POSITION: INFORMATION SECURITY ANALYST
Report to the IT Security Manager and provide support to identify and remediate security threats and vulnerabilities as well as being involved in other aspects of networking and security. Assist in the management of key security reporting systems including patch, vulnerability, firewall, SIEM, NGAV, Active Directory monitoring, file data monitoring & classification software and audit log management programs. Also, assist in the development and maintenance of Information Technology compliance policies and procedures on existing and new systems.
Key Result Areas:
Investigate and respond to system alerts generated by firewall, IDS/IPS, NGAV, SIEM, Active Directory monitoring. Work with vendors as necessary to resolve issues
Provide support for the implementation of the Bank’s NGAV program including installing and troubleshooting client installs, reviewing weekly and monthly agent status and scan reports, responding to real-time alerts, and assisting with documentation
Assist with the implementation of the Bank’s security systems including review of logs and reports from various tools such as firewall, IDS/IPS, NGAV, SIEM and event log monitoring
Schedule internal and external vulnerability scans and provide investigation and remediation efforts. Additionally, provide follow-up documentation as required by department and risk procedures
Assist with the administration of security systems and asset inventory tool including collection and management of data and running reports as necessary
Assist with procedure development and documentation of various IT Security systems.
Provide IT security related end-user support
Establish and maintain effective working relationships with other employees, vendors and customers
Perform additional duties as required
Associate degree in Information Security, Information Technology, or other subject matter area with a minimum of 3 years IT Security experience. IT Security / Cybersecurity certifications and Microsoft Certifications a plus
Experience with deployment, management and reporting of compliance and security systems including network-based patch management, firewall, IDS/IPS, vulnerability and security event log management systems
Understanding of PC and Local Area Network (LAN) technologies. 1 – 3 years of experience working with network management tools with a focus on security systems preferred.
Experience with Active directory and Windows server management from a compliance and vulnerability management perspective
Analytical skills with proven problem-solving ability is a must. Experience with threat hunting and/or anomaly investigations is a plus
Demonstrated extensive organizational, communication and interpersonal skills required. Experience working with financial regulatory agencies and 3rd party auditors is a plus.
Highly motivated self-starter with the ability to work independently
Experienced in the use of Microsoft Office applications required and experience with end-user support for Microsoft Office applications is preferred
Ability to work flexible work schedule, i.e., weekends and evenings as needed
The above description covers the most significant responsibilities but does not exclude other occasional responsibilities and accountabilities, the inclusion of which would be in conformity with the major purpose of this job.
About Cambridge Savings Bank:
Cambridge Savings Bank is a full-service financial institution with approximately $5 billion in assets that is committed to improving the quality of life in the communities it serves. One of the oldest and largest community banks in Massachusetts, Cambridge Savings Bank offers a full line of individual and business banking services and has branches located in Arlington, Bedford, Belmont, Burlington, Cambridge, Charlestown, Concord, Lexington, Melrose, Newton, and Watertown.
Cambridge Savings Bank is an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status, or any other characteristic protected by law. We are a VEVRAA Federal Contractor.