POSITION: SENIOR INFORMATION SECURITY ASSURANCE ANALYST
The Senior Information Security Assurance Analyst, under the direction of the Information Security Officer, is responsible for assisting in the development and implementation of the information security policies, procedures, programs and framework for Customer Information Security. Maintain and perform bank-wide asset risk assessment(s) and monitor risk across the company. Serve as an advisor to business unit managers regarding information security risk, including transaction and compliance, working with the information technology, legal and compliance departments. Make recommendations to business unit managers on reducing unacceptable risk exposure.
Key Result Areas:
* Assist with the development and implementation of the information security program, including the following program components: vulnerability management and verification testing, security information and event management (SIEM), incident response, business continuity, control testing, risk assessment, security awareness training and regulatory gap analysis
* Assist with the documentation of access methodologies and diagramming of data and process workflows
* Assist with implementing and maintaining the user access program
* Conduct risk assessments to identify, evaluate, and measure the materiality of each risk
* Assist with monitoring of bank-wide application configurations to ensure they meet the standards required by the Information Security Program
* Monitor changes to system configurations and security alerting
* Support both internal and external audits as they relate to application access and security administration
* Coordinate management responses to information security related findings and maintain the bank's acceptable risk matrix
* Promote and practice strong collaboration with all business units in the areas of information security risk from an implementation, assessment and training perspective
* Support and contribute to projects and initiatives for the program
* Maintain a high level of knowledge and industry awareness through training, participation in outside seminars and from professional publications and groups to ensure compliance with regulatory guidelines
* Manage work to ensure all deliverables are met on a timely and quality basis, according to the Bank's standards
* Perform additional duties as required
* Bachelor's Degree in Information Security/Assurance or other subject matter area or equivalent experience
* Strong communication, customer service and interpersonal skills
* Minimum of 7 years in an information security or information technology role
* Strong familiarity with information security architecture
* Experience in developing and administering an information security program desirable
* Thorough understanding of information security governance
* Candidates holding or actively pursuing related professional certifications such as Security+, SCCP, CISSP, CISM, or CISA preferred
* Expertise in understanding antivirus/EDR solutions, vulnerability management, data classification tools and SIEM required
* Significant experience with information security frameworks, such as the NIST Cybersecurity Framework, FFIEC CAT, NIST 800-53 and/or CIS Critical Controls is strongly preferred
* Experience with risk assessment, access review, access methodology documentation and diagrams of process workflows
* Proficiency with Microsoft Visio and/or similar diagramming tools highly desirable Proficient in Microsoft Office to include Word, Excel, and PowerPoint
* Ability to work a flexible schedule; i.e. weekends and evenings as needed
The above description covers the most significant major responsibilities but does not exclude other occasional responsibilities and accountabilities the inclusion of which would be in conformity with the major purpose of this job.
About Cambridge Savings Bank:
Cambridge Savings Bank is a full-service financial institution with approximately $3.7 billion in assets that is committed to improving the quality of life in the communities it serves. One of the oldest and largest community banks in Massachusetts, Cambridge Savings Bank offers a full line of individual and business banking services and has branches located in Arlington, Bedford, Belmont, Burlington, Cambridge, Charlestown, Concord, Lexington, Newton, and Watertown.
Cambridge Savings Bank is an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status, or any other characteristic protected by law. We are a VEVRAA Federal Contractor.