Information Security Engineer

Company: Citizens & Northern Bank
Location: Wellsboro
Posted on: June 24, 2022

Job Description:

Information Security EngineerUS-PA-WellsboroJob ID: 2022-1972Type: Full-Time# of Openings: 1Category: Information TechnologyWellsboro Administration BuildingOverviewAt C&N, we have a mission to take care of our customers to be the only bank they need. The Information Security Engineer is responsible for configuring, troubleshooting, and maintaining C&N's security infrastructure, screening IT infrastructure for weaknesses, and monitoring security policies for unauthorized changes. This position will track the performance of security measures and recommend enhancements, policy updates, and solutions to management, as well as manage security information and event management platform. This role will also develop custom queries for security reports and actively look for security incidents, monitor systems and users' access rights to ensure compliance with established computer security controls. They are expected to assist the Security Analysts and IT Operations staff as necessary, respond to support tickets, and assist with security audits, testing, and documents security requirements. In order to be considered, you must live within 50 miles of any C&N location (PA).Responsibilities1. Conducts scheduled and unscheduled log reviews and security checks and investigates security concerns. Conduct analysis of security event data, exercises judgment and urgency in responding to suspicious activity.Actively looks for suspicious behavior or unexplained system changes or events.Works closely with MSSP to review security alerts and take corrective action.Analyze the validity of events, filter out false positives to provide actionable information.Responds with urgency to any events, documents response activities, and alert manager. Keeps abreast of the latest industry threats, and new trends in cyber security and promote security awareness. 2. Manages C&N's Information Security infrastructure and systemsConfigures, troubleshoots and manages information security systems.Recommends and implements security infrastructure changes to better defend against attacks.Monitors security policies, system configuration changes and security equipment visibility into IT infrastructure.Monitors industry cyber threats and enhance security defense layers for new cyber threats.Meets regularly with security vendors to improve product usage and value.Work with vendors to troubleshoot and resolve issues and track to resolution. 3. Manages security information and event management environmentEnsures the integrity, availability, and confidentiality of the log management environment.Reviews and regularly validates appropriate collection of log data.Strengthen event correlation for log efficiency.Manages SIEM dashboards, reports, and security alerts for InfoSec Team.Develops custom queries, rules and scripts for security alerts & reports.Annually documents log management environment and data sources. 4. Information Security SupportResponds in a timely fashion to support requests and provide weekly reports to supervisor.Support security configuration of new business applications.Provides support and guidance for integration of security infrastructure with IT staff.Troubleshoots and resolves issues with application security settings.Escalates more complex issues to the vendor, and tracks to resolution.Assists with security risk determination for projects. 5. Information Security Audits and Reviews.Conducts internal information security reviews according to schedule.Assists with collecting information for exams, assessments, and audits.Conducts regular security reviews on hardware and operating systems.Recommends hardening guidelines for critical systems according to industry standards.Point of contact for annual PEN and vulnerability testing.6. Training and Education - Completes all assigned training as established in a timely manner, including compliance, certification & licensure, and other developmental requirements. 7. Customer Service - Exemplifies C&N Customer Service Standards PM18 QualificationsEducation: Bachelor's degree AndExperience: 3-5 years of information security/cybersecurity experience. Or Equivalent combination of education and experience. Required Certifications: Security+ (within 1 year) Suggested Certifications (Encouraged for continuous learning): CompTIA's Advanced Security Practitioner PI183090428

Keywords: Citizens & Northern Bank, Scranton , Information Security Engineer, Engineering , Wellsboro, Pennsylvania