Information Security Analyst
General IT experience.
• Adaptability and flexibility to work on a variety of assignments as defined by current priorities.
• Entry level knowledge of security/network/infrastructure fundamentals.
• Strong written and oral communication skills, including the ability to interact directly with employees that do not have an IT background.
• Strong presentation skills involving audiences of varying IT backgrounds.
The Information Security Analyst position leverages prior technical work experiences, such as workstation, server, network engineer, or software operations management, to help the IS Operations team in addressing security control gaps for the bank’s technology infrastructures, both traditional and cloud-based. The primary focus is applying technology know-how to survey, quantify, report, and track security controls issues; and to assist senior analysts in the team in issue investigations, solution implementation, functional evaluations, etc. The Analyst I role works closely with and learns from the senior analysts in responding to cybersecurity events and incidents.
Job Function 1:
Monitors defense-in-depth security controls deployed throughout the Bank, including CASB, IDS, HIPS, Network Access Controls; email, web, DLP controls, and more.
• Assists in provisioning and de-provisioning access exceptions.
• Monitors IT and IS open tickets and generates periodic reports for management review.
• Conducts light security event investigations and performs basic forensic research and reporting.
Job Function 2:
Maintains the bank’s internally operated security software and hardware assets, and subscribes to all relevant patch/update notification channels to ensure that the bank’s security tool catalog is kept up to date.
• Tracks all EOS, EOL announcements, security vulnerability, and patch/upgrade announcements.
• Monitors and reports on the progress and status of subsequent remediation/upgrade activities.
Job Function 3:
Responsible for tracking and reporting alerts generated by Information Security solutions’ management consoles or dashboards.
• Review, correlate, summarize and report KPI, KRIs from cloud and on-prem security controls to information security team based on criteria supplied by the security team.
• Maintain a security project dashboard based on inputs provided by the security team.
• Works closely with the other IS and IT teams to assist whenever possible.
• Assists analyst team in documenting activities related to new procedures that have been developed to close audit and regulatory findings, for both IS gaps and IS’s oversight to IT gaps.
Job Function 4:
Collaborate with Information Security analysts and engineers with all level 1 event and incident investigations.
• Assist Information Security in testing and validation of security controls related to ad-hoc security projects.
• Ongoing analysis of various security events, incident alerts, event notifications, health status from security tools, and additional detection and response activities.
• Investigate security incidents and collaborate with technology and business organizations in response to detected threats. Coordinate with internal and external resources for risk mitigation and service outage resolution.
• Follows up on open IT Helpdesk Tickets for updates and escalates to senior team members if necessary.