Job DescriptionThe Information Security Analyst II is responsible for safeguarding the bank's sensitive data, systems, and customer information from cyber threats. The Information Security Analyst II will monitor and respond to security incidents, perform risk assessments, support audits and the implementation and management of security policies and controls to ensure compliance with industry regulations. This position requires a proactive problem-solver with solid technical skills and an understanding of cybersecurity best practices in a banking environment.
Word
Duties and Responsibilities include the following.
- Security Monitoring & Incident Response: Investigate security incidents, document findings, and assist in developing incident response plans to minimize impact and prevent recurrence.
- Risk Assessments: Conduct periodic risk assessments and recommend mitigation strategies to ensure that the bank's information systems are protected against evolving cyber threats.
- Policy & Compliance: Assist in the development and enforcement of security policies, procedures, and controls to meet industry best practices and regulatory requirements (e.g., PCI DSS, GLBA, SOX, FFIEC).
- Threat Intelligence: Stay updated on emerging threats, vulnerabilities, and security trends. Collaborate with other departments to proactively enhance the bank's security posture and strategies.
- Audits: Conduct periodic audits of security controls and assist with internal and external audit request as needed. Coordinate vulnerability remediation efforts and track progress.
- Reporting & Documentation: Document security incidents, assessments, and activities. Assist in the creation of regular reports for management on the status of the bank's security posture.
- Security Awareness & Training: Support and participate in security awareness training programs for bank employees to promote safe computing practices and a culture of security awareness.
- Collaboration: Work closely with IT, compliance, and other departments to resolve security issues, implement security controls, and ensure that security measures are embedded into all areas of the bank's operations.
Supervisory Responsibilities This job has no supervisory responsibilities.
Qualifications To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
Preferred Qualifications - Technical proficiency in security-related hardware and software; ability to function as a consultant to other IT groups on security matters.
- Knowledge of security controls for servers, workstations, network routers, and firewalls.
- Knowledge of security and internal control frameworks such as: ISO 27001, NIST 800-53, COBIT and COSO.
- Experience with implementation and management of compliance requirements such as PCI and SOX.
- Understanding and familiarity with audit requirements and process.
Education and/or Experience Bachelor's degree (B. A.) from four-year college or university, preferably in Cybersecurity, Information Technology, Computer Science, or a related field.
- Experience: 3-5 years of experience in information security or related IT role, preferably in a financial services or banking environment
- Certifications (Preferred): CISSP, CISM, CISA, CEH, CompTIA Security+, GSEC, or similar certifications.
Physical Demands While performing the duties of this job, the employee is frequently required to stand; walk; sit; use hands to finger, handle, or feel and talk or hear. The employee is occasionally required to reach with hands and arms; climb or balance and stoop, kneel, crouch, or crawl. The employee must regularly lift and /or move up to 10 pounds, frequently lift and/or move up to 25 pounds and occasionally lift and/or move up to 50 pounds. Specific vision abilities required by this job include close vision and ability to adjust focus.
Work Environment The noise level in the work environment is usually moderate.
This job description reflects management's assignment of essential functions. It does not prescribe or restrict the tasks that may be assigned. Origin Bank shall, in its discretion, modify or adjust the position to meet the Bank's changing needs. This job description is not a contract and may be adjusted as deemed appropriate in the Bank's sole discretion.
Word
