Corporate Information Security Analyst I
Apply NowCompany: Flagstar Bank
Location: Bozeman, MT 59715
Description:
About The Role
Summary
The Information Security Analyst I position is tasked with designing, developing, administering and tuning security event monitoring and intrusion detection related systems while providing support for new analytic methods for detecting threats. Maintains knowledge on the latest intelligence and attack methodologies to take corrective actions during security incidents and is the second level escalation point for corrective action on security events from SIEM while tuning out false positives. Examines Big Data for patterns of malicious or unwanted activities in the enterprise. This position is the primary incident responder for security incidents and provides advice and mentorship to the more junior employees with regard to event detection, classification, response and recovery. This position will also do other duties as assigned and reports to the Information Security Manager.
This is a Corporate position which may be located in an available bank division across our eight-state footprint in AZ, CO, ID, MT, NV, UT, WA, or WY. Click here to learn more about our bank divisions.
The mid-point for this position is $39.19/hour (calculated for Kalispell, MT). All compensation offers are analyzed individually and take into consideration multiple factors including but not limited to geographic location, years of experience, and educational background.
DUTIES AND RESPONSIBILITIES:
Designs, develops, administers, and tunes security event monitoring and intrusion detection related systems including the development of correlation searches, dashboards and reports for Management and Regulatory bodies. Tunes systems if false positives are found. Develops performance metrics, trends statistical data, and customizes management reports for Audit, Regulatory Exams, Committee and Board reports. Consults with all departments within IT to determine how to onboard security monitoring in new technologies being introduced or upgraded in the enterprise. Provides consulting on tactical methods to enhance monitoring and reduce attack surfaces.
Takes corrective action using the SANS stages of incident response (Preparation, Identification, Containment, Eradication, Recovery, Lessons Learned) as well as advises on remediation activities on security events escalated from System Administrators, Engineers, Information Security Administrators and Analysts. Keeps management aware of incident status while performing deep-dive analysis by correlating data from various sources to determine if a critical system or data set has been impacted all while creates necessary Incidents, Major Incidents or Problems following the internal ITIL Processes. Communicates potential security exposures, misuse or noncompliance situations to the Information Security Manager or Chief Information Security Officer.
Leads postmortem Incident Response activities including lessons learned while advising on the implementation of revised or new security controls that may be needed from the Incident Response.
Monitors and maintains knowledge on new security threats, trends and technologies to better position detective and preventative controls to minimize risks associated with security breaches.
Provides guidance and education to organization employees on the concepts and needs of a security conscience culture to achieve compliance according to regulatory requirements, bank policy, and industry standard to promote high levels of security knowledge or awareness.
Analyze current processes in order to determine the possible migration of some or all of the process to the Security Orchestration, Automation and Response (SOAR) system. Work with senior staff on automation implementation and tune automated processes once developed.
Must comply with all company policies and procedures and all applicable laws and regulations, including but not limited to, the Bank Secrecy Act, the Patriot Act, and the Office of Foreign Assets Control. Must complete the assigned online training courses and achieve a passing score by due date.
About You
QUALIFICATIONS
EDUCATION
Required
Preferred
EXPERIENCE
Required
Preferred
LICENSE/CERTIFICATION
Required
Preferred
KNOWLEDGE, SKILL, ABILITY:
WORK ENVIRONMENT:
Must be able to routinely perform work indoors in climate-controlled shared work area with moderate noise level.
Must be capable of up to 10% travel (e.g. 2 days/month) by automobile (as driver and passenger), commercial airlines, rental vehicles and public transportation and be able to lodge in public facilities. Travel will be necessary to conduct the duties of this job, and the employee must have the ability to drive and have proper licensing.
PHYSICAL DEMANDS: The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
While performing the duties of this job, the employee is often required to: sit; use hands in repetitive motions to finger, grasp, handle or feel; and talk or hear. The employee is occasionally required to: stand; walk; and lift or reach with hands and arms.
Must be able to operate routine office equipment including computer terminals and keyboards, telephones, copiers, facsimiles, and calculators. Must be able to routinely perform work on computer for an average of 6-8 hours per day, when necessary. Must be able to work extended hours or travel off site whenever required or requested by management. Must be capable of regular, reliable and timely attendance. Must be capable of climbing / descending stairs in an emergency situation.
Specific lifting abilities required by this job include: Light work. The employee is constantly required to stand and walk. Exerting up to 25 pounds of force occasionally, and/or up to 10 pounds of force frequently, and/or a negligible amount of force constantly to move objects. If the use of arm and/or leg controls requires exertion of forces greater than that for sedentary work and the worker sits most of the time, the job is rated for light work. Occasional: Medium work. Exerting up to 50 pounds of force and/or up to 25 pounds of force frequently, and/or up to 10 pounds of force constantly to move objects.
Specific vision abilities required by this job include: The worker is required to have close visual acuity to perform an activity such as: preparing and analyzing data and figures; transcribing; viewing a computer terminal; extensive reading; visual inspection involving small defects, small parts, and/or operation/inspection of machines and/or using measurement devices at distances close to the eyes.
What We Offer
COMPENSATION & BENEFITS: Salary is dependent upon relevant experience. We offer an extensive benefits package that includes, but is not limited to, flexible health coverage options: medical/dental/vision (partially employer paid with competitive premiums), health rewards program, possible employer contribution to a Health Savings Account, Employee Assistance Program (EAP); life insurance; 401K retirement plan with immediate vesting (up to 3% employer match, 3% automatic employer contribution, and profit sharing); discounted banking products and services; paid vacation/sick days, and paid holidays.
COMPANY OVERVIEW: At Glacier Bancorp, our employees are our most valuable asset. We seek qualified individuals who enjoy people, are innovative and eager to learn. We are dedicated to providing opportunities for personal advancement and professional growth by investing in the tools and training needed to build a personalized career path for you.
Glacier Bancorp, Inc. is a regional bank holding company headquartered in Kalispell, Montana with assets greater than $11 billion, operating in numerous community bank divisions across 7 states (Montana, Idaho, Utah, Washington, Wyoming, Colorado and Arizona). We pursue a community banking philosophy, emphasizing personalized service combined with the full resources of a large banking organization. Over the years, Glacier Bancorp has received numerous awards for stability and soundness, and has repeatedly ranked among the top 10% in the nation for financial strength.
We are an Equal Opportunity Employer and qualified applicants or employees will receive consideration for employment without regard to race, color, religion, national origin, sex (including pregnancy), sexual orientation, gender identity, mental or physical disability, age, genetic information, protected veteran status, or any other category protected by applicable federal, state or local laws.
Glacier Bancorp, Inc. does not sponsor applicants for work visas. All applicants must be legally authorized to work in the US.
No Recruiters or unsolicited agency referrals please.
Summary
The Information Security Analyst I position is tasked with designing, developing, administering and tuning security event monitoring and intrusion detection related systems while providing support for new analytic methods for detecting threats. Maintains knowledge on the latest intelligence and attack methodologies to take corrective actions during security incidents and is the second level escalation point for corrective action on security events from SIEM while tuning out false positives. Examines Big Data for patterns of malicious or unwanted activities in the enterprise. This position is the primary incident responder for security incidents and provides advice and mentorship to the more junior employees with regard to event detection, classification, response and recovery. This position will also do other duties as assigned and reports to the Information Security Manager.
This is a Corporate position which may be located in an available bank division across our eight-state footprint in AZ, CO, ID, MT, NV, UT, WA, or WY. Click here to learn more about our bank divisions.
The mid-point for this position is $39.19/hour (calculated for Kalispell, MT). All compensation offers are analyzed individually and take into consideration multiple factors including but not limited to geographic location, years of experience, and educational background.
DUTIES AND RESPONSIBILITIES:
Designs, develops, administers, and tunes security event monitoring and intrusion detection related systems including the development of correlation searches, dashboards and reports for Management and Regulatory bodies. Tunes systems if false positives are found. Develops performance metrics, trends statistical data, and customizes management reports for Audit, Regulatory Exams, Committee and Board reports. Consults with all departments within IT to determine how to onboard security monitoring in new technologies being introduced or upgraded in the enterprise. Provides consulting on tactical methods to enhance monitoring and reduce attack surfaces.
Takes corrective action using the SANS stages of incident response (Preparation, Identification, Containment, Eradication, Recovery, Lessons Learned) as well as advises on remediation activities on security events escalated from System Administrators, Engineers, Information Security Administrators and Analysts. Keeps management aware of incident status while performing deep-dive analysis by correlating data from various sources to determine if a critical system or data set has been impacted all while creates necessary Incidents, Major Incidents or Problems following the internal ITIL Processes. Communicates potential security exposures, misuse or noncompliance situations to the Information Security Manager or Chief Information Security Officer.
Leads postmortem Incident Response activities including lessons learned while advising on the implementation of revised or new security controls that may be needed from the Incident Response.
Monitors and maintains knowledge on new security threats, trends and technologies to better position detective and preventative controls to minimize risks associated with security breaches.
Provides guidance and education to organization employees on the concepts and needs of a security conscience culture to achieve compliance according to regulatory requirements, bank policy, and industry standard to promote high levels of security knowledge or awareness.
Analyze current processes in order to determine the possible migration of some or all of the process to the Security Orchestration, Automation and Response (SOAR) system. Work with senior staff on automation implementation and tune automated processes once developed.
Must comply with all company policies and procedures and all applicable laws and regulations, including but not limited to, the Bank Secrecy Act, the Patriot Act, and the Office of Foreign Assets Control. Must complete the assigned online training courses and achieve a passing score by due date.
About You
QUALIFICATIONS
EDUCATION
Required
- Associates Degree in Information Technology (preferably in Information Assurance or Information Security)
Preferred
- Bachelor's Degree in Information Technology
EXPERIENCE
Required
- At least 3 years working in IT, specializing in Information Security Operations including the development of playbooks and/or procedures.
- Proficiency in Enterprise Windows Server and/or Linux/BSD/Unix Administration as well as Enterprise network routing and switching.
- Knowledge of common information security management frameworks, such as ISO 27001, ITIL, COBIT, NIST and CSIS 20 Critical Security Controls.
- Expertise of operation security technologies such as firewalls, intrusion detection / prevention, SIEM, SOAR, PAM and other security systems.
- Strong understanding of Internet protocols.
Preferred
- Two years of experience with Big Data analytics platforms such as Splunk.
LICENSE/CERTIFICATION
Required
- One entry level certificate such as a Comptia Security+, SANS GIAC Security Essentials (GSEC) or ISACA Cybersecurity Fundamentals.
- Required within 1 year: One or more advanced certificate such as an CEH, ISACA CISM, CSX-P; ISC2 CISSP; SANS GIAC Information Security Professional (GISP), GIAC Security Operations Certified (GSOC) or CompTIA Advanced Security Practitioner (CASP+).
Preferred
- One or more advanced certificate focused upon the cybersecurity fields of Forensics, Threat Intelligence or Incident Handling.
KNOWLEDGE, SKILL, ABILITY:
- A significant level of trust, credibility and diplomacy is required. In-depth dialogues, conversations and explanations with customers, direct and indirect reports and outside vendors can be of a sensitive and/or highly confidential nature. Communications may involve motivating, influencing, educating and/or advising others on matters of significance.
- Strong experience in network packet and vulnerability analysis while creating an action plan to resolve issues or incidents that are discovered.
- Ability to perform advanced system troubleshooting on various Information Technology and Information Security products.
- Ability to translate security policies and procedures into actionable SIEM correlation searches, SOAR automation, alerts, dashboards and reports.
- Knowledge of applicable practices and laws relating to data privacy and protection.
- Ability to present security topics to audiences of various degrees of technical and business backgrounds.
- Ability to create effective Security Awareness Training content.
- Familiarity with end user support, and other industry-standard techniques and practices.
- Ability to present ideas in business-friendly and user-friendly language.
- Proven analytical, troubleshooting, and problem-solving abilities with a keen attention to details.
- Strong instinct to react quickly to arising problems.
- Proven ability to effectively prioritize and execute tasks.
- Strong organizational, customer service, communication and decision-making skills.
- Ability to work with internal and external attest staff during audits, examinations and/or reviews.
- Strong interpersonal skills, and must use considerable tact, diplomacy, and judgment.
- Highly self-motivated and self-directed.
WORK ENVIRONMENT:
Must be able to routinely perform work indoors in climate-controlled shared work area with moderate noise level.
Must be capable of up to 10% travel (e.g. 2 days/month) by automobile (as driver and passenger), commercial airlines, rental vehicles and public transportation and be able to lodge in public facilities. Travel will be necessary to conduct the duties of this job, and the employee must have the ability to drive and have proper licensing.
PHYSICAL DEMANDS: The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
While performing the duties of this job, the employee is often required to: sit; use hands in repetitive motions to finger, grasp, handle or feel; and talk or hear. The employee is occasionally required to: stand; walk; and lift or reach with hands and arms.
Must be able to operate routine office equipment including computer terminals and keyboards, telephones, copiers, facsimiles, and calculators. Must be able to routinely perform work on computer for an average of 6-8 hours per day, when necessary. Must be able to work extended hours or travel off site whenever required or requested by management. Must be capable of regular, reliable and timely attendance. Must be capable of climbing / descending stairs in an emergency situation.
Specific lifting abilities required by this job include: Light work. The employee is constantly required to stand and walk. Exerting up to 25 pounds of force occasionally, and/or up to 10 pounds of force frequently, and/or a negligible amount of force constantly to move objects. If the use of arm and/or leg controls requires exertion of forces greater than that for sedentary work and the worker sits most of the time, the job is rated for light work. Occasional: Medium work. Exerting up to 50 pounds of force and/or up to 25 pounds of force frequently, and/or up to 10 pounds of force constantly to move objects.
Specific vision abilities required by this job include: The worker is required to have close visual acuity to perform an activity such as: preparing and analyzing data and figures; transcribing; viewing a computer terminal; extensive reading; visual inspection involving small defects, small parts, and/or operation/inspection of machines and/or using measurement devices at distances close to the eyes.
What We Offer
COMPENSATION & BENEFITS: Salary is dependent upon relevant experience. We offer an extensive benefits package that includes, but is not limited to, flexible health coverage options: medical/dental/vision (partially employer paid with competitive premiums), health rewards program, possible employer contribution to a Health Savings Account, Employee Assistance Program (EAP); life insurance; 401K retirement plan with immediate vesting (up to 3% employer match, 3% automatic employer contribution, and profit sharing); discounted banking products and services; paid vacation/sick days, and paid holidays.
COMPANY OVERVIEW: At Glacier Bancorp, our employees are our most valuable asset. We seek qualified individuals who enjoy people, are innovative and eager to learn. We are dedicated to providing opportunities for personal advancement and professional growth by investing in the tools and training needed to build a personalized career path for you.
Glacier Bancorp, Inc. is a regional bank holding company headquartered in Kalispell, Montana with assets greater than $11 billion, operating in numerous community bank divisions across 7 states (Montana, Idaho, Utah, Washington, Wyoming, Colorado and Arizona). We pursue a community banking philosophy, emphasizing personalized service combined with the full resources of a large banking organization. Over the years, Glacier Bancorp has received numerous awards for stability and soundness, and has repeatedly ranked among the top 10% in the nation for financial strength.
We are an Equal Opportunity Employer and qualified applicants or employees will receive consideration for employment without regard to race, color, religion, national origin, sex (including pregnancy), sexual orientation, gender identity, mental or physical disability, age, genetic information, protected veteran status, or any other category protected by applicable federal, state or local laws.
Glacier Bancorp, Inc. does not sponsor applicants for work visas. All applicants must be legally authorized to work in the US.
No Recruiters or unsolicited agency referrals please.