Internal Security Analyst Expert

The successful candidate will work for Cybersecurity's Internal Security program in a critical role designed to help protect and defend against the loss of Huntington’s most critical data and the misuse and/or abuse of Huntington’s Corporate systems and information. In this position of high trust, the Internal Security Analyst Expert will serve in a consultative type role related to protection of intellectual property and the security of Huntington’s most critical assets in accordance to established policies and standards. The analyst will become a subject matter expert and play an important role in testing and evaluating new processes designed to help improve visibility into potential gaps in the current operating environment as required from Insider Risk, Internal Fraud and Data Protection perspectives. 

Responsibilities:  

• Under general direction, independently administer assigned data protection systems/services, in accordance with appropriate policies, SLAs, and directions from leadership; execute and design BAU Data Protection processes including but not limited to Internal Security Consultations, Quality Control, Exception Management, Internal Security Strategy and Governance, Risk and Audit coordination, and supporting other Internal Security pillars as appropriate.  
• Investigate/Monitor output of Internal Security technology to ensure effective operation and respond to events following standard operating procedure; provide independent analysis/Root Cause Analysis (RCA). 
• Design, generate and publish data protection metrics, provide independent analysis of trends and root cause analysis (RCA). 
• Develop workflow for incident and alert generation for protected data policy infringement. 
• Design and maintain internal Data Classification and Data Protection Standards.
• Design and maintain standard operating procedures, run books and topology / data flow drawing for aligned Internal Security solutions. 
• Support the evaluation, selection, and implementation of data protection technologies. 

Basic Qualifications: 

• Bachelor’s degree 
• 7 Years IT experience required (Military Service may qualify) 

Preferred Qualifications: 

• 3 years team lead or technology subject matter expert lead. 
• MS Office (Word, Excel, PowerPoint) 
• Demonstrated history in analyzing security artifacts and business impact to properly design process improvement opportunities/strategies and advise colleagues/customers through critical situations.  
• Excellent communication skills (writing reports for management/senior management, presenting to small groups/forums, etc.) 
• Multi-tasking effectively in fast pace environment 
• Advanced analytical problem solving 
• Intermediate programming skills (read/interpret scripts, write basic scripts) with the following languages: Python, PowerShell, Java, Java Script, SQL or equivalent  
• Direct hands-on experience within Cyber Security organizations designing, implementing, administering and supporting related technologies or services. Preference for Data Protection technologies. E.g. DLP, CASB, UAM, etc.  
• Experience with design, build, and implementation of detective and preventative controls to govern Generative AI and other emerging technologies.   
• Computer Science, MIS, IT Communication Systems/Networking or STEM discipline focus 
• CISSP; CEH; CompTIA Network+, A+, Server+ or equivalent; ITIL Fundamentals; Security +; Cisco’s CCNA, CCNP; Microsoft MCP (Microsoft Certified Professional), advanced Microsoft or Amazon Web Services (AWS) certifications 
• Cross team or system data collection, correlation and analysis 
• Leadership 
• Independently identify and document programmatic or technological issues 
• Independently make recommendations for process improvement 
• Expert and hands-on working knowledge of two or more of the following: 
• Networking Design and Operations (OCI Model, TCP/IP, Interconnecting Network Devices, SSH, SSL/TLS Encrypted Communications, X.509 Certificate Management, Kerberos, SMTP, HTTP/HTTPS 
• Data Privacy Fundamentals and Advanced Concepts (Working knowledge with Data Privacy Laws and Regulations specific to Financial Industries, Personal Information (PI) protection, Privacy Breach incident management, reporting/impact, investigation & analysis) 
• Cyber Security Advanced Concepts (Vulnerability Management, Network Security/Secure Transmission Management, Data Loss Prevention, Insider Risk, Identity Access Management, Threat Intelligence, Penetration testing, IT Risk Management) 
• IT Infrastructure Advanced Concepts (IT Infrastructure: Client/Server, Middleware services, 3 tiered architecture (Web/Middleware/Server & Databases), Databases, Cloud Services (IaaS, PaaS, SaaS) 

#Hybrid

#LI-SG1

Exempt Status: (Yes = not eligible for overtime pay) (No = eligible for overtime pay)

Workplace Type:

Our Approach to Office Workplace Type

Certain positions outside our branch network may be eligible for a flexible work arrangement. We’re combining the best of both worlds:  in-office and work from home. Our approach enables our teams to deepen connections, maintain a strong community, and do their best work. Remote roles will also have the opportunity to come together in our offices for moments that matter. Specific work arrangements will be provided by the hiring team.

Huntington is an equal opportunity and affirmative action employer and is committed to providing equal employment opportunities for all regardless of race, color, religion, sex, national origin, age, disability, sexual orientation, veteran status, gender identity and expression, genetic information, or any other basis protected by local, state, or federal law.

Tobacco-Free Hiring Practice: Visit Huntington's Career Web Site for more details.

Agency Statement: Huntington does not accept solicitation from Third Party Recruiters for any position