Cybersecurity Analyst

About the position

This position is responsible for assisting in the development, and dissemination of Information Security policies, monitoring compliance with and reviewing the effectiveness of Information Security policies and procedures, evaluating and assisting with changes in Bank-wide Information Security practices, providing training pertaining to Information Security.

Responsibilities

• Run scheduled vulnerability assessment against the network.
• Run scheduled vulnerability assessment against the first-online.bank website.
• Run monthly social engineering tests on employee subgroups.
• Perform monthly review of user access privileges and compliance with security policies and procedures.
• Manage cyber threat intelligence consolidation. Create weekly threat report.
• Assist with applying cyber threat intelligence to relevant local systems.
• Daily review of network systems logs files. Create weekly report of alerts.
• Manage and coordinate third-party provider patch/update/upgrade schedule and compliance.
• Review encryption reports and assist users with file transfer options.
• Assist with employee and customer Cybersecurity information sharing and training.
• Assist with analyzing and reporting Incident Response Team activations.
• Assist with Security Incident and Event Monitoring (SIEM) monitoring.
• Assist with vulnerability detection monitoring.
• Assist with completing the NIST-CSF Framework certification.
• Create additional customer training materials for the First-Online website. Including an online self-assessment tool for customers to use for Cybersecurity compliance.
• Assist with tactical implementation of Information Security strategic plan initiatives.
• Manage and coordinate handling and reporting of suspicious inbound email messages.
• Configure and manage log and event management dashboards, activity, alerting, and general reporting.

Requirements

• Bachelor's Degree preferred in Information Security, Information Technology, Computer Science, Information Management Systems, or related field required. Associate degree at a minimum.
• 1 years' experience in combination or risk management, information security, or IT. Must possess some computer networking experience.
• Appropriate cybersecurity certifications are preferred. May substitute an equivalent combination of education, and experience.
• Working level knowledge of Internet Protocols, communication protocols, data, and network security.
• Knowledge of compliance and regulatory frameworks such as NIST-CSF, PCI-DSS, and SOC.
• Risk management knowledge with proven ability to effectively apply risk principles to challenging business situations.
• Excellent presentation and communication skills.
• Excellent influencing and problem resolution skills.

Benefits

• A good working environment with little exposure to noise, extreme temperatures, or other adverse factors.
• Limited physical effort required.
• Regular talking and hearing, frequent sitting.
• Reading and analyzing large volumes of reports, log data and other literature.
• Responding to emergencies and incidents at all hours.
• Above average amount of pressure to work efficiently and accurately.
• Considerable effort and eye strain from continued checking on the accuracy of all work.
• Average amount of pressure to work efficiently and accurately. Average mental effort consists of beyond normal levels of concentration, memory, complexity of decision making, time pressure, analytical thinking.
• Ability to travel for required meetings.