Apply on Employer Site

Woodforest National Bank · 2 months ago

Information Security Analyst Lead

TX - Operations Center-010025231 Grogans Mill Rd

Full-time

Onsite

Senior Level

7+ years exp

Woodforest National Bank is a privately owned bank focused on building relationships and serving communities. The Information Security Analyst Lead is responsible for analyzing information security systems, developing security measures, conducting vulnerability assessments, and ensuring compliance with regulations to protect the bank's information assets.

Banking

Responsibilities

Compliance:

· PCI - Work with external PCI QSA and multiple internal teams responsible for providing updated policies, evidence for PCI requirements. Achieve annual Report on Compliance (ROC)

· Ensure compliance with other regulations and privacy laws as applicable

Vulnerabilities:

· Lead vulnerability assessments, monitor systems, and ensure critical and high vulnerabilities are tracked, managed, and remediated within the documented SLA’s. Determine an action plan to reduce vulnerabilities and document exceptions based on risk acceptance

Breach and Attack Simulations:

· Lead team on developing, establishing, and analyzing threat simulation efforts to ensure deployed security solutions are being effective

· Assist team in ensuring findings are valid and actionable by ensuring cross team collaboration

Control Monitoring:

· Monitor, evaluate, and maintain systems and procedures to safeguard internal information systems, network, databases, and Web-based security

· Respond to alerts from information security tools. Report, investigate and resolve security incidents

Educate and communicate security requirements and procedures to all users. Participate in developing or updating Security related training

Research:

· Security trends, new methods, and techniques used in unauthorized access of data to preemptively eliminate the possibility of system breaches

· Contribute to annual review of policies and assist in keeping policies current

Qualification

Information Security AnalysisVulnerability AssessmentSecurity ComplianceNetwork SecuritySecurity CertificationsTechnical WritingProject ManagementInterpersonal SkillsSelf-StarterCommunication Skills

Required

7+ years' experience as an Information Security Analyst required

Exceptional verbal communication and technical writing skills with an ability to effectively interact with and convey information to people who possess varying levels of understanding on applicable topics

Knowledge of security controls, data ownership and classification, threat management, and risk management

Solid understanding of information security practices, systems, and standards

Strong technical and troubleshooting skills with broad knowledge of Microsoft Office, Windows operating systems, networking, server administration and virtualization

Interpersonal skills to effectively manage relationships with other teams and departments

Advanced understanding of various network systems and related security applications

Strong organizational and project management skills with the ability to manage timelines and prioritize workload

Self-starter with the ability to work independently while supporting a team environment

Ability to work from a directive with little or no supervision; minimum rework required by supervisor

Intermediate understanding of assessing, utilizing, supporting, and maintaining logical and physical security architectures and technologies including but not limited to IPS/IDS, firewall, SIEM, VPN, anti-virus, email, web, data, video, physical access control hardware and related operating systems & supporting software

Preferred

Bachelor's degree in Information Systems, Computer Science or a related discipline preferred, or an equivalent amount of directly related work experience

One or more of the following certifications is preferred: Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA)