Information Security Analyst I

GENERAL DESCRIPTION OF POSITION

The Information Security Analyst I as part of the Cyber Defense Operations Team helps defend Centennial Bank against cyber threats by responding to information security alerts investigating malicious activity and aiding in incident handling along with helping in maintaining overall information security across the organization through vulnerability management phishing email analysis and providing general information security expertise.

ESSENTIAL DUTIES AND RESPONSIBILITIES

1. Investigates security alerts and events to identify relevancy and urgency triaging and responding based on set security operation processes. This duty is performed daily about 20% of the time.

2. Facilitates network and endpoint security monitoring using a wide variety of tools including Endpoint Detection and Response (EDR) Network Monitoring Security Information and Event Management (SIEM) Data Loss Prevention (DLP) Identity Management etc. This duty is performed daily about 15% of the time.

3. Monitors the health of security tools and agents including facilitating the discovery of potential gaps in coverage. This duty is performed weekly about 10% of the time.

4. Administers endpoint protection software and other security tools as necessary. This duty is performed monthly about 10% of the time.

5. Analyzes phishing emails to create and follow through with appropriate response plan. This duty is performed daily about 15% of the time.

6. Participates in the vulnerability management lifecycle by helping identify report and suggest remediation steps for vulnerabilities discovered in the network. This duty is performed weekly about 5% of the time.

7. Participates in cyber incident response activities or projects. This duty is performed as needed about 5% of the time.

8. Using approved tools assists in conducting Red Team tests to determine potential security flaws and provides recommendations for remediation. This duty is performed monthly about 5% of the time.

9. Evaluates complex security events using critical thinking and problem solving. This duty is performed daily about 10% of the time.

10. Collaborates with multiple diverse teams both locally and remotely regarding IT security concerns. This duty is performed daily about 10% of the time.

11. Completes required BSA/AML training and all other required training sessions as assigned. This duty is performed quarterly.

12. The ability to work in a constant state of alertness and in a safe manner. This duty is performed daily.

13. Perform any other related duties as required or assigned.

QUALIFICATIONS

To perform this job successfully an individual must be able to perform each essential duty mentioned satisfactorily. The requirements listed below are representative of the knowledge skill and/or ability required.

EDUCATION AND EXPERIENCE

Knowledge of a specialized field (however acquired) such as basic accounting computer etc. Equivalent of four years in high school plus night trade extension or correspondence school specialized training equal to two years of college plus 4 years related experience and/or training or equivalent combination of education and experience.

COMMUNICATION SKILLS

Ability to effectively communicate information and respond to questions in person-to-person and small group situations with customers clients general public and other employees of the organization. Ability to read analyze and understand general business/company related articles and professional journals; ability to speak effectively before groups of customers or employees. ability to write reports business correspondence and policy/procedure manuals; ability to effectively present information and respond to questions from groups of managers clients customers and the general public. Ability to read analyze and understand common scientific and technical journals financial reports and legal documents; ability to respond to complex or difficult inquiries or complaints from customers regulatory agencies or members of the business community.

MATHEMATICAL SKILLS

Ability to calculate figures and amounts such as discounts interest commissions proportions percentages area circumference and volume. Ability to apply concepts such as fractions ratios and proportions to practical situations.

CRITICAL THINKING SKILLS

Ability to define problems collect data establish facts and draw valid conclusions. Ability to interpret an extensive variety of technical instructions in mathematical or diagram form and deal with several abstract and concrete variables.

REQUIRED CERTIFICATES LICENSES REGISTRATIONS

Not indicated.

PREFERRED CERTIFICATES LICENSES REGISTRATIONS

Security (CCNA) Certification Security Certification Security Operations Analyst Associate Offsec Defense Analyst or another related certification is preferred.

SOFTWARE SKILLS REQUIRED

Intermediate: 10-Key Alphanumeric Data Entry Contact Management Presentation/PowerPoint Spreadsheet Word Processing/Typing

Basic: Accounting Database

WORKING CONDITIONS

Periodically exposed to such elements as noise intermittent standing walking pushing carrying or lifting; but none are present to the extent of being disagreeable.

ENVIRONMENTAL CONDITIONS

The following work environment characteristics described here are representative of those an employee encounters while performing essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

The noise level in the work environment is usually moderate.

PHYSICAL ACTIVITIES

The following physical activities described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions and expectations.

Moderate diversity low physical. Work activities which allow for a moderate amount of diversity in the performance of tasks which are not as varied as those positions with high-level diversity and decision-making.

While performing the functions of this job the employee is regularly required to sit use hands to finger handle or feel talk or hear; frequently required to reach with hands and arms; and occasionally required to stand walk climb or balance stoop kneel crouch or crawl. The employee must occasionally lift and/or move up to 25 pounds. Specific vision abilities required by this job include close vision.

ADDITIONAL INFORMATION

-A high school degree plus four (4) years of related experience and/or training in IT or a two (2) year college degree plus two (2) years of related experience and/or training in IT or a four (4) degree college degree related to or with an emphasis in Information Security.

Preferred Knowledge of cyber security concepts such as:
-Endpoint detection and response
-Log analysis
-Incident response
-Vulnerability scanning
-Phishing email analysis
-Investigating information security tool alerts and executing triage processes-Knowledge in networking and endpoint administration

Required Experience:

IC