IT Security Analyst II

PositionSummary:

The IT Security AnalystII primary role will be to utilize resources and tools to helpprotect Wellbys computer networks and information. This isaccomplished by providing the highest quality experience forinternal and external members. Also the role is responsible forensuring security events are contained and remediated by enforcingsecurity policies through monitoring systems and bringing securityawareness education to team members. The analyst works closely withall Information Technology functions business units and the ITmanagement teams to ensure risks uphold the confidentialityintegrity and availability of the Wellbys information assets aremitigated.

Principal Duties andResponsibilities

• Willingness and ability to exhibit Wellbys CoreValues every day.

• Workswith purpose and is driven to provide the best team memberexperience.

• Monitorssecurity information and event management (SIEM) tools to detectand respond to security incidents indicators of compromise andbreaches.

• Analyzessecurity incidents indicators of compromise and breaches todetermine their impact origin and resolution.

• Coordinates with IT teams and vendors toaddress and mitigate identified securitythreats.

• Conductsvulnerability assessments penetration tests and system hardeningassessments to identify and address security weaknesses on anongoing basis.

• Monitorssecurity patches and updates to ensure systemintegrity.

• Collaborateswith IT teams and vendors to ensure secure configuration anddeployment of systems and applications.

• Analyzes security requirements for new systemsapplications and vendors.

• Recommends additional security measures andcontrols.

• Identifieshardware and software that are nearing the end ofsupport.

• Promotes aculture of security awareness through training education andongoing communication.

• Reviews violations of security processes andprocedures.

• Keeps abreastof security best practices new or improved security technologiesand cyberthreat intelligence and attackvectors.

• Monitors andrestricts sensitive confidential or highsecurity dataaccess.

• Participates incyberbased risk assessments audits tests and assessments to ensurethe proper functioning of data processing activities and securitymeasures.

• Helps toenforce security policies and procedures.

Monitors the environment to ensure that applicablesecurityrelated compliance frameworks are being followed.

• Works effectively in a team atmosphere toperform duties and achieve daily operationalgoals.

• Meets productivitystandards in accordance with Wellbys confidentiality policies andorganizational values.

• Responsible for all information concerning theBank Secrecy Act including:

• Reporting all suspicious activity to the BSAOfficer.
• Attending required annual BSAtraining.

• Performs otherrelated duties as assigned.
  Knowledge Skillsand Abilities(KSA)
  
  • Knowledge ofWellbys organizational functions and general operating policies andprocedures.
  • Knowledge of systems/computer fieldincluding application design hardware software and capabilities andlimitations.
  • Knowledge of network securityresources such as intrusion prevention network access control portsecurity and network isolationtechniques.
  • Knowledge of endpoint threatdetection and preventiontechnologies.
  • Knowledge and understanding withSIEM platforms.
  • Knowledge and understanding ofdata loss prevention and data governancetools.
  • Knowledge and understanding ofopensource penetration tools and threathuntingplatforms.
  • Knowledge and understanding ofTCP/IP networking routing ACLs and networkdevices.
  • Knowledge of common programminglanguages is encouraged.
  • Ability to work in afastpaced team environment with exceptional member serviceskills.
  • Ability to communicate clearly andconcisely orally and in writing.
  • Ability tomotivate others and to work in a large crossfunctional teamdynamic.
  • Ability to efficiently understand andfollow oral and written instructions perform routine duties withoutclose supervision and establish and maintain effective workingrelationships with other team members.
  • Abilityto coordinate several concurrent activitiessimultaneously.
  • Ability to explain technicalinformation in understandable language to nontechnical teammembers.
  • Ability to develop interpret and applyprogramregulations.
    
  
  SupervisoryResponsibilities
  
  • Teammember has no supervisoryresponsibilities.
    
  
  Complexity& Scope of Work
  
  • Theteam member performs a number of routine and generally relatedtasks without supervisory direction.
  • The teammember may make decisions regarding unusual circumstances onoccasion.
  • Tasks may occasionally have to becoordinated integrated and/orprioritized.
  • Courses of action are determinedby established procedures and/or the Director ofCybersecurity.
  • The team members work isreviewed periodically for accuracy completion and compliance withWellbys policies and procedures.
  • The teammember uses independent judgment in makingdecisions.
    
  
  PhysicalDemands & WorkEnvironment
  
  • Thephysical demands and work environment characteristics describedhere represent those that a team member must meet to perform theessential functions of this position successfully. Reasonableaccommodations may enable individuals with disabilities to performessential functions.
  • To perform this jobsuccessfully the team member is frequently required to remain in astationary position 50% of the time. Daily movements includesitting standing reaching and grasping; operating computers andother office equipment; moving about the office; and attendingpossible onsite and offsite meetings.
  • The teammember must be able to exchange information in person in writingand via telephone. Some degree of stress results from contact withmanagement and other team members.
  • The abilityto observe details at close range (within a few feet of theobserver).
  • Must be able to occasionally liftitems weighing up to 15 pounds across the office and load them ontoshelves for various needs.
  • The noise level inthe work environment is usually moderate.
  • Workinvolves the typical risks and discomforts associated with anoffice environment but is usually in an adequately cooled heatedlighted and ventilatedarea.
    
  
  MinimumQualifications
  
  • Bachelorsdegree isrequired.
    
  • Minimumthree (3) to five (5) years of experience in information securityor information technology. One year of relevant work experience maybe substituted for one year of requirededucation.
  • One or more currentindustryrecognized information security certifications are highlydesirable.
  • Bondable