Information Security Analyst II

Origin Bank is seeking an experienced Information Security Analyst II to join our Information Security team. This role is critical in safeguarding the bank’s sensitive data, systems, and customer information from cyber threats through contributions around improving security operations, security controls, response plans, and security awareness. The Information Security Analyst II will monitor and respond to security incidents, perform risk assessments, support audits and the implementation and management of security policies and controls to ensure compliance with industry regulations. This position requires a proactive problem-solver with solid technical skills and an understanding of cybersecurity best practices in a banking environment.

Duties and Responsibilities include the following:

• Security Monitoring & Incident Response: Investigate security incidents, document findings, and assist in developing incident response plans to minimize impact and prevent recurrence.
• Risk Assessments: Conduct periodic risk assessments and recommend mitigation strategies to ensure that the bank's information systems are protected against evolving cyber threats.
• Policy & Compliance: Assist in the development and enforcement of security policies, procedures, and controls to meet industry best practices and regulatory requirements (e.g., PCI DSS, GLBA, SOX, FFIEC).
• Threat Intelligence: Stay updated on emerging threats, vulnerabilities, and security trends. Collaborate with other departments to proactively enhance the bank’s security posture and strategies.

• Audits: Conduct periodic audits of security controls and assist with internal and external audit request as needed. Coordinate vulnerability remediation efforts and track progress.

• Reporting & Documentation: Document security incidents, assessments, and activities. Assist in the creation of regular reports for management on the status of the bank's security posture.
• Security Awareness & Training: Support and participate in security awareness training programs for bank employees to promote safe computing practices and a culture of security awareness.
• Collaboration: Work closely with IT, compliance, and other departments to resolve security issues, implement security controls, and ensure that security measures are embedded into all areas of the bank's operations.

Supervisory Responsibilities: This job has no supervisory responsibilities.

Qualifications: to perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

Education and/or Experience

• Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field.
• Experience: 3-5 years of experience in information security or related IT role, preferably in a financial services or banking environment
• Certifications (Preferred): CISSP, CISM, CISA, CEH, CompTIA Security+, GSEC, or similar certifications.
• Technical proficiency in security-related hardware and software; ability to function as a consultant to other IT groups on security matters.
• Knowledge of security controls for servers, workstations, network routers, and firewalls.
• Knowledge of security and internal control frameworks such as: ISO 27001, NIST 800-53, COBIT and COSO.
• Experience with implementation and management of compliance requirements such as PCI and SOX.
• Understanding and familiarity with audit requirements and process.

Soft Skills:

Strong analytical and problem-solving skills with a keen attention to detail.

Excellent communication skills, with the ability to explain security issues to stakeholders.

Ability to work both independently and as part of a collaborative team in a fast-paced environment.

Origin Bank is an equal opportunity employer and we do not discriminate in hiring or employment on the basis of race, color, sex, age, marital or veteran status, non-job related disability, religion, national origin, genetic information or any other basis protected by law.

Remote positions are intended to be filled in states within our footprint, which includes: Alabama, Florida, Louisiana, Mississippi, and Texas.  Any exception to this policy requires further regulatory review and approval by management.