Information Security Analyst (HYBRID, Richmond, VA)

The Information Security Analyst (ISA) will be responsible for protecting the organization’s computing infrastructure and applications.  Additionally, this role will assist in the daily computer network defense of the enterprise.  The ISA will analyze alerts and collaborate with peers to implement appropriate mitigations.  This position will also be the driving force behind system performance, incident response, and cyber defenses.  The ISA will accept ownership of and accountability for information security monitoring and response.  This position reports to Information Security management.

Position Accountabilities:

• Perform security event/alert monitoring and analysis. Remediate incidents and escalate as required.
• Perform daily monitoring and analysis of suspicious activity including IaaS cloud, email, and network traffic.
• Work with security analysts, engineers, and cloud architect to maintain, tune, and monitor Information Security platforms/defenses.
• Cross-train with other Information Security Analysts/Engineers and provide backup for other team members.
• Investigate and resolve security violations by providing postmortem analysis to illuminate the issues and possible solutions.
• Conduct technical compliance assessments by comparing system posture against defined standards.
• Guide control owners in establishing operational processes and controls for SaaS solutions operating in a cloud provider.
• Create and maintain Information Security procedures as needed.
• Perform Information Security reporting. Provide SLA metrics.
• Implement or coordinate remediation required by audits, and document exceptions as necessary.
• Review, assess, and mitigate penetration tests and vulnerability assessments on information systems and infrastructure.

Organizational Relationship:

This position reports to Information Security management.

Position Qualifications:

Education & Experience:

• Minimum of two years of IT security experience;
• Experience in performing technical security assessments;
• Experience with cloud security and working with cloud providers (GCP, MS Azure, AWS, Snowflake)
• Bachelor's degree in information systems, computer science, communications, or equivalent work experience.

Knowledge & Skills:

• The ideal candidate will have a strong analytical mindset, eager to learn, and have a strong ability to teach others.
• Excellent communication skills, including written, verbal, and design skills with demonstrable competence and experience in clearly explaining complex information security concepts and technologies for both technical and non-technical audiences.
• Excellent relationship-building and influencing skills in all mediums and throughout all levels of the organization.
• General knowledge of information security principles, including risk assessment and management, cloud computing services/deployment architecture, incident response, and access management.
• Strong analytical and problem-solving skills to enable effective security incident and problem resolution.
• Ability to work well under minimal supervision.
• Experience defending enterprise networks preferred.
• Industry certification such as CIA, CRISC, CISSP, CISA, or cloud platform certification preferred.
• Must be able to learn, understand, and apply new technologies.
• Demonstrable knowledge of the policies and principals of information handling and protection.
• Familiarity with applicable legal and regulatory requirements, including, but not limited to, the U.S. Sarbanes-Oxley Act and FFIEC Information Security Guidelines.

Salary offered will be based on several factors including but not limited to education, work experience, certifications, etc. This position is also eligible to participate in either an applicable incentive compensation plan for the position or a discretionary profit sharing bonus program. General information on our comprehensive benefits package can be found by visiting https://www.atlanticunionbank.com/about/careers/benefits.

We are proud to be an EEO/AA employer, Minority/Female/Disability/Veteran. We maintain a drug-free workplace.