Information Security Analyst
CurrentResponsible for compliance monitoring and reporting on the Bank's information security program as well as tasks related to the Bank's business continuity and physical security programs.-Develop content and train employees on information security, business continuity, and physical security practices.-Investigate reported phishing attempts. Determine and take appropriate actions to mitigate risk.-Oversee phishing campaigns, track failures, and provide remedial training.-Investigate reported security incidents to determine the damage and take appropriate action. Thoroughly document the results of the investigation and ensure appropriate actions are taken.-Perform monitoring related to data exfiltration and encryption.-Manage the access review process to ensure user access is appropriately provisioned.-Manage the annual vulnerability/penetration and social engineering testing process by working closely with third-party service providers.-Collaborate with Information Technology to detect and mitigate vulnerabilities.-Manage the Bank's record retention process to ensure data is properly stored and destroyed as required.-Respond to physical security alarms and business continuity events. Determine and take appropriate action.-Ensure access and alarm systems are properly setup and kept up to date.-Perform risk assessments related to information security, business continuity, and physical security.-Develop and implement plans and procedures related to information security, business continuity, and physical security.-Prepare reports for management and the Board.-Gather and provide requested documentation for audits and exams.-Maintain current knowledge of state and federal information security requirements and best practices.-Maintain an understanding of emerging information security issues and work with management to address challenges.