SENIOR IT SECURITY ANALYST

PERMANENT FULL TIME JOB

LOCATION: ON SITE NYC

LOCAL CANDIDATES TO NY

MUST HAVE 7+ IT CYBER SECURITY ANALYST EXPERIENCE

FINANCIAL EXPERIENCE A MUST

NESSUS, TRIPWIRE, QRADAR AND SOME WINDOWS EXPERIENCE

• The Information Security Officer will work closely with the CISO and senior management to ensure the operations remain secure and resilient against evolving information security threats.

Qualifications:

• Bachelor s degree in Computer Science, Cybersecurity, Information Security, Information Technology, or a related field is required. Advanced degree (MBA, MS in Cybersecurity) is a plus.
• Professional certifications such as CISSP, CISM, CRISC, CEH, or equivalent are preferred.
• 7+ years of experience in a combined IT and information/cyber-security specialty/field, preferably within the financial industry.
• Strong knowledge of, and hands-on experience with network security tools, firewalls, intrusion detection systems, antivirus software, and endpoint protection software (Nessus, Tripwire, QRadar, etc.).
• Proficient with operating systems (Windows, Linux) and basic scripting is a plus.
• Understanding of domestic and international regulations (NYDFS Part 500, DORA).
• Strong analytical and problem-solving skills, with attention to detail, ability to work under pressure, and in a team environment.
• Excellent verbal and written communication skills, with the ability to explain technical concepts to non-technical stakeholders.
• Experience with a foreign bank operating in the US is a plus.

Essential Duties:

• Facilitate developing and deploying security measures to protect company networks, systems, and data from unauthorized access, viruses, and other security threats.
• Regularly monitor computer networks for security breaches and potential vulnerabilities. Recommend and implement necessary updates or upgrades to enhance system security.
• Support investigating and responding to security incidents, breaches, and viruses, ensuring timely resolution and mitigation of risks.
• Ensure appropriate security controls are in place and align with organizational policies, industry standards, and local and international regulatory requirements.
• Participate in security audits and assessments to identify areas for improvement and ensure compliance with best practices.
• Work closely with IT and other departments on information/cyber-security protocols and to implement security measures.
• Maintain detailed records of security incidents, vulnerabilities, and solutions to support continuous improvement and reporting.
• Coordinate with global information security teams to align the branch s operations with the group s international security standards.
• Conduct risk assessments - executing and documenting the risk assessment with supporting documentation and reporting the results to senior management.
• Develop training materials and initiatives to educate staff on phishing, social engineering, and other cyber risks.
• Participate in developing and updating security policies, procedures, and controls to address emerging risks.
• Engage with regulators, auditors, and external partners to demonstrate compliance. Participate in response activities to ensure responses are properly implemented.