POSITION SUMMARY:
The Information Security Analyst III is responsible for developing, implementing, and monitoring security measures to protect sensitive data and ensure compliance with industry regulations. This includes daily operational monitoring of security events and vulnerabilities, as well as risk management activities and security audits. This person will join a team of information security personnel responsible for protecting the confidentiality, integrity and availability of company assets. This opportunity is highly engaging and will make meaningful impacts that strengthen the overall security of the organization.
ESSENTIAL FUNCTIONS:
Area #1 (100%)
- Continuously monitor security events across the enterprise and analyze them to detect malicious or anomalous patterns.
- Work closely with IS and IT teams to investigate, identify, and resolve security events.
- Continuously improve security monitoring and reporting processes to enhance the organization's ability to detect and respond to threats.
- Collaborate with IS team members on security events and vulnerability management to ensure continuous monitoring and response to emerging threats.
- Conduct regular user access reviews and assist in the user access lifecycle process to ensure appropriate access and controls are in place.
- Work with application owners to review and update access controls for critical systems and applications.
- Perform risk assessments of third-party vendors and partners to evaluate their security posture.
- Monitor and report on compliance with security policies and regulations.
- Support the development and maintenance of security documentation and procedures.
- Perform related duties, as required, for the training and development purposes.
- Assist the information security team with ad-hoc tasks such as incident response and log analysis
OTHER RESPONSIBILITIES:
- Successfully complete all mandatory training on related Bank and BSA compliance as well as other laws and regulations as assigned in a timely manner.
- Perform all assigned duties under Bank’s compliance programs and related laws & regulations.
- Perform other duties as assigned.
Education, Experience and Skills Required:
- Hold at least one of the following certifications : CISSP, CEH, CCSK, CCSP, CISA, CIS
- Have a Bachelor’s degree of science in computer science/engineering/mathematic
- Have at least 3 years of technical experience in information security or information technology
- Have at least 5+ years of experience working with security technology including Vulnerability scanner, DLP, SSO, SIEM, Web gateway, PKI, etc.
- Solid understanding of security principles such least privileged access, 3-tier architecture, network security, etc.
- Excellent written skills to be able to document technical specs and system design
COMMUNICATION DEMANDS:
- Attention to detail, strong organizational, communication, interpersonal, self-motivated, and analytical skills, ability to interact with all levels of management and staff.
WORK ENVIRONMENT:
- Standard office environment. Noise level in work environment is usually average. Hear in the normal audio range with or without correction. Specific vision abilities required by this job include close vision and the ability to adjust focus
Compensation
The base pay range for this position is USD $85,000.00/Yr. - USD $115,000.00/Yr plus full benefits. Exact offer will be determined based on job-related knowledge, skills, experience, and location.