Information Security Analyst//W2 C2H

Information Security Analyst//W2 C2H

Posted 1 week ago by 1752652828

Apply
Negotiable
Outside
Remote
USA
Apply
Access Rules Authentications Banking Business Continuity Business Continuity And Disaster Recovery Certified Information Systems Security Professional (CISSP) Cyber Incident Response Cyber Security Data Encryption Data Protection Strategy Device Tracking Software Disaster Recovery Encryption Enterprise Risk Management (ERM) External Auditing Governance Risk Management And Compliance Gramm-Leach-Bliley Act Information Systems Information Technology Management Market Trend Microsoft 365 Microsoft Office Microsoft Windows NIST 800-53 Operating Systems Penetration Testing Risk Management TCP/IP Transmission Control Protocol (TCP) Vulnerability

Summary: The Information Security Analyst will work closely with the Information Security Officer and various departments within the bank to uphold the information security program and ensure compliance. This role involves technical and administrative responsibilities, including managing user access, performing vulnerability scans, and responding to security events. The position requires collaboration with auditors and regulators, as well as participation in risk management and incident response activities. Candidates should have relevant experience in information security and a strong understanding of compliance regulations in the banking sector.

Key Responsibilities:

  • Respond to and collaborate with internal and external auditors and regulators to maintain the information security program.
  • Perform assigned technical and administrative information security activities, including managing user access reviews and conducting vulnerability scans.
  • Monitor, analyze, and respond to suspicious information security events.
  • Assist with tracking remediation of testing and assessment findings.
  • Perform information security application administration functions for assigned technologies.
  • Support the ISO in maintaining and implementing information security documentation.
  • Participate in information security and third-party risk management activities.
  • Engage in information security program assessments and audits.
  • Participate in business continuity, disaster recovery, and incident response exercises.
  • Analyze and prepare response plans for internal and external assessments and audits.
  • Provide recommendations for information security improvements to the ISO.
  • Stay current with information security trends and industry research.
  • Other duties as assigned.

Key Skills:

  • Vulnerability management experience.
  • Understanding of user access review processes.
  • Experience in banking and knowledge of GLB/FFIEC regulations.
  • Active certifications in information security.
  • 3-7 years of hands-on experience in information security governance, risk management, or operations.
  • Knowledge of industry-recognized information security standards (e.g., NIST CSF, ISO 27001).
  • Strong interpersonal and customer service skills.
  • Ability to assess technical system controls and security vulnerabilities.
  • Expertise in Microsoft Office.
  • Ability to work with managed security service providers and vendors.
  • Organized and detail-oriented professional.

Salary (Rate): undetermined

City: undetermined

Country: USA

Working Arrangements: remote

IR35 Status: outside IR35

Seniority Level: undetermined

Industry: IT

Detailed Description From Employer:

Position Title: Information Security Analyst

Location: Maitland, FL (preferred) or remote

Contract to hire on W2

Must have to be considered -

  • VUL MGMT EXP
  • UAR
  • Past Banking Experience
  • GLB/FFIEC
  • Some active certifications

General Responsibilities

The Information Security Analyst works directly with the Information Security Officer (ISO) as a member of the Bank information security team. This position collaborates with Risk Management, Information Technology, Third-Party Risk Management, Enterprise Risk Management, Bank Compliance, Audit, HR, and Bank Operations personnel to maintain the Bank information security program and report on information security program compliance.

Key Responsibilities and Accountabilities

The Information Security Analyst's key responsibilities and accountabilities include, but are not limited to the following:

In support of ISO, respond to and work with internal and external auditors and regulators to maintain the information security program

Perform assigned technical and administrative information security activities, such as

o Manage user access review process

o Perform vulnerability scans and configuration reviews

o Monitor, analyze, and respond to suspicious information security events

o Assist with tracking remediation of testing and assessment findings

o Perform information security application administration functions for assigned technologies

Support the ISO in the maintenance and implementation of information security documentation

Participate in information security and third-party risk management activities

Participate in information security program assessments and audits

Participate in business continuity, disaster recovery, and incident response exercises

Analyze and prepare response plans to internal and external assessments and audit tests conducted by internal teams and independent third parties

Provide recommendations for information security improvements to the ISO

Stay current with information security trends and industry research

Other duties as assigned

Working Conditions

The responsibilities of this position are typically performed in a regular office work environment. Activities will require bending, reaching, analyzing information, spending considerable time in front of a computer screen, and may require lifting up to 50 lbs. The incumbent will be expected to be able to work Monday through Friday and work will mainly be performed at the Maitland location; occasional evening and weekend work will be required. Flexibility with work location and hours may be granted if circumstances permit.

Qualifications Summary

Education

Bachelor's degree in information systems, cybersecurity, or similar preferred

Certified Information System Security Professional (CISSP) or significant progress towards this or a similar recognized professional certification (e.g., GIAC Security Essentials, CompTIA Security+, CISA)

Experience

3-7 years' hands-on experience with information security governance, risk management or operations

Deep knowledge of industry recognized information security standards (e.g., NIST CSF, ISO 27001, NIST 800-53, FFIEC, PCI)

Experience working with external regulators and auditors in a heavily regulated industry preferred

Experience working with one or more automated GRC platforms a plus.

Knowledge & Skills:

Knowledge of applicable banking compliance regulations (e.g., FFIEC, OCC, GLBA)

Strong Interpersonal skills and customer service are crucial

Skilled in assessing technical system controls including access rules, authentication, encryption, data protection, configurations, and similar

Knowledge of system security vulnerabilities and remediation techniques, including penetration testing and the development of exploits

Knowledge of operating systems (Microsoft Windows) and networking (TCP) security

Expert in the use of Microsoft Office

Ability to work with managed security service providers, vendors, and partners in the delivery of information security services

Ability to gather, review, and analyze forensic evidence during investigations preferred

Able to meet deadlines and resolve problems in a timely manner

Must remain well versed in security trends and threats in the banking industry

Organized, detailed oriented professional committed to accuracy and quality

Ayush Sharma Sr. US Technical Recruiter

| Ext:149

| G-talk:

Apply
Similar Jobs
Loading data...