Jr. Cyber Security/Info Security Analyst(On-site) (Banking)

Reporting to the Bank Information Security Officer, the Information Security Analyst is responsible for information security policy development and maintenance; design of security policy education, training, and awareness activities; monitoring compliance with bank IT security policy and applicable law; and coordinating investigation and reporting of security incidents. Working with the Information Technology department, the incumbent will monitor, assess, and fine-tune the continuity and disaster recovery program, perform network penetration tests, application vulnerability assessment scans and risk assessment reviews.

Responsibilities:

• Assists in the implementation of data access security measures by identifying, analyzing and resolving security and system problems relating to data access security, applications, programs and functions
• Monitors computer data network system, including LAN and WAN, firewall and anti-spam data security infrastructure.
• Investigates incidences of data access violations and data corruption or loss and reports findings to supervisor for direction or resolution.
• Maintains the information systems security database by joining or separating users to various system applications; coordinates the registration of users to the system and respective access levels with departmental coordinators.
• Monitors and audits the information system security database to isolate and identify occurrences of illegal or unauthorized access; prepares reports and/or memoranda recommending corrective action.
• Investigates and corrects security related problems to ensure data information system integrity.
• Performs analyses of data security systems to keep management informed of system utilization patterns; prepares reports on same.
• Coordinate response to information security incidents.
• Create, manage and maintain user security awareness.
• Maintain the Cybersecurity Framework

• BA or BS in Computer Science, Management Information Systems, or related field, advance degree a plus.
• Minimum of 5years of progressive experience in computing and information security, including experience with Internet technology and security issues.
• Experience should include network security, application vulnerability assessments, risk analysis and compliance testing. CISSP, GIAC, or other security certifications desired.
• Knowledge of information security standards (e.g., ISO 17799/27002, etc.), rules and regulations related to information security and data confidentiality and desktop, server, application, database, network security principles for risk identification and analysis.