Full-Time Cyber Security Analyst

At Regions, the Cyber Security Analyst is responsible for analyzing, identifying, and documenting cybersecurity risks. This role will require a proactive individual with an understanding of core technology and cybersecurity principles along with industry best practices to investigate, remediate and/or escalate for further evaluation.

Primary Responsibilities

• Works with technology, vendors, and business units to collect the proper artifacts
• Conducts security assessments using security scans, provided artifacts and other intelligence
• Collaborates with various stakeholders within Cyber Security/Technology departments and standard owners to properly document and communicate security risks
• Ensures proper documentation of technology assessment results, and monitors remediation
• Delivers all documentation developed during task execution, with status of all work in progress
• Assists with analyzing software for violations in Regions Cyber Security standards
• Follows global cybersecurity threat trends and provide guidance where gaps may exist around existing standards
• May execute cybersecurity requirements considering cybersecurity configuration implementation strategies that consider the operational environment, mission, criticality, and application requirements
• Participates in planning and supports cyber security engineering on new projects

This position is exempt from timekeeping requirements under the Fair Labor Standards Act and is not eligible for overtime pay.

Requirements

• High School Diploma or GED and two (2) years of related post-secondary education and/or experience in Information Security or Information Technology
• Willingness to become familiar with regulatory requirements and industry standards such as the Gram Leach Bliley Act (GLBA), Payment Card Industry Data Security Standard (PCI-DSS), National Institute of Standards and Technology (NIST), etc.

Preferences

• Knowledge of or willingness to learn Cloud Security concepts (AWS (Amazon Web Services), Azure and Google Cloud Platform).
• Willingness to pursue relevant certifications such as Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), Security+, Global Information Assurance Certification (GIAC) , etc.

Skills and Competencies

• Ability to be a self-starter with initiative and drive for continuous improvement
• Ability to be a team-oriented individual who works well with others and places a premium on the group's success
• Excellent writing and verbal communication skills
• Familiarity with concepts related to security disciplines such as: malware analysis, computer forensics, cyber incident response, network intrusion detection, network traffic and packet analysis, penetration testing, vulnerability scanning, compliance, audit, or cyber threat intelligence
• Investigative and problem-solving skills
• Strong organizational, research, analytical and problem-solving skills to evaluate situations and respond appropriately
• Understanding of information security principles, controls, and technologies