Information Security Analyst I

• Oversee and validate the effectiveness of security controls and configuration baselines implemented by first line teams. Regularly review security documentation and operational practices to ensure alignment with regulatory requirements, industry standards, and organizational policies. Recommend improvements to control frameworks and support the development and maintenance of security policies, standards, and procedures.
• Review and validate reports and metrics provided by first line teams to assess the effectiveness of security solutions and controls. Analyze trends and findings to identify systemic risks or gaps and collaborate with operational teams to ensure timely remediation and continuous improvement. Prepare independent summaries and recommendations for management based on oversight activities.
• Maintain up-to-date detailed knowledge of the IT security industry, including awareness of new or revised security solutions, improved security processes, and the development of new attacks and threat vectors. Recommend additional security solutions or enhancements to existing security solutions to improve overall enterprise security. Assist in the deployment, integration, and initial configuration of all new security solutions and any enhancements to existing security solutions in accordance with standard best operating procedures and the enterprise’s security documents.
• Assist in investigations of security incidents and problematic activities to help identify root causes and recommend corrective actions. Contribute to the development and delivery of information security awareness training programs for all organizational levels, including new hire orientation and ongoing awareness campaigns. Perform additional responsibilities as assigned to support the overall security objectives of the organization.
• Participate in the planning and design of enterprise security architecture, under the direction of the Information Security Manager. Assist in the creation of enterprise security documents (policies, standards, baselines, guidelines, and procedures) under the direction of the CISO. Contribute to the planning and design of an enterprise Business Continuity Plan and Disaster Recovery Plan, under the direction of the CISO.

 Minimum Qualifications:

Second year college student focusing on Information Technology or Information Security

Two to four years related experience or equivalent combination of education and experience

Security related certifications such as: Security +, CISA, CISSP, CRISC, CISM, GRCP, CCSP, CGEIT are strongly desired

Eligibility requirements may differ for each benefit or program.National Cooperative Bank, N.A. is an Equal Employment Opportunity Employer (EOE/AA)