Back to Jobs
XX
Information Security AnalystSouthern First BancsharesUnited States
XX

Information Security Analyst

Southern First Bancshares
  • US
    United States
  • US
    United States

About

Information Security Analyst
At Southern First, we believe banking is about people, and we're making a difference one client and one banker at a time. Rooted in service and family, our core values make up the foundation of our company and the way we do business. Those values include caring, serving, and loving others. Every day, our team proudly carries out our mission of impacting lives in the communities we serve. Headquartered in beautiful Greenville, SC, Southern First is locally owned and growing Southeastern markets in three states. Our relationship-first approach to banking is backed by our commitment to investing in easy-to-use technology, giving our clients all of the tools they need to easily manage their finances whenever, wherever. If you are passionate about impacting lives in our community and building long-lasting client relationships, we'd love for you to join our team. We care. We serve. We love. Position Summary
The Information Security Analyst supports the bank's Information Security Program in accordance with the FFIEC Information Security Handbook and applicable regulatory guidance. Accordingly, this individual works collaboratively across business departments, to document and evaluate security controls, assist in identifying information security risks and support management in maintaining an effective Information Security Program. The Information Security Analyst also provides regular reports on the status of the Information Security Program to applicable management. This position is intended to strengthen the Bank's cybersecurity governance and regulatory readiness. Essential Responsibilities
Serves as an internal information security consultant for the organization. Coordinates the continuous development, implementation and updating of security and privacy policies, standards, guidelines, processes and procedures. Promotes effective communication and coordination across the organization regarding cybersecurity practices and support leadership in providing information necessary for risk-based decision-making regarding cybersecurity. Performs various annual information security risk assessments, including Cyber Security and GLBA, and serves as an internal auditor for security issues. Reviews all system-related security plans throughout the organization's network, acting as a liaison to Information Technology. Assists and/or prepares the Annual Information Security Report. Monitors compliance with information security policies and procedures, collaborating with the appropriate department manager and escalating as necessary. Monitors evolving cybersecurity risks and regulatory guidance. Assists with preparation for IT audits and regulatory exams, and reviews and addresses issues identified and ensures all audit-related issues are addressed in a timely manner. Monitors internal control systems to ensure that appropriate access levels are maintained as well as coordinating and/or performing user access reviews. Support future initiatives such as AI governance and expanded data governance. Other duties as assigned. Essential Skills, Education and Experience
At least 1-3 years of experience in information security, IT risk management, or IT audit in a banking environment. Knowledge of laws and regulations including but not limited to: FFIEC Guidance, Gramm-Leach-Bliley Act, and Sarbanes-Oxley. Knowledge of IT processes and controls and understanding of risk and control frameworks such as COBIT, NIST, PCI, etc. Bachelor's degree or equivalent experience. Prefer certification such as CISSP, CISA, CISM, or ability to obtain certification within a year of taking the position. Excellent organizational and communication skills. Strong interpersonal skills and the ability to effectively communicate with a wide range of team members. Strong attention to detail and documentation discipline. Self-motivated and able to work independently. This description is not intended to be construed as an exhaustive list of all functions, responsibilities, skills and abilities. Additional functions and requirements may be assigned by supervisors as deemed appropriate. This document does not represent an expressed or implied contract of employment, nor does it alter your at-will employment, and the Company reserves the right to change this job description and/or assign tasks for the employee to perform, as the Company may deem appropriate. Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities This employer is required to notify all applicants of their rights pursuant to federal employment laws. For further information, please review the Know Your Rights notice from the Department of Labor.
  • United States

Languages

  • English
Notice for Users

This job comes from a TieTalent partner platform. Click "Apply Now" to submit your application directly on their site.