Trustmark Bank is focused on enhancing its cyber resilience efforts and is seeking an Information Security Analyst. The role involves managing daily operations related to cyber incidents, ensuring compliance with corporate policies, and assisting in the development of plans to address critical banking application outages.
Responsibilities:
- Assist with coordination and documentation of incidents
- Assist with conducting Business Impact Assessments and Continuity Plan development
- Review vendor risk questionnaires for adherence to cybersecurity best practices
- Conduct reviews of Insider Threat alerts and escalate to senior team members as necessary
- Development and maintenance of Information Security Policy and Standards for Trustmark
- Responsible for capturing KPIs associated with the Cyber Resilience team
- Responsible for periodically requesting information and meeting with lines of business to review information Security risks
- Assist in the coordination and documentation of responses to both internal and external audits involving Cyber Resilience
- Assist with research of information security issues, documentation, and reporting
- Perform Additional duties as assigned
- Development and maintenance of Information Security Policy and Standards for Trustmark
- Responsible for capturing KPIs associated with the Cyber Resilience team
- Responsible for periodically requesting information and meeting with lines of business to review information Security risks
- Lead the coordination and documentation of responses to both internal and external audits involving Cyber Resilience
- Research of information security issues, documentation, and reporting
- Perform Additional duties as assigned
- Responsible overseeing Information Security reporting to senior management, including assisting the management team with creating the required Annual Information Security Report to the designated Board Committee
- Responsible for completing large scale changes to cyber resilience related policies and standards
- Responsible for proactively monitoring incidents throughout their lifecycle and coordinating the implementation of enhancements to the incident response process
- Provides a forum for review, counsel, education and communication of Information Security Policies and Standards to all personnel
- Responsible for leading in the research and review of security incidents
Requirements:
- Bachelor's Degree or 3 years of equivalent work experience in related Information Technology or Information Security
- General knowledge of Federal Regulations, relative to incident reporting timelines
- Knowledge and work experience in Incident Response
- General knowledge of Business Continuity & Disaster Recovery best practices
- General knowledge and experience developing and implementing policy and standards
- General knowledge of network infrastructure, client/server policies, and operating systems
- Oral communication skills
- Report writing skills with creating/maintaining information security policy and management reports
- Detail oriented
- Analytical skills
- Organizational skills
- Independent judgment
- Bachelor's degree and 4 years of equivalent work experience in related Information Technology or Information Security
- Work experience and knowledge of End User Computing systems
- Work experience in conducting Business Impact Assessments
- Extensive experience in conducting cyber investigations and forensic analysis
- Comprehensive knowledge of Federal Regulations, relative to Information Security Risk Assessments
- Knowledge and work experience in Information Technology
- Broad knowledge of network infrastructure, client/server policies, and operating systems
- Advanced knowledge of Microsoft Suite tools
- General understanding of Information Security tools related to Information Security Functions (DLP, PAM, IAM, etc.)
- Bachelor's degree in a related field and at least 6 years of Information Security specific experience
- Experience in policy creation and maintenance writing
- Work experience and knowledge of Network devices
- Knowledge and experience developing and implementing policy and standards
- Specific knowledge of various regulations governing security of customer information and in particular the Interagency Guidelines Establishing Standards for the Safeguarding Customer Information
- Writing skills involved with creating/maintaining information security policy and procedure
- Extensive knowledge of Microsoft Office (Word, Excel, PowerPoint, etc.)
- Extensive knowledge or experience (or training) in Risk Assessment processes
- Relevant industry certifications
- Work experience in banking
- Master's degree in relevant field
- Policy writing / management reporting experience
- Security certifications (CISSP, CISA, CRISC, CISM, etc.)