Information Security Analyst//W2 C2H

Overview

Remote
Contract - W2
Contract - 6+ Month(s)

Skills

Information Technology
Reporting
Management
Testing
Software Administration
Documentation
Business Continuity Planning
Disaster Recovery
Incident Management
Auditing
ISO 9000
Research
Information Systems
Cyber Security
Information System Security
CISSP
Security+
CISA
Information Security Governance
Risk Management
ISO/IEC 27001:2005
NIST 800-53
Payment Card Industry
SAP GRC
Regulatory Compliance
FFIEC
Gramm-Leach-Bliley Act
Customer Service
Authentication
Encryption
Data Security
System Security
Penetration Testing
Operating Systems
Microsoft Windows
Computer Networking
TCP
Microsoft Office
Information Security
Banking
Organized
EXT
IMG

Job Details

Position Title: Information Security Analyst

Location: Maitland, FL (preferred) or remote

Contract to hire on W2

Must have to be considered -

  • VUL MGMT EXP
  • UAR
  • Past Banking Experience
  • GLB/FFIEC
  • Some active certifications

General Responsibilities

The Information Security Analyst works directly with the Information Security Officer (ISO) as a member of the Bank information security team. This position collaborates with Risk Management, Information Technology, Third-Party Risk Management, Enterprise Risk Management, Bank Compliance, Audit, HR, and Bank Operations personnel to maintain the Bank information security program and report on information security program compliance.

Key Responsibilities and Accountabilities

The Information Security Analyst's key responsibilities and accountabilities include, but are not limited to the following:

In support of ISO, respond to and work with internal and external auditors and regulators to maintain the information security program

Perform assigned technical and administrative information security activities, such as

o Manage user access review process

o Perform vulnerability scans and configuration reviews

o Monitor, analyze, and respond to suspicious information security events

o Assist with tracking remediation of testing and assessment findings

o Perform information security application administration functions for assigned technologies

Support the ISO in the maintenance and implementation of information security documentation

Participate in information security and third-party risk management activities

Participate in information security program assessments and audits

Participate in business continuity, disaster recovery, and incident response exercises

Analyze and prepare response plans to internal and external assessments and audit tests conducted by internal teams and independent third parties

Provide recommendations for information security improvements to the ISO

Stay current with information security trends and industry research

Other duties as assigned

Working Conditions

The responsibilities of this position are typically performed in a regular office work environment. Activities will require bending, reaching, analyzing information, spending considerable time in front of a computer screen, and may require lifting up to 50 lbs. The incumbent will be expected to be able to work Monday through Friday and work will mainly be performed at the Maitland location; occasional evening and weekend work will be required. Flexibility with work location and hours may be granted if circumstances permit.

Qualifications Summary

Education

Bachelor's degree in information systems, cybersecurity, or similar preferred

Certified Information System Security Professional (CISSP) or significant progress towards this or a similar recognized professional certification (e.g., GIAC Security Essentials, CompTIA Security+, CISA)

Experience

3-7 years' hands-on experience with information security governance, risk management or operations

Deep knowledge of industry recognized information security standards (e.g., NIST CSF, ISO 27001, NIST 800-53, FFIEC, PCI)

Experience working with external regulators and auditors in a heavily regulated industry preferred

Experience working with one or more automated GRC platforms a plus.

Knowledge & Skills:

Knowledge of applicable banking compliance regulations (e.g., FFIEC, OCC, GLBA)

Strong Interpersonal skills and customer service are crucial

Skilled in assessing technical system controls including access rules, authentication, encryption, data protection, configurations, and similar

Knowledge of system security vulnerabilities and remediation techniques, including penetration testing and the development of exploits

Knowledge of operating systems (Microsoft Windows) and networking (TCP) security

Expert in the use of Microsoft Office

Ability to work with managed security service providers, vendors, and partners in the delivery of information security services

Ability to gather, review, and analyze forensic evidence during investigations preferred

Able to meet deadlines and resolve problems in a timely manner

Must remain well versed in security trends and threats in the banking industry

Organized, detailed oriented professional committed to accuracy and quality

Ayush Sharma Sr. US Technical Recruiter

| Ext:149

| G-talk:

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.