Information Security Analyst Iii

Great employees are essential to maintaining the confidence our customers place in us. FGB believes that our employees are our greatest asset as demonstrated in their professionalism and dedication. We encourage open communication and strive to cultivate an environment in which our employees will contribute new ideas and innovations that will help us excel. As we grow, we want YOU to join our team to help fulfill our mission of serving the banking needs in our local communities.
Our full-time employees are eligible for amazing benefits including medical, dental, vision, and basic life/AD&D insurance, prescription drug benefits, long term disability, and salary continuance (short-term disability). In addition, they get paid holidays, paid vacation and sick leave, a tuition reimbursement program, 401k, section 125 cafeteria plan, and the opportunity to earn FGB stock grants. Apply today to enjoy these benefits and more!
Position Summary
The Information Security Analyst III will plan, design, monitor, and work with various functions across the organization to ensure the bank maintains a robust Information Security Program. The Information Security Analyst will support security controls, vulnerability management, cyber security defense, monitoring, and analysis using various security tools, software, and processes. This position will assist and support the business, IT, and stakeholders to ensure that all technology projects and efforts securely meet their objectives.
Essential Duties and Responsibilities

1. Lead the Coordination and Strategic Execution of IT Security Projects: Act as the primary subject matter expert (SME) within the organization, guiding cross-functional teams through complex security initiatives.
2. Oversee and Enhance the Vulnerability Management Program: Direct the identification, assessment, and mitigation strategies for system and network vulnerabilities, ensuring continuous improvement and compliance with industry standards.
3. Strategically Assess and Elevate Security Postures: Regularly evaluate the organization's and commercial partners' security programs against FFIEC and NIST guidelines, driving enhancements where necessary.
4. Direct SIEM and Security Monitoring Operations: Lead the monitoring of security systems for signs of compromise, orchestrating prompt and effective response strategies to safeguard organizational assets.
5. Mentor Staff on Security Best Practices: Provide expert guidance to both technical and business teams on the implementation of robust security controls, fostering a culture of security awareness.
6. Manage and Lead Security Projects Across the Organization: Take ownership of security projects, demonstrating project management excellence and cross-functional leadership to achieve strategic security objectives.
7. Champion Privileged Account Security Management (PAM): Spearhead the administration and continuous refinement of PAM practices, ensuring the highest level of access control and risk mitigation.
8. Innovate Security Monitoring Solutions: Architect and implement sophisticated mechanisms for monitoring login events and security indicators across diverse information systems, enhancing organizational resilience.
9. Lead Security Incident Analysis and Remediation: Conduct advanced analysis of security logs to identify threats and spearhead the remediation of identity-related security events.
10. Drive Process Improvement and Efficiency: Critically analyze and improve security-related processes, leveraging your expertise to streamline operations and enhance security measures.
11. Develop and Automate Security Monitoring Tools and Processes: Create innovative tools and processes for security monitoring, focusing on automation to increase efficiency and coverage.
12. Strategically Harden Information Systems: Provide leadership in the fortification of critical infrastructure, including workstations, servers, and cloud environments, against evolving cyber threats.
13. Evaluate and Enhance Third-Party Security Practices: Conduct thorough assessments of vendors and partners' security measures using SOC 2, open-source intelligence, and other relevant information, guiding them towards best practices.
14. Lead Enterprise Risk Management Initiatives: Play a pivotal role in identifying, assessing, and mitigating enterprise risks, aligning security strategies with organizational objectives.
15. Command Incident Response and Forensic Investigations: Lead high-stakes incident response operations and forensic investigations, ensuring a swift, coordinated response to security incidents.
16. Establish and Refine Security Standards and Architectures: Guide the development and refinement of comprehensive standards and architectures for encryption, access control, data protection, and incident response, ensuring they meet or exceed industry best practices.

Minimum Qualifications (Education, Experience, Skills)

• 6 or more years' experience related to Information Security
• Strong IT skills in compute, storage, and networking

Preferred Qualifications (Education, Experience, Skills)

• Working knowledge of Python / Powershell
• Industry recognized certification (GIAC, Security+, AZ, AWS, or equivalent)
• Experience with Azure, AWS, and Microsoft 365
• SIEM analysis and proactive threat hunting

Physical Demands and Work Environment
The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this position. Reasonable accommodations may be made to enable individuals with disabilities to perform the functions. While performing the duties of this position, the employee is regularly required to talk and hear. The employee frequently is required to use hands or fingers, handle, or feel objects, tools, or controls. The employee is occasionally required to stand; walk; sit; reach with hands and arms; climb or balance; and stoop, kneel, crouch, or crawl. The employee must occasionally lift and/or move up to 25 pounds. Specific vision abilities required by this position include close vision, distance vision, color vision, peripheral vision, and the ability to adjust focus. The noise level in the work environment is usually moderate.
This job description in no way states or implies that these are the only duties to be performed by the employee(s) incumbent in this position. Employees will be required to follow any other job-related instructions and to perform any other job-related duties requested by any person authorized to give instructions or assignments. All duties and responsibilities are essential functions and requirements and are subject to possible modification to reasonably accommodate individuals with disabilities. To perform this job successfully, the incumbents will possess the skills aptitudes and abilities to perform each duty proficiently. Some requirements may exclude individuals who pose a direct threat or significant risk to the health or safety of themselves or others. The requirements listed in this document are the minimum levels of knowledge, skills, or abilities. This document does not create an employment contract, implied or otherwise, other than an "at will" relationship.
Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities
The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor's legal duty to furnish information. 41 CFR 60-1.35(c)