Information Security Specialist

Lewiston

Contact Details

Job Description

 Information Security Specialist

Lewiston, Maine 

This might be a great job for an early-career IS person, or someone with strong network admin skills looking to narrow their focus. If you have a few years of experience under your belt, please consider applying to this hands-on position!  If you can bring some education and proven skills to the table, we can support you in gaining certifications.

The Information Security Specialist is a technician who works on the day-to-day monitoring and coordination of information security processes. This critical role works in conjunction with the Risk Management Division to identify threats and coordinates their timely remediation with the IT department.  The IS Specialist is a key player in keeping our customer and company data safe and secure.

Our IS Specialist works closely with the Bank’s Information Security Officer (ISO) to fully understand the Bank’s Information Security-related policies, procedures and risk profile. Leveraging best-in-class tools and vendors, the incumbent routinely responds to audit findings and vulnerability scans related to our IS posture ensuring we remain compliant with those policies and procedures while improving the Bank’s overall risk profile. 

Our successful candidate will have experience working in information security and/or network administration in a federally regulated and compliance-driven environment, such as in a financial or medical industry.  It is critical that applicants have solid experience working with firewalls and Windows Servers/PC’s as this role constantly works to resolve vulnerabilities in those systems.  Experience working with routers and switches strongly preferred.

 Completes or assists with the following key duties:

Uses system reporting tools for security monitoring and carrying out vulnerability remediation priorities.

Monitors and respond to security alerts and incidents. Cooperates with the larger team to examine any security incidents or breaches to determine their root cause and carry out the determined remediation.

Ensures IT’s compliance with existing policies & procedures including verification of completed backups and data storage.

Helps evaluate information security compliance and risk to recommend improvements. Implements, or monitors implementation of approved changes in the following areas:

  • Cybersecurity measures and controls; protocols for protecting digital files and information systems against unauthorized access, modification and/or destruction
  • The Bank’s vulnerability management program
  • Disaster recovery testing
  • The Bank’s incident response process
  • Vulnerability monitoring of Bank devices

Maintains and monitors:

  • Vulnerability scanning tools, threat remediation tracking & reporting
  • Intrusion protection and detection systems
  • Access permissions to bank information

Coordinates internal and external testing including designing and performing phishing tests.

Participates in Information Security internal/external audits and exams providing requested data and information. Manages any required remediation.

Assists in the IT vendor selection process, specifically to verify that vendors comply with existing bank information security standards.

Serves on related internal committees as required.

Bachelor’s Degree in Information Systems, Information Technology or related Field is preferred. Previous experience in network administration or information security is required.

The successful candidate may possess s