Information Security Analyst

Mineola/Rockefeller Center, NY

ABOUT US:

Hanover Bank – When you love your work and the people you work with, careers are made!

Embracing diversity, valuing inclusion and showing respect are the foundation upon which we build our team. At Hanover Bank, inclusion means respecting personal beliefs and appreciating that we all have perspectives that matter. We are stronger together as we move toward a shared vision of personal and corporate growth.

Whether you are just starting out or a seasoned professional, working for Hanover Bank can launch you on a path to success. With a passion for excellence, we strive to deliver exceptional service to our clients, foster a positive impact in the communities in which we work and live and help our team members achieve their professional goals.

When you work with us you are empowered, engaged and encouraged to collaborate because every voice matters, every person counts!

Job Summary

Hanover Bank is looking for a full-time Information Security Analyst to join our team. The Information Security Analyst will report directly to the Information Security Officer (ISO) and assist in the planning, implementing, and maintaining the Bank's information security program to ensure the confidentiality, integrity, availability, and assurance of information managed by the Bank. The Information Security Analyst will work with the ISO to ensure the security program, policies, and procedures are in accordance with Federal and New York State mandates and guidelines. The Information Security Analyst will perform risk assessments, evaluations of appropriate security controls, security awareness, project and product development consultation, incident response program management, and be proactive with compliance concerning industry regulations related to information security. The Information Security Analyst will ensure the proper security controls and monitoring techniques are in place to protect the Bank's Network from security breaches. Job functions include managing the business continuity plan, working directly with IT on security systems, enhancing security awareness, incident response management, and responding to audits as required.

Essential Job Duties and Responsibilities

• Assist the Information Security Officer in the development and maintenance of the Information Security Program that conforms to mandates and guidelines outlined in Gramm-Leach-Bliley Act, Federal Deposit Insurance Corporation Improvement Act (FDICIA), Sarbanes-Oxley, Federal Financial Institutions Examination Council (FFIEC), Fair and Accurate Credit Transactions Act (FACTA), and the Department of Financial Services Cybersecurity Requirements (23 NYCRR 500) including data classification, information security asset risk assessments, incident response, monitoring and testing.
• Develop and maintain information security risk assessments designed to evaluate inherent risks, controls, and residual risks.
• Develop and maintain the necessary security tools to monitor and alert security-related vulnerabilities and breaches which can lead to compromising the Bank's Network.
• Develop and maintain proper incident alerting, escalation, and response policies and procedures for security-related issues.
• Work closely with Information Technology on the security controls and remediation of security-related issues.
• Ensure that appropriate security controls are considered during vendor selection and development efforts.
• Produce security reports to include current security state KPI metrics and trend analysis.
• Ensure access to information systems is controlled, both internally and externally, proportionate to the level of potential risk.
• Research the latest information technology (IT) security trends and recommend security enhancements to improve the bank's security posture.
• Work with various departments to ensure proper data classification.
• Work with the Information Security Officer on maintaining the Bank's business continuity plan which includes testing as required and working with the various departments on business impact analysis (BIA) / business continuity plan (BCP) updates.
• Assist the Information Security Officer in the review of Information Technology changes to ensure that they meet security best practices.
• Enhance employee security awareness by providing updated security-related educational material, the use of phishing campaigns, and providing presentations to ensure the understanding of their obligations and responsibilities within the objectives of the information security policy and program.
• Coordinate incident response planning and reporting for information security activities.
• Assist the Information Security Officer with the management and oversight of the Bank’s business continuity plan and program.
• Monitor regulations and technology trends that affect financial institutions. Evaluate compliance and develop plans for compliance with regard to information security.
• Respond to audit requests as required.
• Perform all other duties as assigned.

Education and Experience

• Bachelor’s degree in computer sciences or related field or equivalent experience/certification.
• Professional information security certification such as Certified Information Systems Security Professional (CISSP) or Certified in Risk and Information Systems Control (CRISC) preferred or equivalent experience/certification.
• 1-3 years of experience implementing, managing, or governing security technologies.

Skills and Abilities

• Excellent problem-solving, analytical skills, and detail-oriented.
• Strong interpersonal skills and the ability to effectively communicate and articulate complex technologies in easy-to-understand terminology.
• Strong Technical Knowledge in the following areas: network security, cloud security, endpoint security, application security, and security information and event management (SIEM), security operation center (SOC) systems.
• Knowledge of security operations and procedures.
• Ability to adapt to the changing information technology landscape.
• Knowledge of business continuity planning and disaster recovery testing.
• Ability to perform vendor and system cybersecurity risk assessments.
• Ability to perform information security awareness programs.
• Ability to prioritize and execute tasks within their required time frames.

Our Benefits:

Health & Wellness Benefits

• Medical, Dental, and Vision insurance (with HSA, FSA, and Commuter Benefits options)
• Company-paid Life Insurance and Accidental Death & Dismemberment (AD&D)
• Company-paid Long-Term Disability Insurance

Voluntary Benefits

• Additional Life and AD&D Insurance for employee, spouse, and dependents
• Voluntary Short-Term Disability Insurance
• Pet Insurance
• Legal Services Plan
• Accident Insurance
• Hospital Indemnity Insurance
• Cancer Care Insurance

Retirement

• 401(k) Plan with Company Match

Time Off & Recognition

• Paid Personal Time Off (PTO)
• Paid Company Holidays
• Annual Performance Bonuses
• Annual Salary Increases

Employee Engagement

• Company-sponsored Events
• Employee Contests and Recognition Programs

Hourly Rate: $22.00- $31.00; placement within this range will vary based on experience and skill level.

Hanover Bank is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or protected veteran status.