Junior Information Security Analyst

The Junior Information Security Analyst - assists in analyzing information security systems and applications and recommends and develops security measures to protect information against unauthorized modification or loss; monitor, evaluate, and maintain systems and procedures to safeguard internal information systems, network, databases, and Web-based security. Assist with conducting vulnerability assessments and monitor systems, network, databases, and Web for potential system breaches. May be assigned responsibility for internal or external systems security (i.e., cloud services) with oversight and/or assistance from the Manager, Information Security., * Perform as needed, Information Security, application, and system security functionality testing to ensure adequate controls are applied and/or configured pre-implementation and post-implementation.

• Vulnerabilities - Conduct vulnerability assessments and monitor systems and ensure critical and high vulnerabilities are tracked managed and remediated within the documented SLA's; determine an action plan to reduce vulnerabilities and/or document the exceptions based on acceptance of risk.

• Control Testing - Perform Information Program controls testing sequences that are assigned to the team as part of the Information Security Program, such as Data Loss Prevention (DLP), scanning for cardholder data locations and retention periods, phishing simulations, exploit simulations, physical network security, etc.

• Control Monitoring - Monitor, evaluate, and maintain systems and procedures to safeguard internal information systems, network, databases, and Web-based security; respond to alerts from information security tools, report, investigate and resolve security incidents.

• Configuration Review - Assist in reviewing configuration of DLP, HIPs, Encryption, and Anti-Virus systems including monthly reports on scans to ensure cardholder data and systems are secure.

• Good understanding of assessing, utilizing, supporting and/or maintaining of logical and physical security architectures and technologies including but not limited to IPS/IDS, firewall, SIEM, VPN, anti-virus, email, web, data, video, physical access control hardware and related operating systems & supporting software.

• Communicate clearly and concisely, both orally and in writing.

• Multi-task and adhere to priorities and meet deadlines.

• Ability to work in a fast paced, collaborative environment, drawing on the expertise of all team members to deliver projects.

• Good understanding of technical writing and documentation skills., * Minimum of 1 year directly related experience, other transferrable technical experience, education, or training required.

Formal Education & Certification:

• Associate's degree in information systems, Computer Science or a related discipline preferred.

• One or more of the following certifications is preferred:

• CompTIA Security

• CompTIA Advanced Security Practitioner (CASP)

• Conditions involve lifting no more than ten pounds, sitting most of the time, but may involve walking, moving, or standing for brief periods, and occasionally lifting and carrying articles like files, ledgers, folders, etc.

Become a part of the diverse and inclusive team within our nationally recognized award-winning Bank that is one of the strongest in the nation. Woodforest National Bank is privately owned, and our Employee Stock Ownership Plan is the largest shareholder. We focus on building relationships and discovering opportunities to better serve our communities and understand the financial needs of every customer we serve. At Woodforest we care and prove it by volunteering with local charities and foodbanks to give back to the communities we serve. By joining Woodforest you will become a part of one of the largest employee-owned banks in the country!