Nationally ranked bank is seeking a Security Program Analyst is to ensure the secure operation of the company network and systems through analysis, monitoring, risk assessments, and testing. The Security Program Analyst will analyze and resolve security issues in a timely and accurate manner to reduce company risk while maintaining a strong understanding of current security threats, vulnerabilities and industry best practices; and, will also recommend improvements to infrastructure as needed to better protect the bank.
- Analyze threats and vulnerabilities and perform risk assessments of technologies and processes.
- Assist with the evaluation of technology improvements and/or enhancements that would provide greater security protections for the Bank’s systems and networks.
- Design and conduct compliance assessments of Bank technologies against industry best practices and provide recommendations.
- Design, plan and perform regular vulnerability assessments & penetration the Collaborate with infrastructure custodians to remediate vulnerability findings.
- Represent the Information Security group as a subject matter expert for implementation of new and upgraded technologies.
- Analyze and report on the effectiveness of internal security systems including patch management, anti-virus, SIEM, network access control, web and email filtering systems, IDS\IPS, and DLP components.
- Analyze, review and make recommendations on firewall and perimeter IDS\IPS rules and configuration. Respond to security breaches and infrastructure emergencies as necessary.
- Design and develop tests to evaluate compliance with department policies and procedure
- Take steps necessary to maintain and grow technical expertise with software and systems designed to evaluate and exploit vulnerabilities.
- Take steps necessary to maintain and build upon technical understanding of hacking tools and techniques.
- Oversee server, workstation and router build standards to ensure secure configuration of new dev
- Pro-actively collaborate with vendors and suppliers as necessary to ensure department and company objective are me
- Evaluate and revise as necessary disaster recovery plans and executables.
- Document all support and maintenance activities as required.
- Diligently and consistently follow department & organization policies and procedures
Please send resumes directly to firstname.lastname@example.org for immediate consideration
- BA or BS degree required.
- Minimum 5 years of Information Security / Cybersecurity experience in a corporate network environment.
- Substantial experience with Data Loss Prevention (DLP) in the areas of administering, refining policies and rules, or working directly with business leaders on outcomes preferred.
- Substantial SIEM or log management experience to include defining log placement, event alerting, configuration management, or monitoring preferred.
- Security architecture a plus.
- Required certifications: CISSP, or GSEC or GSED .
- Demonstrable expertise in the field of information security.
- Strong, hands-on technical knowledge of up-to-date network, PC and server operating systems, including Cisco, Windows, and Linux.
- Strong, hands-on technical knowledge of anti-virus and patch management systems, solutions and best practices.
- Strong hands-on technical knowledge of routers, switches, firewalls & intrusion detection\prevention systems.
- Strong understanding of data encryption standards, solutions and best practices.
- Strong understanding and experience with LAN & WAN technologies including design and implementation.
- Strong understanding of Internet standards and protocols including TCP\IP.
- Strong understanding of data privacy practices and laws.
- Demonstrable experience conducting in depth research into security issues and products as required.
- Proven hardware troubleshooting skills.
- Strong interpersonal, written, and oral communication skills. Highly self-motivated and directed with attention to detail.
- Advanced analytical and problem-solving abilities.
- Able to effectively prioritize tasks in a high-pressure environment. Experience working in a team-oriented, collaborative environment. Ability to work after hours and weekends as necessary.
- Provide pro-active, effective technical mentoring to Security Administrators.
- Ability to lift and transport moderately heavy objects, such as computers and peripherals.