The analyst plays a key role in supporting information security in assisting in providing security oversight which includes monitoring intrusion attempts, malware activity, and other abnormal behavior by correlating security logs thus validating critical systems are operational and secure. In addition, the analyst will analyze vulnerabilities for provisioning new equipment and systems as well as periodic assessments. Oversight activities will be categorized and mapped to FFIEC regulations; NIST standards and SANS critical security controls.
This role will assist in contributing to overall business aligned projects that deal with the integrity, confidentiality and availability of information. The analyst will work closely with information technology, and may interact with risk management, fraud, compliance, electronic banking and customer support services.
This role will be responsible for assisting in monitoring, evaluating, and recommending actions related to systems and procedures that reduce overall company risk, impact and exposure. The position also involves providing support to functional areas and information technology with project support related to information security initiatives.
Skills/Requirements
Assists in researching attempted efforts to compromise security protocols and mechanisms through proactive log or alert review and incident management.
Assists with vulnerability management efforts of the information security team.
Participates in the development, implementation, and monitoring of access control, data confidentiality, system integrity methods and procedures.
Participates in network security monitoring (daily), penetration testing (annually) and data classification (future, monthly).
Assists in incident response situations which may require after hour remediation efforts.
Participates in the review, revision, and mapping of security policies and procedures to NIST standards adhering to SANS best practices.
Provides audit, assessment and exam assistance.
Maintains broad knowledge of best practices and trends in the field of Information Security.
Prepares and maintains excellent documentation as needed.
Performs other duties as assigned.
Qualifications:
Strong written, verbal communication and interpersonal skills
Must be self-motivated and have effective project management and organizational skills
Sound business discretion, good judgement, and excellent analytical and problem solving skills.
Ability to think creatively and with innovation.
Ability to multi-task and adapt to shifting priorities, demands, and tight timelines
Ability to work in a team environment.
Education and/or Experience:
High School Diploma
1-3 years of related information security experience
Bachelor’s of Science strongly preferred
Computer and Software Skills:
Intermediate or advanced experience in Excel and Word
Working knowledge of SANS Critical Security Controls and NIST Standards
TCP/IP networking and OSI Model working knowledge a plus
Understanding and experience of prevalent security systems, e.g firewalls, intrusion prevention systems, endpoint security, vulnerability scanners, web application firewalls, malware protection systems
