Information Security Analyst I

GENERAL DESCRIPTION OF POSITION

The Information Security Analyst I, as part of the Cyber Defense Operations Team, helps defend Centennial Bank against cyber threats by responding to information security alerts, investigating malicious activity, and aiding in incident handling, along with helping in maintaining overall information security across the organization through vulnerability management, phishing email analysis, and providing general information security expertise.

ESSENTIAL DUTIES AND RESPONSIBILITIES

1. Investigates security alerts and events to identify relevancy and urgency, triaging and responding based on set security operation processes. This duty is performed daily, about 20% of the time.

2. Facilitates network and endpoint security monitoring using a wide variety of tools, including Endpoint Detection and Response (EDR), Network Monitoring, Security Information and Event Management (SIEM), Data Loss Prevention (DLP), Identity Management, etc. This duty is performed daily, about 15% of the time.

3. Monitors the health of security tools and agents, including facilitating the discovery of potential gaps in coverage. This duty is performed weekly, about 10% of the time.

4. Administers endpoint protection software and other security tools, as necessary. This duty is performed monthly, about 10% of the time.

5. Analyzes phishing emails to create and follow through with appropriate response plan. This duty is performed daily, about 15% of the time.

6. Participates in the vulnerability management lifecycle by helping identify, report, and suggest remediation steps for vulnerabilities discovered in the network. This duty is performed weekly, about 5% of the time.

7. Participates in cyber incident response activities or projects. This duty is performed as needed, about 5% of the time.

8. Using approved tools, assists in conducting Red Team tests to determine potential security flaws and provides recommendations for remediation. This duty is performed monthly, about 5% of the time.

9. Evaluates complex security events using critical thinking and problem solving. This duty is performed daily, about 10% of the time.

10. Collaborates with multiple diverse teams, both locally and remotely, regarding IT security concerns. This duty is performed daily, about 10% of the time.

11. Completes required BSA/AML training and all other required training sessions, as assigned. This duty is performed quarterly.

12. The ability to work in a constant state of alertness and in a safe manner. This duty is performed daily.

13. Perform any other related duties as required or assigned.

QUALIFICATIONS

To perform this job successfully, an individual must be able to perform each essential duty mentioned satisfactorily.  The requirements listed below are representative of the knowledge, skill, and/or ability required.

EDUCATION AND EXPERIENCE

Knowledge of a specialized field (however acquired), such as basic accounting, computer, etc. Equivalent of four years in high school, plus night, trade extension, or correspondence school specialized training, equal to two years of college, plus 4 years related experience and/or training, or equivalent combination of education and experience.

COMMUNICATION SKILLS

Ability to effectively communicate information and respond to questions in person-to-person and small group situations with customers, clients, general public and other employees of the organization. Ability to read, analyze, and understand general business/company related articles and professional journals; ability to speak effectively before groups of customers or employees. ability to write reports, business correspondence, and policy/procedure manuals; ability to effectively present information and respond to questions from groups of managers, clients, customers, and the general public. Ability to read, analyze, and understand common scientific and technical journals, financial reports, and legal documents; ability to respond to complex or difficult inquiries or complaints from customers, regulatory agencies, or members of the business community.

MATHEMATICAL SKILLS

Ability to calculate figures and amounts such as discounts, interest, commissions, proportions, percentages, area, circumference, and volume. Ability to apply concepts such as fractions, ratios, and proportions to practical situations.

CRITICAL THINKING SKILLS

Ability to define problems, collect data, establish facts, and draw valid conclusions. Ability to interpret an extensive variety of technical instructions in mathematical or diagram form and deal with several abstract and concrete variables.

REQUIRED CERTIFICATES, LICENSES, REGISTRATIONS

Not indicated.

PREFERRED CERTIFICATES, LICENSES, REGISTRATIONS

Security (CCNA) Certification, Security+ Certification, Security Operations Analyst Associate, Offsec Defense Analyst, or another related certification is preferred.

SOFTWARE SKILLS REQUIRED

Intermediate: 10-Key, Alphanumeric Data Entry, Contact Management, Presentation/PowerPoint, Spreadsheet, Word Processing/Typing

Basic: Accounting, Database

WORKING CONDITIONS

Periodically exposed to such elements as noise, intermittent standing, walking, pushing, carrying, or lifting; but none are present to the extent of being disagreeable.

ENVIRONMENTAL CONDITIONS

The following work environment characteristics described here are representative of those an employee encounters while performing essential functions of this job.  Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

 The noise level in the work environment is usually moderate.

PHYSICAL ACTIVITIES

The following physical activities described here are representative of those that must be met by an employee to successfully perform the essential functions of this job.  Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions and expectations.

Moderate diversity, low physical. Work activities which allow for a moderate amount of diversity in the performance of tasks which are not as varied as those positions with high-level diversity and decision-making.

While performing the functions of this job, the employee is regularly required to sit, use hands to finger, handle, or feel, talk or hear; frequently required to reach with hands and arms; and occasionally required to stand, walk, climb or balance, stoop, kneel, crouch, or crawl. The employee must occasionally lift and/or move up to 25 pounds. Specific vision abilities required by this job include close vision.

ADDITIONAL INFORMATION

-A high school degree plus four (4) years of related experience and/or training in IT, or a two (2) year college degree plus two (2) years of related experience and/or training in IT, or a four (4) degree college degree related to or with an emphasis in Information Security.

Preferred Knowledge of cyber security concepts such as:
-Endpoint detection and response
-Log analysis
-Incident response
-Vulnerability scanning
-Phishing email analysis
-Investigating information security tool alerts and executing triage processes-Knowledge in networking and endpoint administration