This position is located in downtown Salt Lake City, UT. Candidates must be able to reliably commute to or relocate to this area without the assistance of the Employer. Thank you.
IT Security and Risk Analyst
Overview
We are seeking a dedicated and detail-oriented Information Security and Risk Analyst to join our team. In this role, you will be responsible for safeguarding our organization's information systems and ensuring the integrity, confidentiality, and availability of data. You will work closely with IT teams to implement security measures, monitor systems for vulnerabilities, and respond to incidents in a timely manner. The ideal candidate will have a strong understanding of IT infrastructure and a passion for cybersecurity.
Responsibilities
- Monitor network traffic for suspicious activity and potential threats.
- Conduct vulnerability assessments and penetration testing to identify security weaknesses.
- Implement security policies, standards, and procedures in compliance with industry regulations.
- Collaborate with IT teams to ensure secure configurations of servers and applications.
- Respond to security incidents and breaches, conducting thorough investigations and reporting findings.
- Maintain documentation related to security incidents, policies, and procedures.
- Stay up-to-date with the latest security trends, threats, and technology solutions.
- Provide training and awareness programs for employees on information security best practices.
- May support the annual test of Business Continuity and Disaster Recovery Plans.
- May provide support to system upgrades and updates.
- May support employee information systems training (including hardware, software, and security training).
- Respond after hours to remediate issues or incidents.
- Other duties as assigned.
Skills
- BS in Computer Science, Computer Engineering, Information Systems, Information Technology, or comparable experience. Graduate degree preferred.
- 5+ years’ experience in Cybersecurity, information technology, IT risk management, or IT audit preferably in a banking/finance industry.
- GIAC, ISC2, ISACA or other recognized certifications preferred.
- Experience implementing and maintaining cybersecurity controls, preferably in the financial industry.
- Knowledge and understanding of NIST, CIS, FFIEC, PCI, SOC II, ISO, and other industry standards.
- Experience securing cloud technologies (Azure, AWS, Google).
- Experience in IT Audit and/or IT Risk Assessment.
- Experience supporting Information Security functions.
- Experience with Jira or other ticketing systems.
- Excellent communication skills.
- Strong financial and analytical capabilities.
- Ability to identify and problem solve many different issues.
Personal Attributes
- Sound sense of responsibility, diligence and commitment to position and company values.
- Strong interpersonal skills, ability to communicate and manage well at all levels of the organization and with staff at remote locations essential.
- Solid problem solving and creative skills and the ability to exercise sound judgment and make decisions based on accurate and timely analyses.
- High-level of integrity and dependability with a strong sense of urgency and results-orientation.
- Competent life-long learner to stay current and conversant with technologies necessary to run a financial organization.
Join us in our mission to protect our digital assets while fostering a culture of security awareness throughout the organization. If you are passionate about cybersecurity and eager to make a difference, we encourage you to apply.