Information Security Analyst - Cyber Risk

Overview

Assist in Cyber Risk analysis duties to protect employees, clients and operations from various cybersecurity threats. Contribute to overall Information Security team activities and functions.

Responsibilities

• Assist in the performance of information security assessments on current and future technologies and vendors to ensure compliance. This includes operating systems, applications, databases, network devices, vendors and third parties.
• Assist with the evaluation of third-party risk, and contribution to vendor assessments.
• Contribute to team efforts to develop, refine and execute our responses to various incidents including, but not limited to, malware infections, data breaches, website defacements, and client account takeovers. Also, assist in performing tabletop tests with various departments to enhance and maintain the Incident Response Program.
• Perform bank-wide system user access reviews.
• Work with the business units to coordinate business impact analysis, business continuity assessments, and disaster recovery planning.
• Perform tier 1 support, event response and general administration of cyber risk focused tools as well as maintain general proficiency with broader information security technologies.
• Contribute to the vulnerability management program including identifying, prioritizing and tracking vulnerabilities to remediation. Includes working closely with the Information Technology team to ensure patches are applied timely and completely.
• Assist and provide oversight to third-party penetration tests evaluating physical and logical controls and social engineering. Also, assist with conducting penetration tests on new technologies and processes if requested.
• Help optimize security technologies and processes for greater efficiency and protection.
• Respond to threats leveraging existing solutions such as Endpoint Detection and Response (“EDR”), Security Information Event Management (“SIEM”), next generation firewalls, and email gateways.
• Analyze security logs, alerts, and other data to detect and investigate potential security threats or incidents.
• Collaborate with various stakeholders to develop and implement security policies, procedures, and incident response plans.

Qualifications

• Bachelor’s degree in a relevant field or minimum 2 years of related experience.
• Preferred certifications in Cyber Security, CC or Security+.
• Understanding of regulated business environments.
• MS Office proficiency required (Word/PowerPoint/Excel/Outlook).
• Familiar with security core fundamentals and best practices.
• Must have excellent communication and written skills to be able to present to the business.
• Excellent analytical and problem-solving skills.

WORKING CONDITIONS:

The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Regular attendance and punctuality are essential functions of every job. Reasonable accommodations may be made to enable qualified individuals with disabilities to perform essential functions.

Perform routine and typical tasks of an office such as typing, taking notes, reading/reviewing, computer work, filing, copying, answering phones, etc. that may require employee to view, stand, stoop, kneel, or crouch and lift.

The successful candidate will be required to prove on the first day of work that they are legally authorized to work in the U.S. The Bank will not sponsor a candidate for a visa or for work authorization.