Cyber Security Analyst

What Is MyBambu?

MyBambu is a financial institution delivering the first all-in-one mobile digital banking solution targeting the Hispanic unbanked and underbanked population. The mission of MyBambu is to promote financial inclusion to the unbanked and underbanked by providing an array of financial solutions delivered via mobile devices. We give an overlooked audience a convenient, safe, and cost-effective way of managing their finances. MyBambu’s objective is to promote financial literacy and access to unbanked/underbanked individuals, who have previously been left behind. In 2020, we were honored to be recognized as FIS’s Impact Award winner for innovation in the next frontier of the Modern Banking Platform. We’ve fostered a company culture that empowers people to do the most defining work in their career offering an environment that’s made up of a passionate and goal-oriented team.

MyBambu participates in E-verify and will provide the Social Security Administration (SSA) and, if necessary, the Department of Homeland Security (DHS), with information from each new hire’s Form I-9 to confirm work authorization.  Find out more information: E-Verify Participation Poster or Right to Work Poster.

Your Opportunity:

This position is a full-time, in-person position reporting to the Chief Marking and Operations Officer. As the Cyber Security Analyst, you will be responsible for protecting our digital assets, monitoring for security breaches, and implementing effective security measures. This role requires a thorough understanding of cybersecurity principles and practices, particularly in the fintech sector, along with proficiency in various security tools and technologies.

Job Responsibilities:

• Threat Monitoring: Continuously monitor security alerts and incidents using Security Information and Event Management (SIEM) tools such as Splunk and IBM QRadar.
• Incident Response: Respond to and investigate security incidents using tools like Palo Alto Networks, CrowdStrike, and FireEye.
• Vulnerability Management: Conduct regular vulnerability assessments and penetration testing using Nessus and OpenVAS and collaborate with IT teams to remediate identified vulnerabilities.
• Network Security: Implement and manage firewalls, intrusion detection/prevention systems (IDS/IPS), and network access control (NAC) solutions from vendors like Cisco and Fortinet.
• Endpoint Security: Deploy and maintain endpoint protection solutions, including antivirus software and Endpoint Detection and Response (EDR) tools, such as Symantec, McAfee, and Carbon Black.
• Data Protection: Ensure data security and compliance with regulatory requirements using encryption tools, Data Loss Prevention (DLP) solutions, and other data protection technologies like Digital Guardian and Varonis.
• Identity and Access Management: Manage and monitor Identity and Access Management (IAM) systems, including multifactor authentication (MFA) solutions like Okta and Duo.
• Security Policies: Develop, implement, and enforce security policies, procedures, and standards to protect sensitive information and maintain compliance with industry regulations such as GDPR, PCI-DSS, and SOC 2.
• Security Awareness Training: Conduct security awareness training for employees using platforms like KnowBe4 and Proofpoint.
• Risk Assessment: Perform regular security risk assessments and audits to identify potential threats and vulnerabilities and recommend appropriate risk mitigation strategies.
• Documentation and Reporting: Maintain comprehensive documentation of security incidents, procedures, and compliance efforts, and prepare detailed reports for management and regulatory bodies.

Skill and Abilities:

• Technical Proficiency: Strong technical skills in cybersecurity tools and technologies, including SIEM, EDR, IDS/IPS, firewalls, and encryption.
• Analytical Thinking: Excellent analytical and problem-solving skills to identify and mitigate security threats effectively.
• Communication: Strong written and verbal communication skills, with the ability to convey complex security concepts to non-technical stakeholders.
• Attention to Detail: Keen attention to detail to ensure the accuracy and completeness of security assessments and reports.
• Adaptability: Ability to stay current with emerging security trends and technologies, and adapt to a fast-paced, dynamic environment.
• Team Collaboration: Strong interpersonal skills and ability to work collaboratively with cross-functional teams.

Job Requirements:

• Spanish and or Creole is a plus but not required.
• Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field.
• Minimum of 3 years of experience in cybersecurity, preferably in the fintech or financial services industry.
• Relevant certifications such as Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), CompTIA Security , or Certified Information Security Manager (CISM) are highly desirable.
• Proficiency with cybersecurity tools such as Splunk, IBM QRadar, Palo Alto Networks, CrowdStrike, FireEye, Nessus, OpenVAS, Cisco, Fortinet, Symantec, McAfee, Carbon Black, Digital Guardian, Varonis, Okta, Duo, KnowBe4, and Proofpoint.
• Understanding of industry regulations and compliance requirements, including GDPR, PCI-DSS, and SOC 2.

Physical Requirements: 

• Prolonged periods sitting at a desk and working on a computer.
• Must be able to lift up to 15 pounds at times.

Bambu Benefits:

• Excellent medical coverage.
• Fifteen (15) days of Paid Time Off.
• Seven (7) days of Paid Holidays.
• Our small family corporate culture.