Synergent has a newly created position for a Security Analyst. This position is responsible for Information Technology security support and will assist the Information Security Officer with internal and external auditing tasks, security gap analysis, governance support, and daily IT security maintenance tasks. The Security Analyst plays a vital role in keeping Enterprise proprietary and sensitive information secure. The position works to identify and correct threats and flaws in the Information Security Program (ISP), product solutions, offerings, and programs while recommending specific measures to help improve the overall enterprise security posture and helping to reduce the overall security risks and threat landscape.
The successful candidate will be responsible for:
- Monitoring SIEM, Dell Secureworks ticketing, data loss prevention, Symantec AntiSpam, impersonation filtering, and Office 365 security and compliance.
- Participating in annual risk assessments. desktop/physical audits, Enterprise risk assessments, and IT security cybersecurity exercises.
- Providing remediation tracking for SOC/NCUA/state audits, external audits, and internal vulnerability scanning.
- Providing support on vendor management, incident management, governance enforcement, and IT security training and awareness. Verify the security of third-party vendors and collaborate with vendors and credit unions if needed to help meet security requirements.
- Maintaining and updating the Technology Policy Manual, ISP methodology and documentation, and Policy Exception Listings.
- Participating in IT security onboarding/offboarding and employee security awareness training.
- Providing Enterprise due diligence to credit unions and update diligence documentation as needed.
- Providing support and participate in penetration testing, risk assessments, and white-hat security gap analysis.
- Participating in ITCC Change Committee meetings and provide reports. Participate in Steering Committee meetings, patch management oversight, risk management, and IT Security steering committee meetings.
- Staying current on information technology trends and security best practices. Research new security products and enhancement tools to help keep the Enterprise safe and secure.
- Assisting colleagues with research and installation of security software and understanding information security management objectives.
- Generating meaningful IT Security metrics and analytics that show security trending and threat management.
- Analyzing security incidents and breaches to identify the root cause and how to prevent future occurrences.
- Continuously updating Enterprise incident response and disaster recovery plans with the AVP – Business Continuity as they pertain to cybersecurity.
- Working on audit finding remediation and develop Key Risk Indicators (KRIs) to serve as indicators of rising or falling Enterprise risks. Work with management to rate identified risks by priority in an Enterprise risk register or ERM application. Strive to achieve ongoing successful risk mitigation and favorable audit results.
Candidates should possess experience or academic background in any of the following: network support, programming, desktop support, telecommunications, auditing, IT security, risk management, or IS help desk support. Experience with penetration testing and ethical hacking knowledge, incident management, computer forensics, or risk management is a plus. Familiarity with credit union or financial background experience is helpful; as well as the ability to support multiple priorities and work with all levels of employees and management.
Certifications including SSCP, CISSP, CISA, GISF, GIAC, CISM, CompTIA Security + proficiency with standard PC programs and functions are a plus.
To apply, please submit a resume and cover letter including salary requirements to firstname.lastname@example.org. We look forward to hearing from you!