We do the right things, right now. We do them in a way that is relevant to our clients. Become a part of our history as it continues to be written!
If you are interested and qualified for this role, we invite you to apply.
The Cyber Analyst is responsible for maturing the company’s cyber threat management program by leveraging skills to change the way associates consume and share data. They interact with multiple levels of the organization, including senior management, and are responsible for the cultivating the company’s data protection culture.
- Develops the use of monitoring tools, SIEM (security incident event monitoring) to carefully examine network traffic and to identify both external and internal threats.
- Develop patterns in methods to detail and analyze current events, threat actors, campaigns, tactics, techniques, and procedures (TTPs), and malware to summarize information, identify patterns, and understand potential impact related to our current risk posture.
- Provide written summaries of findings and document recommended actions in both executive summaries as well as detailed technical reports for system owners.
- Lead the development of strategic recommendations on the development and implementation of threat management projects.
- Based on cyber security policy, help to develop rules to identify, detect, and respond to cyber security incidents
- Own the development of cyber security policies
- Build partnerships with line of business leaders
- Understand processes and how data and information are used across the company to optimize the intelligence lifecycle
- Consult, provide guidance, and communicate effectively with internal partners
- Influence policies and procedures within lines of business which provide for a better cyber security posture
- Build and champion a company-wide culture around cyber security
- Own the company’s continuous improvement around threat management and ensure the company is staying up-to-date with the latest technical advances
Minimum Knowledge, Skills, and Abilities Needed to Perform Essential Functions of the Job:
- 10+ years of Information Security experience
- Ability to work with multiple lines of business at all levels of the organization, including the ability to learn and understand business processes
- Expert level knowledge of threat management techniques including how to monitor, detect, and respond to cyber security incidents
- Proven track record of training and mentoring others in multiple security domains
- Proven track record of training and mentoring others in multiple data security domains.
Preferred Knowledge and Skills:
- Experience in the banking industry
- Experience with Cyber Kill Chain, Mitre Att&CK, etc.
- Experience with EDR tools (such as Crowdstrike, Carbon Black, etc.)
- Bachelor's degree in Information Technology or equivalent work experience
- Certification in one or more of the following industry certifications
- Other relevant security certifications
Level of Complexity and Scope:
- Solves highly complex problems by working directly with the lines of business to protect confidential and restricted data
- Recommends creative solutions based on technical expertise and analysis
- Determines projects and policies to drive continuous improvement
Degree of Independence and Decision-Making:
- Leads and collaborates across the company on data protection management with limited guidance from management
- Regularly works independently with high degree of latitude
- Independent time management, organization, and prioritization
Required Supervisory Responsibilities:
- Up to manager discretion, may act as Team Lead
- Occasionally stands and walks
- Frequently sits
Compliance Statement: The associate is responsible for meeting all compliance requirements imposed on First Financial Bank by State and Federal law and regulation, as well as all related First Financial Bank policies and procedures. This includes all Bank Secrecy Act, Anti-Money Laundering, OFAC and Suspicious Activity reporting requirements, as well as all other lending and deposit compliance requirements.
Development and Training (Optional):
- Annual compliance training must be completed on time
- Continuous learning to keep certification current
It is our policy to not discriminate against any individual in violation of federal, state, and local laws as it relates to age, race, color, religion, national origin, sex, marital status, pregnancy, gender identity, disability, sexual orientation, genetic information, veteran/military service, or any other characteristic protected by law.
We are an E-Verify Employer.