Job Title

This incumbent will provide Security Services and Cyber Defense functions as required to fulfill the Bank's information security program requirements. This incumbent will provide support to Security Architecture, Security Engineering, Security Operations, Identity & Access Management, Threat Management, Vulnerability Management and Penetration Testing functions.Job Responsibilities include but not limited to:Security Architecture, Security Engineering & Security OperationsProvide Security Standards and requirements for all in-house and Third-Party applications being built or procured by the BankProvide support and expertise to IT to find security solutions that meet requirementManage assigned security monitoring tools for daily security monitoring which includes but not limited to: network devices, platforms, databases, applicationsDesign, configure and enhance assigned security tools for effective security event monitoring and escalate accordinglyConduct assigned security tools rule and configuration validation and monitored devices recertificationIdentify and escalate security issues and assist in cybersecurity incident investigationsPerform regular maintenance of assigned security tools including software upgrades, license updates and fine tuning of rules and configurationThreat Management, Vulnerability Management & Penetration TestingConduct threat assessment and modeling as requiredConduct vulnerability scans of internal and external networkPresent results to IT and partner to perform analysis, set criticality levels and assign timelines for remediationProvide oversight of IT remediation, track and report all findings to the Information Security CommitteeCoordinate penetration testing exercises in collaboration with ITPresent results to IT and partner to perform analysis, set criticality levels and assign timelines for remediationProvide oversight of IT remediation, track and report all findings to the Information Security CommitteeIdentity & Access ManagementConduct User Recertification & Access Reviews throughout all BOC applications on a periodic basisJob RequirementsBachelor's degree in Business, Computer Science, Management Information Systems, Engineering, Mathematics, or related field is requiredMinimum 1 years of work experience in Information security, cybersecurity, vulnerability management, security architecture, network, security tools and computer systems administrationMinimum 1 years of experience in risk managementGood understanding of regulatory requirements including FFIEC, GLBA, NISTKnowledge of Information security and cyber security best practicesKnowledge of systems administration such as Windows Server, Active Directory management, Firewall, UNIX system, network architectures, etc.Knowledge of security tools such as SIEM, DLP, XDR, EDR, Web Filter etc.CISSPCRISC or IT related certifications preferredThe salary range for the Associate position is $42,000 - $90, 0000 per year. Actual salary is commensurate with candidate's relevant years of experience, skillset, education and other qualifications.