Information Security Analyst I

Take the next step toward your new career today!

Become a part of the diverse and inclusive team within our nationally recognized award-winning Bank that is one of the strongest in the nation. Woodforest National Bank is privately owned, and our Employee Stock Ownership Plan is the largest shareholder. We focus on building relationships and discovering opportunities to better serve our communities and understand the financial needs of every customer we serve. At Woodforest we care and prove it by volunteering with local charities and foodbanks to give back to the communities we serve. By joining Woodforest you will become a part of one of the largest employee-owned banks in the country!

The Information Security Analyst I - is responsible for analyzing information security systems and applications and recommends and develops security measures to protect information against unauthorized modification or loss; monitor, evaluate, and maintain systems and procedures to safeguard internal information systems, network, databases, and Web-based security. Conduct vulnerability assessments and monitor systems, network, databases, and Web for potential system breaches. May be assigned responsibility for internal or external systems security (i.e., cloud services) with oversight and/or assistance from the Manager, Information Security.

Key Responsibilities: · Perform as needed, Information Security, application, and system security functionality testing to ensure adequate controls are applied and/or configured pre-implementation and post-implementation. · Vulnerabilities - Conduct vulnerability assessments and monitor systems and ensure critical and high vulnerabilities are tracked managed and remediated within the documented SLA’s; determine an action plan to reduce vulnerabilities and/or document the exceptions based on acceptance of risk. · Control Testing - Perform Information Program controls testing sequences that are assigned to the team as part of the Information Security Program, such as Data Loss Prevention (DLP), scanning for cardholder data locations and retention periods, phishing simulations, exploit simulations, physical network security, etc. · Control Monitoring - Monitor, evaluate, and maintain systems and procedures to safeguard internal information systems, network, databases, and Web-based security; respond to alerts from information security tools, report, investigate and resolve security incidents. · Configuration Review - Assist in reviewing configuration of DLP, HIPs, Encryption, and Anti-Virus systems including monthly reports on scans to ensure cardholder data and systems are secure.

Competencies Required: · Good understanding of assessing, utilizing, supporting and/or maintaining of logical and physical security architectures and technologies including but not limited to IPS/IDS, firewall, SIEM, VPN, anti-virus, email, web, data, video, physical access control hardware and related operating systems & supporting software. · Communicate clearly and concisely, both orally and in writing. · Multi-task and adhere to priorities and meet deadlines. · Ability to work in a fast paced, collaborative environment, drawing on the expertise of all team members to deliver projects. · Good understanding of technical writing and documentation skills.

Minimum Qualifications/Experience: · Minimum of 2 years’ directly related experience or other transferrable technical experience.

Formal Education & Certification: · Bachelor’s degree in Information Systems, Computer Science or a related discipline preferred, or an equivalent amount of directly related work experience. · One or more of the following certifications is preferred:

CompTIA Security

CompTIA Advanced Security Practitioner (CASP)

Work Status: · Full-time

Supervisory Responsibility: · None.

Travel: · Less than 10% travel expected.

Working Conditions: · Conditions involve lifting no more than ten pounds, sitting most of the time, but may involve walking, moving, or standing for brief periods, and occasionally lifting and carrying articles like files, ledgers, folders, etc.

Disclaimer: This job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee. Nothing herein restricts management’s right to assign or reassign duties and responsibilities to this job at any time.

Woodforest is an Equal Opportunity / Affirmative Action employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or protected veteran status, or other status protected by law or regulation.

Job:

* Technology Services

Organization:

* Texas - Houston

Title:

Information Security Analyst I

Location:

Texas-The Woodlands

Requisition ID:

067230