We are seeking an experienced security analyst to join our growing organization! The Senior Information Security Analyst position is tasked with designing, developing, administering and tuning security event monitoring and intrusion detection related systems while providing support for new analytic methods for detecting threats. The Senior Analyst will maintain knowledge on the latest intelligence and attack methodologies to take corrective actions during security incidents and is the second level escalation point for corrective action on security events. Examines Big Data for patterns of malicious or unwanted activities in the enterprise.

This person must also have strength in application security.

DUTIES AND RESPONSIBILITIES:

• Designing, developing, administering and tuning security event monitoring and intrusion detection related systems including the development of correlation searches, dashboards and reports for Management and Regulatory bodies. Tunes systems if false positives are found. Develops performance metrics, trend statistical data and customized management reports for Audit, Regulatory Exams, Committee and Board reports. Consults with all departments within IT to determine how to onboard security monitoring in new technologies being introduced or upgraded in the enterprise.
• Take corrective action using the SANS stages of incident response (Preparation, Identification, Containment, Eradication, Recovery, Lessons Learned) as well as advises on remediation activities on security events escalated from Information Security Administrators and Analysts. Keeps management aware of incident status while performing deep-dive analysis by correlating data from various sources to determine if a critical system or data set has been impacted all while creates necessary Incidents, Major Incidents or Problems following the internal ITIL Processes. Communicates potential security exposures, misuse or noncompliance situations to the Information Security Manager or Information Security Officer.
• Monitors and maintains knowledge on new security trends and technologies to better position detective and preventative controls to minimize risks associated with security breaches.
• Provides guidance and education to organization employees on the concepts and needs of a security conscience culture to achieve compliance according to regulatory requirements, bank policy and industry standard to promote high levels of security knowledge or awareness.

QUALIFICATIONS:

• 5+ years’ experience working in Information Technology is required.
• 2+ years’ experience in Information Security Operations is required.
• Bachelor’s Degree 
• A high level (CISSP or equivalent) certification is preferred.
• Expertise of operation security technologies such as firewalls, intrusion detection/prevention, and other security systems.
• Testing experience as relates to application security

KNOWLEDGE, SKILL, ABILITY:

• Familiarity with end user support, and other industry-standard techniques and practices.
• Ability to present ideas in business-friendly and user-friendly language.
• Proven analytical, troubleshooting, and problem-solving abilities with a keen attention to details.
• Strong instinct to react quickly to arising problems.
• Proven ability to effectively prioritize and execute tasks.
• Strong organizational, customer service, communication and decision-making skills.
• Professional verbal and written communication skills and strong technical documentation skills.
• Ability to work with internal and external attest staff during audits, examinations and/or reviews.
• Strong interpersonal skills, and must use considerable tact, diplomacy, and judgment.
• Highly self-motivated and self-directed.

$80,000 -  $110,000 plus Great Benefits, Includes relocation assistance