IT Security Analyst II

Position Summary:

The IT Security Analyst II primary role will be to utilize resources and tools to help protect Wellbys computer networks and information. This is accomplished by providing the highest quality experience for internal and external members. Also the role is responsible for ensuring security events are contained and remediated by enforcing security policies through monitoring systems and bringing security awareness education to team members. The analyst works closely with all Information Technology functions business units and the IT management teams to ensure risks uphold the confidentiality integrity and availability of the Wellbys information assets are mitigated.

Principal Duties and Responsibilities

• Willingness and ability to exhibit Wellbys Core Values every day.

• Works with purpose and is driven to provide the best team member experience.

• Monitors security information and event management (SIEM) tools to detect and respond to security incidents indicators of compromise and breaches.

• Analyzes security incidents indicators of compromise and breaches to determine their impact origin and resolution.

• Coordinates with IT teams and vendors to address and mitigate identified security threats.

• Conducts vulnerability assessments penetration tests and system hardening assessments to identify and address security weaknesses on an ongoing basis.

• Monitors security patches and updates to ensure system integrity.

• Collaborates with IT teams and vendors to ensure secure configuration and deployment of systems and applications.

• Analyzes security requirements for new systems applications and vendors.

• Recommends additional security measures and controls.

• Identifies hardware and software that are nearing the end of support.

• Promotes a culture of security awareness through training education and ongoing communication.

• Reviews violations of security processes and procedures.

• Keeps abreast of security best practices new or improved security technologies and cyberthreat intelligence and attack vectors.

• Monitors and restricts sensitive confidential or highsecurity data access.

• Participates in cyberbased risk assessments audits tests and assessments to ensure the proper functioning of data processing activities and security measures.

• Helps to enforce security policies and procedures.

Monitors the environment to ensure that applicable securityrelated compliance frameworks are being followed.

• Works effectively in a team atmosphere to perform duties and achieve daily operational goals.

• Meets productivity standards in accordance with Wellbys confidentiality policies and organizational values.

• Responsible for all information concerning the Bank Secrecy Act including:

• Reporting all suspicious activity to the BSA Officer.
• Attending required annual BSA training.

• Performs other related duties as assigned.
  Knowledge Skills and Abilities (KSA)
  
  • Knowledge of Wellbys organizational functions and general operating policies and procedures.
  • Knowledge of systems/computer field including application design hardware software and capabilities and limitations.
  • Knowledge of network security resources such as intrusion prevention network access control port security and network isolation techniques.
  • Knowledge of endpoint threat detection and prevention technologies.
  • Knowledge and understanding with SIEM platforms.
  • Knowledge and understanding of data loss prevention and data governance tools.
  • Knowledge and understanding of opensource penetration tools and threathunting platforms.
  • Knowledge and understanding of TCP/IP networking routing ACLs and network devices.
  • Knowledge of common programming languages is encouraged.
  • Ability to work in a fastpaced team environment with exceptional member service skills.
  • Ability to communicate clearly and concisely orally and in writing.
  • Ability to motivate others and to work in a large crossfunctional team dynamic.
  • Ability to efficiently understand and follow oral and written instructions perform routine duties without close supervision and establish and maintain effective working relationships with other team members.
  • Ability to coordinate several concurrent activities simultaneously.
  • Ability to explain technical information in understandable language to nontechnical team members.
  • Ability to develop interpret and apply program regulations.
    
  
  Supervisory Responsibilities
  
  • Team member has no supervisory responsibilities.
    
  
  Complexity & Scope of Work
  
  • The team member performs a number of routine and generally related tasks without supervisory direction.
  • The team member may make decisions regarding unusual circumstances on occasion.
  • Tasks may occasionally have to be coordinated integrated and/or prioritized.
  • Courses of action are determined by established procedures and/or the Director of Cybersecurity.
  • The team members work is reviewed periodically for accuracy completion and compliance with Wellbys policies and procedures.
  • The team member uses independent judgment in making decisions.
    
  
  Physical Demands & Work Environment
  
  • The physical demands and work environment characteristics described here represent those that a team member must meet to perform the essential functions of this position successfully. Reasonable accommodations may enable individuals with disabilities to perform essential functions.
  • To perform this job successfully the team member is frequently required to remain in a stationary position 50% of the time. Daily movements include sitting standing reaching and grasping; operating computers and other office equipment; moving about the office; and attending possible onsite and offsite meetings.
  • The team member must be able to exchange information in person in writing and via telephone. Some degree of stress results from contact with management and other team members.
  • The ability to observe details at close range (within a few feet of the observer).
  • Must be able to occasionally lift items weighing up to 15 pounds across the office and load them onto shelves for various needs.
  • The noise level in the work environment is usually moderate.
  • Work involves the typical risks and discomforts associated with an office environment but is usually in an adequately cooled heated lighted and ventilated area.
    
  
  Minimum Qualifications
  
  • Bachelors degree is required.
    
  • Minimum three (3) to five (5) years of experience in information security or information technology. One year of relevant work experience may be substituted for one year of required education.
  • One or more current industryrecognized information security certifications are highly desirable.
  • Bondable