Reporting to the FVP of IT Security and Compliance, supporting daily IT Security operations includes performing technical tasks on systems owned and managed by the team. The IT Security Analyst will support and maintain the Bank’s information technologysecurity environment as well as work with vendors and internal staff to identify and troubleshoot security issues. The analyst will provide first & second level security monitoring and analysis and address information security alerts and events.
Monitor server logs, firewall logs, intrusion detection logs, and network traffic for anomalous and suspicious activity.
Interpret activity and make recommendations for resolution and/or prevention.
Make recommendations to improve the security posture of the organization through the implementation of new technology or through modification of existing configurations.
Manage and maintain security systems and their corresponding or associated software, including intrusion detection systems, Network Access Control, Antivirus, Web Application Firewall, and SIEM.
Keep current with emerging security issues, trends, and tools.
Assist with Security Awareness activities including employee awareness training and internal phishing campaigns,
Assist with vulnerability management program including internal and external penetration tests, vulnerability scanning, and vulnerability remediation efforts.
Assist with gathering IT security metrics to measure the effectiveness of the security program.
May be required to perform additional duties as needed.
Supervisory Responsibilities: This position supervises a team of IT compliance analysts and is responsible for recommending hire/fire/salary actions; conducts performance reviews and performs training and coaching to employees.
Knowledge and Skills:
Strong troubleshooting and analytical skills.
Excellent written and verbal communication skills.
Knowledge of network protocols, traffic log analysis, and networksecurityarchitecture.
In depth knowledge and experience of managing next generation firewalls, IDS/IPS, content filtering solutions, and Network Access Control.
Checkpoint Next Generation Firewall (Gaia OS) experiencepreferred.
Ability to audit firewall rules and make recommendations in accordance with best practices.
Skilled in configuring, deploying, and monitoring corporate security tools.
Familiarity with Incident Response processes and procedures.
Knowledge of vulnerability management lifecycle.
Ability to efficiently prioritize and manage multiple duties, tasks, and projects with supervision.
Ability to use discretion when handling confidential information.
Good understanding of internal IT controls and work processes.
Knowledge of financial institution regulatory requirements, including FFIEC.
Good understanding of, and ability to adapt to the rapid pace of the financial services industry sector.
A broad understanding of information technologies processes and compliance requirements.
Working knowledge of project life cycle, risk assessments, and the development of policies and procedures.
Education and/or Experience: 4-6 Years of experience in the Information Technology field, with a strong focus in performing IT Security related activities. Bachelor’s degree in Computer Information Systems with an emphasis on security. Relevant and proven experience will be considered in place of a bachelor’s degree. CISSP and / or other IT Security certifications strongly preferred.