Cybersecurity Analyst
Apply NowCompany: Merrimack Valley Credit Union
Location: Lawrence, MA 01841
Description:
FUNCTIONAL SUMMARY: Under the direction of the Vice President of Information Security, the Cybersecurity Analyst will be responsible for analyzing and monitoring computer networks and systems for security vulnerabilities and breaches. The Analyst is expected to use a range of tools and techniques to identify, assess, and prioritize security risks and provide recommendations for mitigation and remediation. Works closely with members of the Information Security, Risk, and Information Technology teams to ensure the overall security of the Credit Union.
RESPONSIBILITIES:
1. Monitor computer networks and systems for security breaches, incidents, and vulnerabilities.
2. Identify and prioritize security risks, vulnerabilities, and threats and develop plans to mitigate them.
3. Develop and implement security procedures and controls to ensure compliance with industry standards and regulations.
4. Provide Information Security reports and results for management and stakeholders as well as clearly communicating findings as required.
5. Conduct security audits and assessments of network infrastructure, applications, and systems.
6. Work with members of the Information Technology team to implement and maintain security technologies, such as firewalls, intrusion detection system, and security information and event management (SIEM) tools.
7. Stay up to date with the latest security threats, technologies, and trends to provide recommendations for continuous improvement.
8. Familiar with IAM and PAM solutions.
9. Assist in physical security activities as required.
10. Participate in incident response and disaster recovery activities.
11. Assist the Information Security and Training teams with the development and delivery training programs for employees to increase security awareness and promote best practices.
12. Investigate and analyze potential security breaches to determine the root cause and impact on the organization.
QUALIFICATIONS:
1. Bachelor's degree or equivalent experience required.
2. Four (4) years of experience in cybersecurity analysis or related field is preferred.
3. Security+, Network+, or equivalent certification is required.
4. Other relevant certifications such as CISSP, CISM, or CEH are preferred.
5. Knowledge of network and system security principles, protocols, and technologies. Includes: firewalls, intrusion detections systems, wireless systems and SIEM tools.
6. Excellent analytical and problem-solving skills.
7. Ability to work independently and in a team environment.
8. Experience with vulnerability assessment tools and techniques.
9. Familiarity with security frameworks and standards such as NIST, ISO 27001, FFIEC, CIS and PCI-DSS.
10. Strong interpersonal, written/verbal communication, organizational skills needed.
11. Demonstrated ability to deal effectively with staff is essential.
12. Flexibility of work hours, and proven reliability/dependability required.
13. Must be able to handle multiple tasks effectively and accurately.
14. Must have excellent problem-solving skills and possess a professional and positive attitude.
RESPONSIBILITIES:
1. Monitor computer networks and systems for security breaches, incidents, and vulnerabilities.
2. Identify and prioritize security risks, vulnerabilities, and threats and develop plans to mitigate them.
3. Develop and implement security procedures and controls to ensure compliance with industry standards and regulations.
4. Provide Information Security reports and results for management and stakeholders as well as clearly communicating findings as required.
5. Conduct security audits and assessments of network infrastructure, applications, and systems.
6. Work with members of the Information Technology team to implement and maintain security technologies, such as firewalls, intrusion detection system, and security information and event management (SIEM) tools.
7. Stay up to date with the latest security threats, technologies, and trends to provide recommendations for continuous improvement.
8. Familiar with IAM and PAM solutions.
9. Assist in physical security activities as required.
10. Participate in incident response and disaster recovery activities.
11. Assist the Information Security and Training teams with the development and delivery training programs for employees to increase security awareness and promote best practices.
12. Investigate and analyze potential security breaches to determine the root cause and impact on the organization.
QUALIFICATIONS:
1. Bachelor's degree or equivalent experience required.
2. Four (4) years of experience in cybersecurity analysis or related field is preferred.
3. Security+, Network+, or equivalent certification is required.
4. Other relevant certifications such as CISSP, CISM, or CEH are preferred.
5. Knowledge of network and system security principles, protocols, and technologies. Includes: firewalls, intrusion detections systems, wireless systems and SIEM tools.
6. Excellent analytical and problem-solving skills.
7. Ability to work independently and in a team environment.
8. Experience with vulnerability assessment tools and techniques.
9. Familiarity with security frameworks and standards such as NIST, ISO 27001, FFIEC, CIS and PCI-DSS.
10. Strong interpersonal, written/verbal communication, organizational skills needed.
11. Demonstrated ability to deal effectively with staff is essential.
12. Flexibility of work hours, and proven reliability/dependability required.
13. Must be able to handle multiple tasks effectively and accurately.
14. Must have excellent problem-solving skills and possess a professional and positive attitude.