Job Summary: Responsible for day-to-day maintenance of IT security administrative functions including security reports review, IT risk assessment data entry, and vendor management data entry and reporting.
ESSENTIAL DUTIES & RESPONSIBILITIES
- Responsible for maintaining records for vendor management program including contracts, control reports, and supplementary documentation.
- Responsible for compiling vendor management score cards and expired documentation alerts in support of vendor management program .Produce gap analysis monthly and review with VP of IT for remediation recommendations and risk acceptance.
- Support IT risk assessments’ data and documentation collection, and assist with IT risk assessments as directed by supervisor.
- Collect key performance indicators as requested by supervisor.
- Administer and monitor social engineering testing; provide quarterly reports to the supervisor.
- Review and escalate IT alerts for failed backups, network events or IT policy violations to supervisor.
- Review key systems daily for IT security exceptions: antivirus, data backup, replication. Report exceptions to management.
- Collect and review network topology maps.
- Schedule and report on business continuity testing as determined by the BCP testing matrix.
- Under supervision of VP of IT, assist in maintaining, updating and publishing Business Continuity Plan.
- Utilize existing vendor management and IT risk assessment system to pull reports for management or lines of business as requested.
- Track and update status of open audit, exam, and IT security findings as required by supervisor.
- In absence of the VP of IT maintain, update and monitor user profiles for the core computing application (COCC) and network access including remote access.
- In absence of the VP of IT responsible for monitoring the daily nDiscovery Reports from the Sage Data Security nightly scans and advise IT management on any unusual items on the report.
- Perform additional duties as requested, needed or assigned.
- Skill in understanding various aspects of information security and related technology concepts
- General knowledge of the Bank's software applications, technological infrastructure, networking and network design, and data processing systems
- Willingness to continue education and pursue cybersecurity certifications
- Strong organizational skills
- Ability to manage multiple concurrent tasks
- Good oral and written communication skills
- Must be able to communicate with users with all levels of computer experience
- Ability to adhere to Needham Bank’s Core Values (Quick-Decision-Making, Reliability, Relationship-Based Focus and Quality Service)
- High School Diploma and 1-2 years of college education
- Familiarity with IT security concepts
- IT Security certifications such as CISSP are preferred by not required
Needham Bank offers a competitive salary and an amazing benefit package for a full-time employee which includes fully paid medical and dental insurance, HRA, 401(k) plan with an 8% bank match, defined benefit pension plan, paid vacation, paid holidays, paid leave benefit, a bonus program, flexible spending accounts, vision service plan, group term life insurance, short and long term disability insurance, tuition reimbursement, and an Employee Assistance Program. We offer a great benefit package to our eligible part-time employees as well.
Needham Bank is an Equal Opportunity/Affirmative Action Employer. Needham Bank will provide all applicants for employment and all employees with equal opportunity for employment and promotion regardless of race, color, religion, gender, national origin or ancestry, age, disability, veteran status, military service, sexual orientation, genetic information, or gender identity.