IT Security Analyst II
Wellby
It's fun to work in a company where people truly BELIEVE in what they're doing!
We're committed to bringing passion and customer focus to the business.
Position Summary:
The IT Security Analyst II primary role will be to utilize resources and tools to help protect Wellby's computer networks and information. This is accomplished by providing the highest quality experience for internal and external members. Also, the role is responsible for ensuring security events are contained and remediated by enforcing security policies through monitoring systems and bringing security awareness education to team members. The analyst works closely with all Information Technology functions, business units, and the IT management teams to ensure risks uphold the confidentiality, integrity, and availability of the Wellby's information assets are mitigated.
Principal Duties and Responsibilities
•Willingness and ability to exhibit Wellby's Core Values every day.
•Works with purpose and is driven to provide the best team member experience.
•Monitors security information and event management (SIEM) tools to detect and respond to security incidents, indicators of compromise, and breaches.
•Analyzes security incidents, indicators of compromise, and breaches, to determine their impact, origin, and resolution.
•Coordinates with IT teams and vendors to address and mitigate identified security threats.
•Conducts vulnerability assessments, penetration tests, and system hardening assessments to identify and address security weaknesses on an ongoing basis.
•Monitors security patches and updates to ensure system integrity.
•Collaborates with IT teams and vendors to ensure secure configuration and deployment of systems and applications.
•Analyzes security requirements for new systems, applications, and vendors.
•Recommends additional security measures and controls.
•Identifies hardware and software that are nearing the end of support.
•Promotes a culture of security awareness through training, education, and ongoing communication.
•Reviews violations of security processes and procedures.
•Keeps abreast of security best practices, new or improved security technologies, and cyber-threat intelligence and attack vectors.
•Monitors and restricts sensitive, confidential, or high-security data access.
•Participates in cyber-based risk assessments, audits, tests, and assessments to ensure the proper functioning of data processing activities and security measures.
•Helps to enforce security policies and procedures.
Monitors the environment to ensure that applicable security-related compliance frameworks are being followed.
•Works effectively in a team atmosphere to perform duties and achieve daily operational goals.
•Meets productivity standards in accordance with Wellby's confidentiality policies and organizational values.
•Responsible for all information concerning the Bank Secrecy Act, including:
- Reporting all suspicious activity to the BSA Officer.
- Attending required annual BSA training.
Knowledge, Skills, and Abilities (KSA)
- Knowledge of Wellby's organizational functions and general operating policies and procedures.
- Knowledge of systems/computer field, including application design, hardware, software, and capabilities and limitations.
- Knowledge of network security resources such as intrusion prevention, network access control, port security, and network isolation techniques.
- Knowledge of endpoint threat detection and prevention technologies.
- Knowledge and understanding with SIEM platforms.
- Knowledge and understanding of data loss prevention and data governance tools.
- Knowledge and understanding of open-source penetration tools and threat-hunting platforms.
- Knowledge and understanding of TCP/IP, networking, routing, ACLs, and network devices.
- Knowledge of common programming languages is encouraged.
- Ability to work in a fast-paced team environment with exceptional member service skills.
- Ability to communicate clearly and concisely, orally and in writing.
- Ability to motivate others and to work in a large cross-functional team dynamic.
- Ability to efficiently understand and follow oral and written instructions, perform routine duties without close supervision, and establish and maintain effective working relationships with other team members.
- Ability to coordinate several concurrent activities simultaneously.
- Ability to explain technical information in understandable language to non-technical team members.
- Ability to develop, interpret and apply program regulations.
- Team member has no supervisory responsibilities.
- The team member performs a number of routine and generally related tasks without supervisory direction.
- The team member may make decisions regarding unusual circumstances on occasion.
- Tasks may occasionally have to be coordinated, integrated, and/or prioritized.
- Courses of action are determined by established procedures and/or the Director of Cybersecurity.
- The team member's work is reviewed periodically for accuracy, completion, and compliance with Wellby's policies and procedures.
- The team member uses independent judgment in making decisions.
- The physical demands and work environment characteristics described here represent those that a team member must meet to perform the essential functions of this position successfully. Reasonable accommodations may enable individuals with disabilities to perform essential functions.
- To perform this job successfully, the team member is frequently required to remain in a stationary position 50% of the time. Daily movements include sitting, standing, reaching, and grasping; operating computers and other office equipment; moving about the office; and attending possible onsite and offsite meetings.
- The team member must be able to exchange information, in person, in writing, and via telephone. Some degree of stress results from contact with management and other team members.
- The ability to observe details at close range (within a few feet of the observer).
- Must be able to occasionally lift items weighing up to 15 pounds across the office and load them onto shelves for various needs.
- The noise level in the work environment is usually moderate.
- Work involves the typical risks and discomforts associated with an office environment but is usually in an adequately cooled, heated, lighted, and ventilated area.
- Bachelor's degree is required.
- Minimum three (3) to five (5) years of experience in information security or information technology. One year of relevant work experience may be substituted for one year of required education.
- One or more current industry-recognized information security certifications are highly desirable.
- Bondable
For All Candidates:
This is a Full-Time, Salary (exempt) role.
Wellby is an equal opportunity and affirmative action employer and gives consideration for employment to qualified applicants without regard to race, color, religion, sex, national origin, age, disability, genetic information, sexual orientation, gender identity or expression, pregnancy, veteran status, or any other legally protected characteristic. If you would like more information about your EEO rights as an applicant under the law, please contact Human Resources.
Wellby provides equal opportunity to qualified individuals with disabilities and disabled veterans. If you need reasonable accommodation, please email [email protected] or call 281-###-#### for assistance.
Disclaimer
The statements herein are intended to describe the general nature and level of work being performed by team members and are not to be construed as an exhaustive list of responsibilities, duties, and skills required of personnel so classified. Furthermore, they do not establish a contract for employment and are subject to change at the discretion of the Company.
About Us
WellbyCompany Information
WellbyWebster