Information Security Associate

Salary Range: $70,000 - $78,000

PRIMARY RESPONSIBILITY:

The Information Security Associate is responsible for compliance monitoring and reporting on the Bank’s information security program.

This role also has responsibility for tasks related to the Bank’s business continuity and physical security programs.

 

ESSENTIAL FUNCTIONS:


* Develop content and train employees on information security, business continuity, and physical security practices. 


* Investigate reported phishing attempts.

Determine and take appropriate actions to mitigate risk.


* Oversee phishing campaigns, track failures, and provide remedial training.


* Investigate reported security incidents to determine the damage and take appropriate action.

Thoroughly document the results of the investigation and ensure appropriate actions are taken.


* Perform monitoring related to data exfiltration and encryption.


* Manage the access review process to ensure user access is appropriately provisioned.



* Manage the annual vulnerability/penetration and social engineering testing process by working closely with third-party service providers.



* Collaborate with Information Technology to detect and mitigate vulnerabilities.


* Manage the Bank’s record retention process to ensure data is properly stored and destroyed as required.


* Respond to physical security alarms and business continuity events.

Determine and take appropriate action.


* Ensure access and alarm systems are properly setup and kept up to date.


* Perform risk assessments related to information security, business continuity, and physical security.


* Develop and implement plans and procedures related to information security, business continuity, and physical security.


* Prepare reports for management and the Board.



* Gather and provide requested documentation for audits and exams.



* Maintain current knowledge of state and federal information security requirements and best practices.


* Maintain an understanding of emerging information security issues and work with management to address challenges.



* Actively participate in demonstrating the behaviors outlined in The GRB Experience.


* Meet expectations in performance, productivity, and quality standards.


* Perform other duties as assigned.

 

EDUCATION AND EXPERIENCE:

Associate’s degree in technology or a related field plus a minimum of two years of related work experience, or the equivalent combination of education and experience.


* A solid understanding of best practices related to data security, phishing, encryption, passwords, and authentication is required.

 

COMPETENCIES:


* Provide a remarkable client experience.

Greet clients with warmth, genuine interest and a smile.


* Lead by example.

Identify current or potential problems, take ownership and see them through to resolution.


* Act as a unified team.

Possess strong interpersonal skills in...