Information Security Analyst
Company: Chemung Financial Corp
Posted on: June 9, 2021
- Review daily security logs and manage log reporting
- Provide recommendations for enhancements in security tracking
- Responsible for User Access Management by reviewing/monitoring
access to information systems ensuring appropriate segregation of
duties within and across applications.
- Review, research, document and take appropriate action on
- Responsible for vulnerability assessments and penetration
testing with appropriate remediation.
- Responsible for Identity Access Management and its associated
policies and technologies.
- Responsible for researching and proposing strategies and
initiatives for Data Loss Prevention techniques and solutions.
- Responsible for data discovery, inventory and cleanup.
- Assist in Data Governance initiatives and Information Security
- Analyze, document and define requirements associated with
existing security roles and permissions; review roles/permissions
with users to ensure requirements are fully met.
- Conduct technical/security reviews and risk analysis for new
initiatives to ensure CCTC policies and security requirements are
thoroughly vetted and met.
- Monitor access to all systems and assets.
- Responsible for the review and approval of user access and
- Review Security Policies and make requests for revision or
modification as needed.
- Participate in the development and implementation of the
appropriate and effective controls to mitigate identified threats
- Provides follow-up on detected security issues and implement
solutions to reduce security risks.
- Responsible for creating, reviewing, testing and improving
Incident Response Plans and Procedures.
- Responsible for performing Information Security Risk
assessments and the review and managing of all technology and
systems related controls.
- Perform research on potential end user and system breaches or
- Perform NIST Risk Assessments for core and critical systems to
identify areas of weakness or vulnerability.
- Work with vendors on improvements to products or new
- Responsible for administering various security appliances and
devices (web/content filtering, SIEM, vulnerability scanner/trends,
- Oversee CCTC's Security and Awareness Program while continually
improving its effectiveness and content.
- (Process Improvement) Proactively work with end user's and
units to understand and improve processes as they relate to
security and the management of information/data.
- Review Third Party Risk Profile making appropriate
recommendations (SOC reviews, Cybersecurity Program, Contracts,
Right to Audit, etc.)
- Performs some backup duties for Physical Security functions as
- Bachelor's degree in a related field, or equivalent formalized
education and training; Minimum of 5 years of experience in related
- Knowledge of Microsoft Active Directory, DHCP, DNS,
Vulnerability Scanning, Anti-Virus/Malware, Firewall configuration,
SIEM experience, Threat Intelligence, Network+ or Security+
- Proficient reading, writing, grammar and math skills;
Proficient interpersonal and communication skills; Proficient
computer skills; Demonstrated knowledge of system security
architectures and emerging technologies; Comprehensive knowledge of
the company's products, services, regulations, operating policies
and procedures; interpersonal skills in dealing with clients, all
levels of management and Board members.
- Ability to travel to Valid Driver's License required.
EEO/AA Including Veterans and Disabled
Keywords: Chemung Financial Corp, Syracuse , Information Security Analyst, Other , Elmira, New York
Didn't find what you're looking for? Search again!