Senior Security Analyst (15868)

Company: Bishop & Company ( Learn More )

General Information
US-HI-Honolulu
N/A
4 Year Degree
Full-Time
At least 5 year(s)
Not Specified
False
False
Job Description

Position Summary:

Supports the company's information security continuous monitoring and incident response program to ensure that information security standards, practices, & controls are in place to adequately mitigate risk to the bank. Works with IT and internal operations to ensure the safeguarding of all confidential, proprietary, privileged, and protected information assets, including customer data. Monitors essential processes to ensure compliance with policies, standards, practices and guidelines. Must be willing to be on-call.


Job Accountabilities:

  • Develops and performs information security and vulnerability assessments, testing on applications, systems, and infrastructure to ensure appropriate protection of sensitive customer and company information; performs risk analysis and recommends remediation for deficiencies. Tracks and reassesses remediation(s) to ensure compliance with policies and operational standards.
  • Performs incident monitoring and reporting that includes analysis and correlation of information or data for the purpose of identifying intrusion attempts, vulnerabilities, and/or compromises to Bank systems
  • Performing incident response activities that include evidence collection and forensic analysis using industry standards and tools, evaluation of security controls and recommending solutions to mitigate potential risk.
  • Ensures technical enforcement of internal security policies to maintain the integrity of the networks, systems and applications utilized throughout the organization, including functionality of user access controls.
  • Develops and conducts bank-wide/departmental information security training. Maintains current knowledge of evolving information security risks, particularly cyber security, new and evolving trends with mitigation tools and changes to security regulations affecting financial institutions.
  • Performs security event monitoring and correlation using the SIEM, data loss prevention, and other tools to detect and respond to security events.
  • Develops and implements threat mitigation strategies. Performs event reporting and trending analysis.
  • Employs common communications mediums to execute security incident response procedures.
  • Ensure work performed is compliant with all banking laws and regulations relevant to data security.


  • Qualifications:

    Minimum Education Requirements: College (4-year) Degree

    Indicate Degree Major Field of Study: Bachelor's Degree in Computer Science or a related technical discipline; or the equivalent combination of education; professional training or work experience.


    Experience Required

    5 years - Direct experience in developing information security programs and assessing effectiveness of such programs, preferably within a financial services organization.

    3 years - Working knowledge of security technologies including but not limited to firewalls, SIEM, web proxies/DLP, encryption, IDS/IPS and the ability to apply security principles based on best practices and industry standards.


    Required Skills or Training:

  • Demonstrated experience in network and system administration, programming, systems development, Security Operations Center (SOC), and/or incident response.
  • Possesses good working knowledge of security principles, risk assessment policies and standards; demonstrates solid understanding of security best practices, products and technologies, including wireless security and virtualized security.
  • Demonstrated proficiency in a broad range of operating systems, platforms, client/server and web applications, and security services such as authentication and encryption technologies; Possesses knowledge of TCP/IP protocols, OSI model and associated vulnerabilities.
  • Possesses solid understanding of Federal and state laws/regulations relating to information safeguards and controls, including laws such as National Institute of Standards & Technology (NIST). Knowledge of the Federal Financial Institutions Examination Council (FFIEC) and section 501(b) of the Gramm-Leach-Bliley Act is a plus.
  • Demonstrates strong interpersonal, oral, and writing skills to effectively communicate complex IT security concepts to a diverse audience.
  • Demonstrates in-depth analytical skills, including the ability to consolidate broad data sets from multiple sources, both internal and external, to identify patterns and/or risk factors.
  • Must be self-motivated with a strong willingness to learn in a hands-on learning environment. Critical thinker with the ability to research, develop and communicate solutions to detect security incidents in a timely manner.
  • Demonstrated experience in the areas of continuous monitoring, vulnerability management, Incident Response, Security Operations Center, malware analysis and/or reverse engineering is a plus.
  • Current certification in one or more of the following is preferred: (ISC)2 CISSP or CCFP, ISACA CISA, ISACA CISM, SANS GIAC, EC-Council ECIH, or EC-Council CHFI.


  • Professional Certifications, Licenses, and/or Registration Requirements

  • One (or more) of the aforementioned information security certifications preferred or must be obtained within 6 months of hire

  • Bishop & Company provides recruiting and placement services for client companies and opportunities for job seekers throughout Hawaii, with emphasis on executive search, direct hire, temp to hire, and temporary/contract staffing . We charge no fees to our placed candidates and our temporary/contract employees. Our client services are 100% guaranteed.

    Please forward resumes to:
    Bishop & Company
    (or email: [Click Here to Email Your Resumé])

    Phone: 808-839-2200
    Website: http://www.bishopco.net/

    ***No relocation, In-state applicants only. Must be available to interview immediately.***

    Equal Employment Opportunity



    Job Requirements

    Bishop & Company provides recruiting and placement services for client companies and opportunities for job seekers throughout Hawaii, with emphasis on executive search, direct hire, temp to hire, and temporary/contract staffing . We charge no fees to our placed candidates and our temporary/contract employees. Our client services are 100% guaranteed.

    Please forward resumes to:
    Bishop & Company
    (or email: [Click Here to Email Your Resumé])

    Phone: 808-839-2200
    Website: http://www.bishopco.net/

    ***No relocation, In-state applicants only. Must be available to interview immediately.***

    Equal Employment Opportunity