Information Security Analyst
Performed a variety of analytical and support activities for the information security function including maintaining information security policies and managing content updates, coordinating and preparing information security dashboard and metrics, monitoring and reviewing daily logs and Help Desk tickets, assisting on internal and external audits, annual IT risk assessments, incident responses, security awareness training and related activities.
- Participated in IT security functions, evaluating and monitoring information security standards, protocols, and controls are in place and operating effectively in accordance with regulatory requirements and guidelines.
- Assisted in the support and preparation of IT systems and applications risk assessments.
- Reviewed, updated, and maintained all IT and Information Security policies to comply with financial institution regulatory requirements. Tracked and monitored that employees sign policies indicating that they read and agree to abide by policy provisions. Followed up with employees as needed, and respond to questions and concerns related to the policy. Elevated issues as needed to management.
- Documented incident response findings for reported customer and internal information security breaches.
- Supported information security projects that address regulatory compliance gaps.
- Analyzed FFIEC Information security monitoring functions such as daily log reviews, help desk tickets, participation in the semi-annual access re-certifications, physical security walkthroughs and DB audits. Prepared reports as needed.
- Assisted with Third party information security risk assessments.
- Assisted with the employee security awareness program, and new hire orientation.