Cybersecurity Analyst

HERITAGE BANK

$80K — $110K *
US-AnywhereRemote in South Dakota, US
Finance & Insurance
5 - 7 years of experience
Job Overview by Ladders

Qualifications

  • Bachelor's degree in IT, Computer Science, Cybersecurity, or equivalent experience
  • 5+ years in network engineering, IT infrastructure, or cybersecurity operations, ideally in financial services
  • Strong knowledge of routing and switching technologies
  • Experience with enterprise firewalls and security solutions
  • Familiarity with cloud networking concepts (Azure/AWS)

Responsibilities

  • Monitor SIEM systems for anomalies and policy violations
  • Define detection rules and manage security controls for EDR and email
  • Lead the vulnerability management program and track remediation
  • Perform threat intelligence analysis to inform defense actions
  • Develop the bank's AI security framework and assess AI-related risks
  • Conduct cybersecurity due diligence on third-party vendors
  • Maintain accurate security documentation and produce metrics for leadership

Benefits

  • Comprehensive benefits package including paid time off and holidays
  • Medical, dental, and vision insurance coverage
  • 401(k) and ESOP retirement plans
  • Paid time off for volunteering and community service
  • Opportunities for career development and growth at the organization
Full Job Description
Job Type

Full-time

Description

Position Summary

The Cybersecurity Analyst is responsible for protecting the bank's information assets, systems, and data through proactive threat analysis, security operations, and compliance with applicable regulatory and industry frameworks. This role serves as a key contributor to Heritage Bank's information security program, with ownership of information security management alignment, AI security governance, and continuous monitoring. Working closely with the VP of Information Technology and in close partnership with the Network Security Engineer, this position ensures the confidentiality, integrity, and availability of bank systems while fostering a culture of security awareness across the organization.

Core Responsibilities

Security Operations & Threat Management
  • Monitor SIEM systems and alert on anomalies, threats, and policy violations
  • Define detection rules and policies for IDS/IPS; own EDR and email security controls
  • Own the vulnerability management program: coordinate assessments, assign risk ratings, and track remediation with the Network Security Engineer
  • Perform threat intelligence analysis and translate findings into defensive action
  • Lead security analysis and forensic response during incidents; coordinate network-level containment with the Network Security Engineer
  • Define patching strategy and standards; partner with the Network Security Engineer on execution


Information Security Management & Regulatory Compliance
  • Own alignment to information security management standards and best practices
  • Maintain the ISMS including risk register, statement of applicability, and control documentation
  • Coordinate internal audits and gap analyses against applicable cybersecurity frameworks and FFIEC guidance
  • Support regulatory examinations; prepare and present security posture documentation
  • Develop and maintain security policies, standards, and procedures
  • Govern access control policies and conduct privilege access reviews with the Network Security Engineer


AI Security & Emerging Technology Risk
  • Develop and maintain the bank's AI security framework, governing the secure adoption and use of AI/ML tools and platforms
  • Assess risks associated with generative AI, third-party AI integrations, and internal AI-assisted workflows
  • Define controls for AI model governance including data privacy, bias risk, adversarial inputs, and output integrity
  • Evaluate AI vendor security practices and ensure appropriate contractual and technical safeguards are in place
  • Monitor the evolving AI threat landscape and provide guidance on emerging risks to leadership
  • Partner with business units to establish acceptable use policies for AI tools in alignment with bank risk appetite


Security Awareness & Training
  • Design and deliver ongoing security awareness training for all bank staff, including phishing simulations
  • Serve as a subject matter expert for staff on cybersecurity best practices and emerging threats
  • Promote a security-first culture in alignment with Heritage Bank's values


Third-Party & Vendor Risk
  • Conduct cybersecurity due diligence on third-party vendors and technology providers
  • Review vendor security assessments (SOC 2, penetration tests, questionnaires) and escalate gaps
  • Provide cybersecurity risk assessments to inform vendor onboarding decisions; collaborate with procurement and the Network Security Engineer on ongoing third-party risk monitoring


Documentation & Reporting
  • Maintain accurate security documentation including risk registers, incident logs, and audit evidence
  • Produce regular cybersecurity metrics and reporting for IT leadership and senior management
  • Define security requirements for disaster recovery and business continuity plans; support testing and validation in partnership with the Network Security Engineer


Compensation & Benefits

Get ready to be rewarded! Full-time team members enjoy a comprehensive benefits package including paid time off, paid holidays, and even paid volunteer days. Your health is covered with medical, dental, and vision insurance, plus plan for your future with our 401(k) and ESOP retirement plans. Enjoy additional benefits and incentives consistent with our company policy. Join us and discover how rewarding your career can be!

Disclaimer

This job description outlines the general nature of the role and is not intended to be all-inclusive. Duties, responsibilities, and benefits may change as business needs evolve. Employment is at will, meaning either the employee or the Company may end the employment relationship at any time, consistent with applicable law.

Requirements

Education & Experience
  • Bachelor's degree in Information Technology, Computer Science, Cybersecurity or related field (or equivalent experience)
  • 5+ years of experience in: network engineering, IT infrastructure or cybersecurity operations. Preferably in financial services or a regulated industry.

Technical Skills
  • Strong knowledge of routing and switching (Cisco, Aruba, or similar)
  • Experience with firewalls (e.g., Fortinet, Palo Alto, Cisco ASA)
  • Familiarity with VPNs, VLANs, QoS, and network segmentation
  • Understanding of cloud networking (Azure/AWS)
  • Knowledge of cybersecurity principles and frameworks

Key Competencies
  • Strong problem-solving and analytical skills
  • Ability to work independently and manage multiple priorities
  • Excellent communication skills for both technical and non-technical stakeholders
  • High attention to detail and commitment to security and compliance
  • Proactive mindset with a focus on continuous improvement

Work Environment & Expectations
  • On-call availability for critical incidents and maintenance windows
  • Occasional travel to branch locations
  • Ability to work in a fast-paced, highly regulated environment

Similar Jobs

More Jobs at HERITAGE BANK

More Finance & Insurance Jobs

Find similar Cybersecurity Analyst jobs: