Full-time
Information Security Analyst - BAC Florida Bank - Coral Gables, FL

OVERVIEW: The above position’s role within the Bank is to assist with the management and oversight of the Information & Corporate Security Program (ICSP). The main objective of these programs is to protect the Bank and its customers non-public information (NPI) and information assets (systems, software) as well as physical assets and employees from external as well as internal threats. This position working under the management of the Information and Corporate Security Officer, under the Risk Management area.High Level Duties & Responsibilities:Assist with the oversight and management of the following high-level programs:Information Security ProgramThird Party ManagementUser Access ReviewsPhysical SecurityAssist with the management and oversight the Information Security Program to include (not limited to):Assist with the monitoring and reviewing of Logical Access Controls, to ensure they are performing as intended (Management, Authentication, Authorization, and Protection)Processes in place to add, modify or delete employee, member or third party access privileges at the network, operating system, application and database levelsMethods used to authenticate users (passwords, tokens, smart cards, certificates, etc.)System capabilities, such as update versus read-only accessRole-based access and functional segregation of dutiesUse of encryption during the input, transmittal and storage of sensitive dataAssist with the monitoring and reviewing of Physical Access ControlsProcesses designed to limit access to the computing resources, data centers, servers, workstations, etc., to prevent data tampering, loss or theft.Devices might include badges, access cardsAssist with the monitoring and reviewing of Administration Procedures and ControlsProcesses designed to limit access to the computing resources, data centers, servers, workstations, etc., to prevent data tampering, loss or theft.Devices might include badges, access cardsAssist with the monitoring and the use of Bank Computing Assets by employeesPolicy & Procedures on the appropriate use of electronic mail, the Internet, and organizational assets by employees.Assist with the monitoring and reviewing of Network and Communication SecurityProcedures on the hardware and system software “defences” to be used by the organization to monitor, detect and report unauthorized attempts to access internal systems. These might include firewall implementation, configuration and monitoring, intrusion detection and incident response proceduresAssist with the monitoring and reviewing of Server /Desktop Computer SecurityAssist with the monitoring and reviewing of Third Party Management ProgramAssist with the management and delivery of Security Awareness TrainingAssist with the management and reviewing of bank processes and procedure to ensure compliance with FFIEC/GLBA/FDIC RegulationsAdditional items be to be considered as part of the role: Web Server Configuration(s);Operating, Network, Application and Database System Security Configurations;Checkpoint Firewall Configurations (rule bases, configuration, etc.);Router/Switch Configurations;Physical Security Access Controls Reports;Monitoring & Alerting Reports;Assist with maintaining all documents to evidence the effectiveness of the ISO programAssist with the preparation any Board reportsPart of Risk Management team & structureJob Requirements:Basic understanding and introductory experience in internal controls over systems, networks and data base management.Good working understanding of Information Technology operations, communications, software management and security over those operations.Understanding of the security management over hard assets such as computers, laptops and desktops.Minimum of a Bachelor of Science in Information Technology, Information Security, or closely related field of study.Certification in the following would be preferable:Security+: CompTIA Security+MCP: Microsoft Certified ProfessionalLanguage Skills: English and SpanishNote: This preceding job description has been designed to indicate the general nature and level of work performed by employees within this classification. It is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities, and qualifications required of employees assigned to this job.Equal Opportunity/Affirmative Action Employer, M/F/V/DSearch for this job, NO EMPLOYMENT AGENCIES, HEAD HUNTERS, EXECUTIVE SEARCH FIRMS OR REPRESENTATIVE CALLS PLEASE.Job Type: Full-timeExperience:Regulations: 1 year (Preferred)Evidence: 1 year (Required)Information Security: 1 year (Preferred)Procedure: 1 year (Preferred)Benefits offered:Health insuranceDental insuranceEducation assistance or tuition reimbursementRetirement benefits or accountsPaid time offGym memberships or discountsOthers

Expired, click here to search for relevant jobs

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.com, you agree to our use of cookies.