Information Security Analyst

We are Hiring!

Information Security Analyst – Lowell, MA

Enterprise Bank is a growing and successful commercial bank where your talents will be recognized. Consistently being recognized both nationally and locally as a “Top Place to Work”, Enterprise Bank team members are as important to us as our core values. Join our dynamic team and experience a unique workplace culture where success is shared, and diversity is celebrated.

What You’ll Do: Enterprise Bank has an exciting opportunity in our Risk Management department. We are looking for an Information Security Analyst to join our exceptional Information Security team! Working with members of the Risk Management and Information Services Department, the Information Security Analyst will be responsible for identifying, testing, and monitoring system vulnerabilities and Information Security controls against Bank policies and regulatory requirements to ensure that customer and Bank information is properly secure.

Essential Functions and Responsibilities include:

• Reviews system logs and real time alerts for the Bank’s infrastructure to identify trends, investigate abnormalities, and report exceptions to the Bank’s Information Security Program.
• Participates in the Information Security Committee and creates meeting dashboards.
• Coordinates the Bank’s User Access Program for all systems both on premise and those hosted by third parties including but not limited to the initial set up of users, ongoing reviews, and removal of users due to terminations/separations.
• Monitors the Bank’s IT related accepted risks for adding, updating, and removing accepted risks based on changes in technology and vulnerabilities.
• Assists with the initial configuration review of third party hosted systems to determine compliance with the Bank’s policies and procedures.
• Gathers industry alerts and information from Information Security focused groups (Financial Services Information Sharing and Analysis Center, the FDIC, etc.) to alert the Information Security Committee of the potential threats and recommends action steps commensurate with the risk level.
• Monitors the configuration of bank wide applications to verify they meet the standards required by the Information Security Program.
• Updates the Information Security Program and corresponding cybersecurity policies, procedures, and controls annually based on regulatory changes, feedback from the Information Security Committee, and the results of audits and assessments.
• Coordinates the scheduled reviews of systems logs to verify appropriate system changes and employee access rights to verify alignment with job responsibilities.
• Performs scans on internal devices to identify vulnerabilities and provide guidance to system administrators for remedial actions.
• Analyzes the integrity of changes made to the Bank’s network through the Patch Management program, Change Management Program, user access changes, and system modification forms.
• Develops and conducts Information Security training for employees to make them aware of the Bank’s Information Security policies and procedures.
• Monitors team members’ adherence to the Bank’s Information Security Program through clean desk audits, phishing testing, and other testing outlined in the Information Security Testing Program.
• Research, implement, and maintain an Information Security framework through ongoing compliance monitoring of the framework.
• Develops and coordinates Information Security training for customers through the Bank’s statements and social media platforms.
• Assists with the Bank’s responses to potential cybercrime activity and data breaches according to the Bank’s Incident Response Policy.
• Assists customers with recovering from fraudulent transactions by identifying the recovery steps necessary based on the transaction type and coordinating the follow up with other departments as needed.
• Completes or participates in the preparation of risk assessments that are performed for new critical technologies, applications, or devices that are implemented, revised, and/or installed.
• Works with Information Services and system administrators to select appropriate technology vendors that support regulatory and best practice requirements and researches Information Security tools.
• Enforces the Bank’s record retention program for electronic documents and classifies these records in accordance with the Bank’s Classification of Information Policy.
• Supports the Risk Management Department with risk management related tasks as required.
• Performs all duties consistent with applicable Federal and State laws and regulations as well as Bank Policies.
• Performs other related duties as assigned.
• Exceeds customer expectations by following the guidelines outlined in the Customer Experience Program.

This position is Hybrid, Offsite, or Onsite. Candidates from MA, NH, and ME only.

Requirements:

• Five or more years experience in the Information Security field, preferably in the banking industry; and
• Bachelor’s degree (B.A.) with a focus on business and/or technology; or
• Equivalent combination of education and experience.
• Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), and/or Certified Information Security Manager (CISM) designation(s) are preferred, but not required.

If you don’t meet all the requirements, apply anyway! Our recruiting team considers your entire professional journey. Enterprise team members are made up of more than just their previous titles.

Our DEIB Value Statement: At Enterprise Bank, people and relationships come first. We encourage and foster a culture of diversity, equity, inclusion and belonging where everyone feels valued and respected. We are committed to a caring workplace that recognizes the importance of making a meaningful, positive difference in the lives of our team members, customers, and communities. Please click here to view our Inclusion website for more information and to learn more of our story and Core Values.

Benefits: We encourage every team member at Enterprise to lead a healthy and balanced life. We offer generous paid time-off programs, exceptional Tuition Assistance, College Loan Repayment, Wellness programs, Employee Resource Groups, opportunities to assist in your community as well as health, dental and life insurance coverage and a generous 401(k) match.

Enterprise Bank is an equal opportunity employer and makes employment decisions without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability or protected veteran status. EOE M/F/Disabled/Vet.

Education

• Bachelors or better in Business Administration

Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities

The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor’s legal duty to furnish information. 41 CFR 60-1.35(c)