What are the responsibilities and job description for the Corporate Security Risk Analyst position at Ion Bank?
Purpose
Support the Chief Information Security Officer/Corporate Security Officer in all their duties. The position would be responsible for supporting the Bank’s Corporate Security and Information Security Program through support of security cameras, alarm systems, and other in-branch security services including corporate security awareness training. The position is also involved with the completion of information security risk assessments, review of the organization’s security and access reports and investigating anomalies.
Key Result Areas
· Ensure all security cameras are functioning and properly maintained.
· Respond to alarm system alerts.
· Work with all corporate security partners to ensure proper installation and function of all security equipment and services.
· Deliver corporate security awareness training on a regular basis.
· Ensure adequacy for data security activities such as documentation, classification, regulatory compliance, and the implementation of data security controls.
· Assist in developing, reviewing, and implementation of all information security policies, standards, and procedures.
· Assist the CISO/CSO with complex IT Security projects to include project planning, execution, timing, functionality, quality, and cost.
· Perform ongoing risk and vulnerability analysis as a means of generating useful metrics for measuring the effectiveness of the Corporate Security and Information Security Program.
· Responsible for reviewing access controls and monitoring of security reports.
· Support business stakeholders and Information Technology in the development of risk response plans.
· Maintain current knowledge of systems and technologies as well as acquiring knowledge of emerging technologies, risks, and trends.
· Assist with incident response and all audits and exams.
Essential Functions - may include, but are not limited to:
· Employee is required to attend work
· Employee will be required to travel to all corporate facilities on a regular basis
· Ensure company service standards are continually achieved in areas of responsibility
· Participate with all lines of business in the development and implementation of a
comprehensive information security compliance program including corporate security and information security training and testing.
· Coordinate alarm maintenance with branches and vendor
· Maintain branch security reports
· Assist with robbery training development and delivery
· Review alarm by-pass reports and confirm appropriateness
· Monitor system log files for exception processing and reporting to management.
· Ensure adequacy for corporate security activities and data security activities such as documentation, classification, regulatory compliance (GLBA, HIPAA), and the implementation of data security controls. This position establishes accountability for data security and consistent application of data security controls, resulting in reduced risks to customer and corporate data.
· Assist in the development, review and implementation of all corporate security policies, standards and procedures.
· Assist the CISO/CSO with planning and direction of corporate security reviews
· Assist in the design, development, engineering, and implementation of corporate security solutions for all bank locations.
· Prepare write-ups for incidents and exceptions, which includes maintaining the banks audit logs.
· Provide regular status updates and prepare presentations as requested.
Compliance
· Knowledge of Bank policies and procedures, State and Federal laws and regulations
· Responsible for compliance regulations related to this position and receiving appropriate training including but not limited to:
Annually
Ø Right to Financial Privacy Act
Ø Reg. H – Bank Protection Act
Ø Information Security Standards (GLB) (Including Data Protection Act)
Ø Reg. P – Privacy of Consumer Financial Information
Ø Bank Secrecy Act (BSA)
Ø Office of Foreign Assets Control (OFAC)
Ø USA Patriot Act
Ø Fair and Accurate Credit Transaction Act (FACTA)
Ø Reg. BB – Community Reinvestment Act (CRA)
Ø Disaster Recovery Act and Business Continuity Plan
Other Functions
· Entre user access administration
· Verint EdgeVMS Vid Center user
· Maintain thorough working knowledge of all personal computer system capabilities and documentation
· Insight Administrator
· Perform other duties as requested
*The above is a description of the ordinary duties of the position. It should be expected that from time to time other duties, both related and unrelated to the above, may be assigned and, therefore, required.
Education and Experience
· Bachelors degree in computer science or a related field, or the equivalent in experience; plus three to five years of information technology experience, preferably in a financial institution, with a focus on information security.
· Experience in security aspects of multiple platforms, operating systems, software, and network protocols.
· Strong interpersonal skills including verbal, written, and technical communication. Must be able to discuss complex security issues at all levels of management.
· Strong analytical skills with the ability to apply creative thinking and balanced approaches to solving complex business problems.
· Banking or Financial Services experience in understanding regulatory and fiduciary responsibilities as well as security, recovery and control issues affecting customer financial transactions required.
· Thorough working knowledge of multiple technology platforms.
· Experience with current approaches to information security as well as traditional access control and auditing techniques is needed to properly advise management and business lines in the selection of security hardware and software; especially, in the areas where emerging technology is being used to support business objectives.
· Ability to prioritize multiple tasks and to collaborate on cross functional projects.
· Self-motivated with the ability to work independently or as a leader in a team environment.
Equipment and Software
· Working knowledge of Information Technology concepts, hardware (server, network, etc.), core software (operating systems, databases, etc.); operational practices (identity management, change control, asset management, etc.) and related security capabilities (firewall, IDS/IPS, SIEM, DLP, etc.)
· Working knowledge of Microsoft O365
Physical Qualifications
· frequently work or visits to all corporate facilities
· ability to extend one’s arm(s) in any direction
· ability to sit or stand in an erect position
· ability to manipulate small objects precisely by whatever means
· ability to express or exchange ideas by means of the spoken word, both speak and hear
· ability to be subject to substantial repetitive motions of the body or its parts
· ability to lift up to 20 pounds occasionally and/or a negligible amount of lifting frequently or constantly to move objects
Other Qualifications
· Knowledge of Bank policies and procedures, State and Federal regulations
· Ability to add, subtract, multiply, and divide all units of measure; to perform the four operations with common decimals and fractions; to perform arithmetic operations involving all American monetary units
· Ability to perform under stress when confronted with emergency, critical, or unusual situations
· Ability to perform a variety of duties, often changing from one task to another of a different nature without loss of efficiency or composure
· Ability to exchange information with others clearly and concisely, to present ideas, facts, and technical information
· Ability to maintain relationships that facilitate task accomplishment; to cooperate and
· resolve conflicts; to recognize needs and be sensitive to others
· Ability to receive guidance and supervision; follow work rules, work procedures; meet deadlines, punctuality and attendance standards, etc.
· Ability to systematically identify and define problems, evaluate alternatives, and implement cost effective solutions
· Ability to identify task requirements and monitor progress toward accomplishment
___________________________________________________________________
Consider this description the foundation of your job, not its boundaries. Expect to participate in training sessions and activities not described here which enhance the quality of service to the customer.
__________________________________________________________________
Security Guard Full Time
Arrow Security -
New Haven, CT
Security Guard Full Time
Arrow Security -
Woodbridge, CT
Security Supervisor
Maximal Security Services -
New Haven, CT