We use cookies. Find out more about it here. By continuing to browse this site you are agreeing to our use of cookies.
I agree and accept cookies
Main menu
Post a Job
Request a Demo
Yes
No
Both
Advanced search
#alert
Back to search results / More jobs like this
Back to search results
Cambridge Savings Bank jobs

Information Security Assurance Analyst

Cambridge Savings Bank
United States, Massachusetts, Waltham
Jan 27, 2025

POSITION: Information Security Assurance Analyst

Summary:

At Cambridge Savings Bank, our purpose is to have a positive impact on our customers, employees, and community's financial well-being. We are committed to exceeding expectations and having a strong commitment to diversity and inclusion. The Information Security Assurance Analyst, under the direction of the Deputy Information Security Officer (DISO), is responsible for assisting in the development and implementation of the policies, procedures, programs, and framework for enterprise-wide information security. Assist with maintaining and performing bank-wide risk assessment(s) and monitoring risk across the company. Assist DISO as advisor to business unit managers regarding information security risk, including transaction and compliance risk, working with the Information Technology, Legal, and Compliance departments. Assist with making recommendations to business unit managers on reducing unacceptable risk exposure.

Key Result Areas:

  • Assist with the ongoing development and implementation of the Information Security Program, including collaboration and oversight of the following program components: vulnerability management, security information and event management (SIEM), incident response, entitlement review, business continuity, control testing, risk assessment, security awareness training, and regulatory gap analysis.
  • Administer business line access reviews for shared directories and critical applications.
  • Assist with risk assessments to identify, evaluate, and measure the materiality of risk.
  • Assist with efforts to perform information security framework maturity assessments (NIST CSF, CRI Profile, etc.).
  • Assist with monitoring of bank-wide application configurations to ensure they meet the standards required by the Information Security Program. Monitor changes to system configurations and security alerting.
  • Assist in the preparation of federal and state regulatory reports, processing of investment activity, and preparation of fixed assets and prepaid items, as needed.
  • Support both internal and external audits as they relate to application access and security administration.
  • Promote and practice strong collaboration with all business units in the areas of information security risk from an implementation, assessment, and training perspective. Support and contribute to both Risk and enterprise-wide projects and initiatives.
  • Maintain a high level of knowledge and industry awareness through ongoing training and participation in outside seminars and networking groups to stay current and ensure compliance with regulatory guidelines.
  • Work independently and manage work to ensure all deliverables are met on a timely basis, and in accordance with the Bank's standards.
  • Perform additional duties as required.

Qualifications:

  • Bachelor's Degree in Information Security/Assurance preferred.
  • Minimum of 3 years of experience in an information assurance, security, or technology role.
  • Strong interpersonal and customer service skills; strong written and oral communication.
  • An understanding of risk management principles and information security/data governance, and experience with risk assessment, access review, access methodology, and process workflow documentation.
  • Candidates holding or actively pursuing related professional certifications such as Security+, SCCP, CISSP, CISM, or CISA preferred.
  • An understanding of Endpoint Detection and Response (EDR) solutions, patch and vulnerability management, data classification tools, SIEM, and device hardening is highly encouraged.
  • Experience with information security frameworks and assessments, such as the NIST Cybersecurity Framework, NIST 800-53, 800-30, 800-218, 800-63, MITRE ATT&CK and/or CIS Controls, and strong familiarity with information security technology architecture, defense in depth strategy, etc.
  • Proficient in Microsoft Office including Word, Excel, and PowerPoint. Proficiency with Microsoft Visio and/or similar visualization/diagramming tools highly desirable.

The above description covers the most significant major responsibilities but does not exclude other occasional responsibilities and accountabilities the inclusion of which would be in conformity with the major purpose of this job.

Location:

Hybrid/Waltham, Massachusetts

About Cambridge Savings Bank:

Cambridge Savings Bank is a full-service banking institution with $7 billion in assets. As a mutual bank, CSB is committed to improving the quality of life of our employees, customers, and the communities we serve. One of the oldest and largest community banks in Massachusetts, Cambridge Savings Bank offers a full line of individual and business banking services across a robust Massachusetts-based branch network and through digital banking solutions for commercial, small business and consumer customers. In March 2023, Kroll Bond Rating Agency affirmed CSB's investment-grade rating, reinforcing the bank's position as a reliable business lender. To learn more about how CSB can meet your needs, visit us at cambridgesavings.com, or better yet, come meet us to help you make the most out of your banking relationship. Member FDIC. Equal Housing Lender. NMLS # 543370

Cambridge Savings Bank is an equal opportunity employer, and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status, or any other characteristic protected by law. We are a VEVRAA Federal Contractor.

#LI-Hybrid

Applied = 0
MORE JOBS LIKE THIS

(web-6f6965f9bf-tv2z2)