Equal Employment Opportunity/M/F/disability/protected veteran status
Supports information security policies and execution of the Information Security Program. Performs user access management and monitoring of security controls to ensure the integrity, confidentiality, and availability of the bank's information assets.
Work Location: Hybrid
The Information Security Team works in a hybrid model with flexibility to manage in-office and WFH days. Candidates within a reasonable commuting distance who are able to fulfill a hybrid model are encouraged to apply.
Performs any functions necessary, within the scope of authority and expertise, to provide the highest level of service and responsiveness to customers. Works with the Cybersecurity Manager to administer various components of the Information Security Program.
- Perform periodic reviews of user access rights for systems, recommending process improvements as needed.
- Prepare and complete annual user access reviews with system owners.
- Assist with the development and maintenance of information security policies, standards, and guidelines.
- Perform daily operational tasks relating to network security monitoring including reviewing various security logs and reports for suspicious activity. Investigates anomalies, documents events, and ensures resolution.
- Assist with vulnerability management, network security, and configuration hardening.
- Review penetration test reports, and performs endpoint protection monitoring.
- Administer the Data Loss Prevention system, which includes incident handling and tuning policies to ensure that customer and bank confidential information is protected in accordance with regulatory requirements.
- Work with business units to ensure that the Business Continuity Plan is updated.
- Take part in Business Continuity, Disaster Recovery, and Incident Response exercises.
- Assist IT and application owners in completing application risk assessments.
- Monitor the threat landscape for changes and ensures that security controls adequately address changing attacks and threat vectors.
- Assist with developing and providing security awareness training for all employees to ensure consistently high levels of compliance with the bank's Information Security Program.
- Assist management with requests from auditors and examiners as needed and ensures timely remediation of information security related findings.
Perform related and unrelated duties as may be required.
- Bachelor's degree in computer science or cybersecurity or 1—2 years of consistent experience in information security preferably within a financial institution.
- CISM, CySA+, Network/Security+ or other information security certification is a plus.
- Practical experience with security frameworks and technologies such as Active Directory, DLP, SIEM, EDR, IDS/IPS, spam filters, firewalls.
- Strong working knowledge of data privacy, data handling, and data classification.
- Excellent critical thinking and analytical skills.
- Strong communication and collaboration skills.
- Ability to adapt to technology and regulatory changes.
- Time management and organizational skills, and the ability to achieve goals while working independently.
Avidia Bank is an Equal Opportunity Employer/Veterans/Disabled