Cybersecurity Analyst

Description

  

Join the Bank that shares success with others! As a locally managed mutual bank, South Shore Bank is driven by the needs of communities rather than the demands of investors. You can help us serve as a trusted advisor to the people, businesses and organizations that make our communities stronger. We also provide a competitive benefit package with Medical, Dental, Vision, Flexible Spending, Dependent Care, Child Care Subsidy, Retirement, Life Insurance and many other benefits.

Reporting to the Cybersecurity Manager, the Cybersecurity Analyst executes the cybersecurity operational processes including the ongoing monitoring and tracking of the organization’s cybersecurity hygiene. They are responsible for the day-to-day monitoring of various alerts and system reports.  This role is critical in maintaining security of the organization’s control environment as it relates to confidentiality, integrity and availability of data and systems.

ESSENTIAL DUTIES AND RESPONSIBILITIES 

General

• Coordinating various security assessments, including but not limited to, the FedLine Solutions Security and Resiliency Assurance Program review and the Ransomware Self-Assessment Tool, recommending best practices, corrective actions for identified issues, and updating documentation.
• Assisting in the facilitation of the annual information technology risk assessment process, working with the Technology Owners and Business System Analysts, and reviewing results for consistency across the organization.
• Assisting in the maintenance of the governance, risk, and compliance (GRC) tool inventories (technologies, processes, people, third parties, etc.) to ensure completeness and accuracy.
• Assisting in the maintenance of the organization’s inventory of systems along with the users and administrators of those systems to support user access reviews and the termination process.
• Assisting in the facilitation of the user access review process providing a consistent mechanism for all user access reviews to be conducted at the organization. Tracking results to ensure timely submission.
• Reviewing the reasonableness and accuracy of user security authorization forms to ensure requests adhere to the least privileged principles and are filled out appropriately.
• Monitoring and analysis of event logging and SIEM alerting, in conjunction with other CyberOps team members. Escalating issues when warranted to pertinent parties for response.
• Gathering and reporting metrics for oversight and monitoring.
• Reviewing activity reports from the network, various CyberOps technologies, and business applications to identify unauthorized changes and anomalous behavior.
• Monitoring threat intelligence sources and informing the appropriate individuals that need to take action. Tracking and reporting these actions as a part of the vulnerability management process.
• Identifying areas of improvement in security technical controls, including those supported by and implemented with CyberOps technology platforms.
• Advocating for security best practices across the organization.
• Monitoring corrective action plans identified for remediation with the IT function and follow up on plans that are not performed in the timeframes specified.
• Adhere to the Bank’s privacy and data security policies including but not limited to safeguarding of sensitive information and complying with relevant regulations to protect non-public information.
• Exhibit the ability and desire to embrace and enhance the Bank culture.

SECONDARY/ RESPONSIBILITIES 

• Reviewing alerts from the secure email system and managing the admin quarantine, in conjunction with other CyberOps team members. Escalating issues when warranted to pertinent parties for response. Providing backup to the Cybersecurity Engineer for policy maintenance.
• Reviewing alerts from the cloud access security broker, in conjunction with other CyberOps team members. Escalating issues when warranted to pertinent parties for response. Providing backup to the Cybersecurity Engineer for policy maintenance.
• Reviewing alerts from the anti-virus system, in conjunction with other CyberOps team members. Escalating issues when warranted to pertinent parties for response. Providing backup to the Cybersecurity Engineer for policy maintenance.
• Providing backup to InfoSec in responding to user reported phishing submissions that come in by providing feedback to employees on if it was a true phish, spam, or other.
• Assisting with the investigation of cybersecurity security incidents and participating on the Incident Response Team.
• Participating in technology projects to provide insight on security best practices and hardening.
• Understanding the risk acceptance processes, including identifying risk, compensating controls, and developing transition plans.

SUPERVISORY RESPONSIBILITIES:

None

Consider this description to be the foundation of your job, not its boundaries.  Expect to participate in internal and external training sessions and activities not described here which enhance the quality of service to the client. 

Requirements

  

QUALIFICATIONS

To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

EDUCATION and/or EXPERIENCE 

  

• Bachelor’s degree (B. A.) from four-year college or university; or a minimum of 2 years of related experience and/or training, specifically in cybersecurity or information security; or equivalent combination of education and experience.
• At least one relevant security certification (such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA) and/or Certified Risk and Information Systems Controls (CRISC)) highly desirable or a desire to work towards a certification.
• Basic understanding of security best practice frameworks such as NIST Cybersecurity Framework and 800-53, PCI-DSS, SOC, or ISO 27001.

LANGUAGE SKILLS 

Ability to read, analyze, and interpret general business periodicals, professional journals, technical procedures, or governmental regulations. Ability to write reports, business correspondence, and procedure manuals. Ability to effectively present information and respond to questions from groups of managers, clients, customers, and the general public.

MATHEMATICAL SKILLS 

Ability to calculate figures and amounts such as discounts, interest, commissions, proportions, percentages.

REASONING ABILITY 

Ability to define problems, collect data, establish facts, and draw valid conclusions. Ability to interpret an extensive variety of technical instructions in mathematical or diagram form and deal with several abstract and concrete variables. Must be able to analyze and convert raw data into cohesive, presentable data to be shared with multiple sources upon request.

PHYSICAL DEMANDS 

The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

While performing the duties of this job, the employee is regularly required to sit; use hands to finger, handle or feel, reach with hands and arms; and talk or hear. The employee is occasionally required to stand and walk. The employee must regularly lift and/or move up to 10 pounds. Specific vision abilities required by this job include close vision, peripheral vision, and the ability to adjust focus.

WORK ENVIRONMENT 

The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

The noise level in the work environment is usually moderate.

KEY POINTS 

It has been and will continue to be the policy of South Shore Bank to be an Equal Opportunity Employer. We provide equal opportunity to all qualified individuals regardless of race, sex, color, religious creed, religion, national origin, citizenship status, age, disability, pregnancy, ancestry, military service, or veteran status, genetic or carrier status, marital status, sexual orientation, or any classification protected by applicable federal, state, or local laws. 

At South Shore Bank, we believe that diversity and inclusion are critical to our future and our mission – creating a foundation for a creative workplace that leads to innovation, growth, and profitability. We believe in Shared success and We before Me. Through a variety of programs and initiatives, we invest in each employee, seeking to ensure that our people are not only respected as individuals, but also truly valued for their unique perspectives.

EOE/F/M/Vet/Disabled