• Excellent problem-solving skills.
• Technical writing.
• Ability to read and comprehend instructions, correspondence, technical manuals and memos.
• Ability to respond to common inquiries or complaints from employees, vendors and management.
• Ability to effectively present information to individuals one-on-one or a small group setting.
• Ability to articulate technical concepts to end-users.
• Good skills and knowledge of facilitation, situational awareness, conflict resolution, continual improvement, and empowerment.

Sutton Bank is an Equal Employment Opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, age, national origin, sexual orientation, gender identity, pregnancy, disability or protected veteran status.