Information Security Analyst
Southern First Bank · Greenville, SC · 1 wk ago
On-siteInformation TechnologyFull-time
Essential Responsibilities
- Serves as an internal information security consultant for the organization.
- Collaborates in the continuous development, implementation, and updating of security and privacy policies, standards, guidelines, processes, and procedures.
- Promotes effective communication and coordination across the organization regarding cybersecurity practices and supports leadership in providing information necessary for risk-based decision-making regarding cybersecurity.
- Performs various annual information security risk assessments, including Cyber Security and GLBA, and serves as an internal auditor for security issues.
- Reviews all system-related security plans throughout the organization's network, acting as a liaison to Information Technology.
- Assists and/or prepares the Annual Information Security Report.
- Maintains compliance with information security policies and procedures, collaborating with the appropriate department manager and escalating as necessary.
- Maintains awareness of evolving cybersecurity risks and regulatory guidance.
- Assists with preparation for IT audits and regulatory exams, and reviews and addresses issues identified ensuring all audit-related issues are addressed in a timely manner.
- Maintains internal control systems to ensure appropriate access levels are maintained, and coordinates or performs user access reviews.
- Supports future initiatives such as AI governance and expanded data governance.
Essential Skills, Education And Experience
- At least 1-3 years of experience in information security, IT risk management, or IT audit in a banking environment.
- Knowledge of laws and regulations including but not limited to: FFIEC Guidance, Gramm-Leach-Bliley Act, and Sarbanes-Oxley.
- Knowledge of IT processes and controls and understanding of risk and control frameworks such as COBIT, NIST, PCI, etc.
- Bachelor’s degree or equivalent experience.
- Prefers certification such as CISSP, CISA, CISM, or ability to obtain certification within a year of taking the position.
- Excellent organizational and communication skills.
- Strong interpersonal skills and the ability to effectively communicate with a wide range of team members.
- Strong attention to detail and documentation discipline.
- Self-motivated and able to work independently.