We use cookies. Find out more about it here. By continuing to browse this site you are agreeing to our use of cookies.
I agree and accept cookies
Main menu
Post a Job
Request a Demo
Yes
No
Both
Advanced search
#alert
Back to search results / More jobs like this
Back to search results
PeoplesBank jobs

Information Security Risk Associate

PeoplesBank
50000.00 To 66000.00 (USD) Annually
United States, Massachusetts, Holyoke
Mar 29, 2025

Welcome to PeoplesBank! We are the largest mutually chartered bank in Western Mass and Northern Connecticut, we are proud to lead the way in green values, sustainable energy financing, and charitable giving. Our commitment to operating in the best interest of our customers is matched by our dedication to fostering an inclusive and engaging work environment. We offer excellent compensation, workplace flexibility, and a competitive benefits package to our associates. Our award-winning culture has earned us recognition as the Best Place to Work and Best Local Bank. Join our team of dedicated and innovative individuals and be a part of our dynamic, successful organization. Let's make a difference together!

Summary:

Are you passionate about cybersecurity and eager to make a difference? As an Information Security Risk Associate, you'll play a crucial role in safeguarding our bank's operations. You'll work closely with our Information Security Risk Team to identify and assess threats and vulnerabilities, ensuring our risk exposure is minimized. Your responsibilities will include routine Information and Cybersecurity Risk Reporting and Monitoring, as well as facilitating key risk-related activities such as creating and distributing training materials and conducting testing initiatives. Help us maintain a robust cybersecurity posture and protect our organization from emerging threats. This position is based on-site at our corporate headquarters in Holyoke, MA.

Essential Duties and Responsibilities:

Information Security/Cybersecurity Monitoring

  • Escalate issues to the Manager to ensure immediate containment of threats and assess their potential impact.
  • Collaborate with the IT Security Administrator to investigate and address logs and alerts appropriately.
  • Work with the Information Security Risk Manager and IT Security Administrator to address vulnerabilities within bank systems.
  • Monitor changes to administrative groups, high-risk or critical systems, and rights assignments within the Bank's domain for anomalous activity.
  • Review change management logs for authorization discrepancies or anomalous behavior and report issues or concerns to the IS Risk Manager, IT.
  • Support the Information Security Risk Manager in coordinating Information Security Awareness Training Programs.

Business Continuity and Disaster Recovery

  • Assist in maintaining our Business Impact Analysis, ensuring we're always prepared.
  • Coordinate recovery testing with business units to guarantee our critical systems bounce back swiftly.
  • Collaborate with IT to validate RTO and RPO capabilities, keeping our systems resilient.
  • Coordinate with external third parties for seamless recovery testing.
  • Assist with engaging tabletop and walk-through exercises to sharpen our incident response.
  • Assist in documenting incidents meticulously to capture every detail.
  • Continuously review and enhance our programs to ensure they remain effective and relevant for all associates.

Risk Reporting and Assessment: Information Security

  • Aggregate the Bank's information security metrics and reporting to deliver a comprehensive assessment of our security risk profile.
  • Analyze subscription-based threat intelligence data, correlating it with our security posture to identify potential exposures and recommend enhancements to mitigate associated risks.
  • Assist in maintaining risk management tools and documenting procedures.
  • Collaborate with the risk management tool administrator, IT, Business Lines, and IA to ensure our information and controls are always up to date.
  • Gather and document risk assessment information meticulously.
  • Assist with technology and third-party risk assessments, focusing on cybersecurity and technical risks.

Other duties as assigned.

Education and Experience:

  • Minimum 1 year of experience working in an information security, fraud prevention, or related role.
  • Experience working in a highly regulated industry (banking, financial, investment, defense) maintaining a large volume of non-public personal information preferred.
  • Associate or Bachelor's Degree in Technology Management, Cybersecurity or related field preferred.
  • Knowledge of banking regulation (Reg p/GLBA), Reg E, and UCC preferred.

Computer/Technical Skills / Certifications:

  • Advanced knowledge of systems and technology platforms and architectures; Understanding of SIEM tools, DLP tools, and IDS tools, and Office Suite of standard business software (Word, Excel, PowerPoint).
  • Certifications in Comptia Security+, CYSA+, CISSP (Certified Information Systems Security Professional), CISA (Certified Information Systems Auditor), or CISM (Certified Information Security Manager) preferred.

Skills Required:

  • Understanding of Information Technology ( ie. Active Directory, Firewalls, Routers, Cybersecurity, Cloud Computing, etc.)
  • Excellent analytical and communication skills both verbal and written.
  • Critical thinking skills with the ability to independently solve problems with data.
  • Fast paced working environment; flexible with ability to quickly address issues or concerns.
  • attention to detail, while still understanding the big picture strategic objectives of the organization.

Work Environment and Physical Demands:

The working conditions and physical demands described here are representative of those that must be met by an associate to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

Applied = 0
MORE JOBS LIKE THIS

(web-6468d597d4-xmtz2)