AVP, Sr. Information Security Analyst - Remote

Division: Risk Management

Department: Information Security

Reports to: SVP, Information Security Officer

Status: Exempt/Officer

Grade: 11

Salary Range: $66,699 - $141,734

Actual compensation within the pay range will be decided based on factors including, but not limited to, skills, prior relevant experience, and specific work location.

Location: Hybrid within MA, CT, NY, VT, RI

Purpose/Objective:

The AVP, Sr. Information Security Analyst is an experienced team member responsible for monitoring, detecting and responding to cybersecurity threats and incidents. This role requires advanced knowledge and experience in analyzing, triaging, responding to and resolving investigations and incidents. Using a variety of commercial and open-source tools, the AVP, Sr. Information Security Analyst will investigate alerts, review log data and run specialized queries to analyze events quickly and execute response actions.
The AVP, Sr. Information Security Analyst is experienced working with multiple technologies, including security orchestration, automation and response (SOAR), SIEM, endpoint devices, applications, network devices, cloud infrastructure and threat intelligence feeds. As a senior member of the team, the analyst will handle escalations, support less-experienced team members and manage more-challenging incidents in the queue.
The AVP, Sr. Information Security Analyst will mentor other team members to strengthen the team's capabilities. This role includes identifying opportunities to automate repetitive tasks, allowing teammates to focus on more-advanced tasks, and improving the resiliency of the company's security posture. Strong problem-solving abilities, excellent communication skills and an understanding of emerging cybersecurity threats are essential for success in this role. This role reports to SVP, Information Security Officer.

Key Accountabilities:

• Serves as the lead security analyst to provide expertise and oversite involving security incidents, including all critical and complex incidents, and ensures all related incidents are remediated within expected information security SLAs.
• Serves as a subject matter expert in assisting with, implementing and strengthening information security monitoring protocols, policies, and other information security owned systems.
• Works closely with other team members to monitor / enforce application security, harden servers/workstations, patch management, database activity, vulnerability assessments, data loss prevention, antivirus, firewalls, asset management, and enforce encryption protocols.
• Serves as a lead information security resource to internal business units and support organizations by providing research, analysis, and solutions for critical, sophisticated, or complex security related business/technology initiatives.
• Participate in an on-call rotation for regular-hours and after-hours support as required.
• Assumes additional responsibilities and duties as necessary to ensure department objectives are met, stay current with cybersecurity threats, AI developments, risks and vulnerabilities that could impact services and support creating detections aligned with the MITRE ATT&CK framework and recommend improvements to leadership.
• Document and share information with team members to help improve analytical skills, support monitoring and response metrics, KPIs and service level objectives for security events and incidents, regularly participate in tabletop exercises to identify gaps, improve skills and enhance communication and review reports from tabletop exercises, vulnerability assessments and penetration testing to make improvements.

• Recommend adjustments to security tool configurations to minimize false positives, provide recommendations for improving monitoring, logging, identity management, data protection, detection and preventative controls, and, upon request, report on the state of the SOC to cybersecurity leaders and stakeholders.
• Ensures compliance with all banking laws, rules, regulations, and prescribed policies/practices/procedures necessary to reduce risk and uphold ethical standards related to and required by one's duties.

Education:

• Bachelor's degree preferred in cybersecurity, computer science, engineering or a related field, or equivalent work experience
• Certifications in the field of Information Security are preferred (CISSP, Security+)

Experience:

• Five-plus years of experience in Information Security or related fields required
• Experience with network devices / concepts, firewalls, routers, and switches
• Experience with Network Access Control (NAC), Cloud Access Security Broker / Secure Web Gateway, Zero Trust Architecture
• Expertise in security solutions including next-generation antivirus solutions, data classification tools, and SIEM required including application of defense in depth strategies
• Experience with threat hunting and / or anomaly investigation

Skills & Knowledge:

• Excellent analytical, problem solving, and documentation skills
• Technical skills in security risk assessment, incident monitoring/reporting, requirements development, secure design analysis, architecture assessment and development, and security testing of applications and systems.
• Demonstrated technical understanding in emerging cybersecurity threats.
• Expertise in SOAR, SIEM, threat intelligence, identity management, sandboxes, vulnerability management, and endpoint detection and response/extended detection and response tools.
• General understanding of ML/AI applications in security operations processes.
• Strong understanding of threats, vulnerabilities and incident response principles.
• Familiar with one or more frameworks and regulations, including NIST Cybersecurity Framework, SOX, and GLBA.
• Excellent judgment and ability to make quick decisions in complex situations.
• High degree of integrity, trustworthiness, professionalism and character.
• Exceptional written and verbal communication skills across varying levels of the organization.

We endeavor to make this site accessible to any and all users.

Berkshire Bank is an Equal Opportunity Employer - all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, or national origin. If you would like to contact us regarding the accessibility of our website, need assistance completing the application process, or would like to request alternative methods of applying, please contact us at hr@berkshirebank.com.

Remote