IT Security Analyst I

Overview

The IT Security Analyst I is responsible for supporting the Bank's IT Security preventative and reactive measures including but not limited to Technology governance, risk, and compliance. IT governance-related duties include ensuring security controls are in place, effective, and that risks are recorded and actively being managed.

Other tasks include configuration management, asset management, patch management, software / hardware lifecycle, threat intelligence, user activity monitoring, and reporting thereof. This role is expected to be fully aware of the Bank's security goals as established by its stated policies, procedures and guidelines and to actively work towards upholding those goals. Other duties include collaboration with senior IT Security personnel to optimize security tools and processes. Performs any functions, within scope of authority and expertise, to provide the highest level of service and responsiveness to customers and co-workers. This is a Hybrid work schedule, 3 days in the office and 2 days remote in Massachusetts.

Responsibilities

IT Governance

• Maintain the Bank’s IT security program control framework to ensure compliance with industry standards (NIST, CIS, FFIEC) and MSB’s IT security control requirements.
• Develop systems and processes for identifying, managing, and reporting risks.
• Provide governance, risk, and compliance data insights to drive improvement across the IT system.
• Compile metrics / reporting for the weekly IT Governance report. Facilitate weekly presentation to stakeholders.
• Design and implement security controls for our infrastructure and critical systems.
• Assigns responsibility for IT Governance related issues and tracks them to resolution.
• Continually working to improve the Banks overall security posture.
• Track and understand emerging security practices and threats. Leverage this knowledge to improve security configurations across the enterprise and hunt for potential or active t threats.
• Manage daily volume of offline computers. Triage and resolve issues so computers can join network and be managed.
• Reconcile asset type risk scores regularly and report metrics and issues to IT Division.

IT Security Control Programs

System & Application Administration

Requirements

Education

Work Experience

Additional Requirements

Experience with managing and securing Microsoft Windows or Linux is preferred.

Working knowledge of IT security controls and how to determine their effectiveness.

Knowledge, Skills, and Abilities

Understanding of common security technologies and functions (Endpoint AV, Patch Management, Encryption, Vulnerability Scanning, etc.)

Working knowledge of common operating systems (Windows, Linux, etc.) and basic endpoint security principles

Passion and enthusiasm for Cyber Security

Demonstrates excellent communication, facilitation, efficient decision making and problem solving skills

Licenses and Certifications

Expected Pay Range

From : $62,682

To : $111,280

The pay range is the salary we in good faith expect to pay for this role at the time of posting. Actual compensation paid may fluctuate higher or lower than the posted range and the range may be modified in the future due to several factors including, but not limited to, relevant experience, certifications, and qualifications, internal equity, adjustments to the requirements and responsibilities of the job, business needs, and economic and market data.

EEO Statement

Middlesex Savings Bank is an Equal Opportunity Employer / protected Veterans / Individuals with Disabilities

Join our Talent Community!

Join our Talent Community to receive updates on new opportunities and future events.

Location US-MA-Westborough

Req # 5583

Category IT / Operations - Information Security

Position Type Full Time

Standard Working Hours Monday - Friday 8 : 00am to 5 : 00pm