VetJobs - The Leading Military Job Board

Overview

At Community Bank System, Inc. (CBSI), we are dedicated to providing our customers with friendly, personalized, high-quality financial services and products. Our retail division, Community Bank, N.A., operates more than 200 customer facilities across Upstate New York, Northeastern Pennsylvania, Vermont and Western Massachusetts. Beyond retail banking, we also offer wealth management, investment management, insurance and risk management, and benefit plan administration.

Just as our employees are committed to helping our customers manage their finances, we're committed to our employees. After all, they make it happen for our customers every day.

To ensure our people can enjoy long and successful careers here at CBSI, we offer competitive compensation, great benefits, and professional development and advancement opportunities. As an equal-opportunity workplace and affirmative-action employer, we celebrate and support a diverse workplace for the benefit of all: our employees, customers and communities.

The function of this senior level position is to engage in numerous Information Security initiatives for the organization through both day to day tasks and project implementations. One of the primary responsibilities will be around Insider Threat and the technical and governance aspects that make up that collective process. This is accomplished by working with various departments and applying a necessary technical and analytical mindset to understand risks and provide opinions and recommendations to mitigate the security concerns of the initiative.

Specific Responsibilities:

• Manage or take a significant role in the Insider Threat Program including application and policy development and maintenance.
• Manage or take significant roles in key security applications including SIEM, endpoint agents, vulnerability scanning, OSSINT, secure file transfer, incident response, email security, WAF, DLP and NAC.
• Work closely with other members of the Information Security team to assist with log review and security alerts related to anomalous, suspicious and/or malicious activity.
• Oversee the firewall configuration review process with an emphasis on understanding appropriate firewall methodology.
• Review data flows and permission levels throughout the environment and work with IT and Business Owners on any applicable remediation steps.
• Create and maintain workflows for department processes.
• Assist and/or complete various technology risk assessments as assigned.
• Participate in the Vendor Management program including the completion and review of risk assessments, collection and review of various monitoring documentation including SOC reports and assistance with improving the process based on regulatory guidance.
• Manage/work on project teams as assigned to assist in deploying systems and/or applications that are safe and secure.
• Work with various departments as assigned to assist with incidents involving potential information security items/forensic investigations.
• Threat Intelligence review and assessment of applicability against company resources.
• Regular internal and external testing of security against company systems/networks via authorized penetration testing and/or vulnerability assessments, as assigned, to determine and address vulnerabilities or risks.
• Contribute and participate in ongoing security awareness training.
• Address technology security related findings of any third party assessments as assigned.
• Work with IT on various initiatives, change control implementations and virus/malware detection and prevention.
• Participate and provide support for Audit and Regulatory reviews as assigned.
• Maintain proficient knowledge of, and demonstrate ongoing compliance with all laws and regulations applicable to this position, ensure ongoing adherence to pertinent policies, procedures, and internal controls, and meet all job-specific training requirements in a timely fashion.
• Provide appropriate levels of documentation for assigned technologies.
• As needed, provide after hours response to emergency issues that may arise.

Education/Training:

• Minimum Bachelor's Degree in Information Technology, Cybersecurity or similar field.
• Information Security/Technology Certifications (CISSP, GIAC, CEH, Security+ etc.) desired but not required.

Skills:

• Proficient reading, writing, mathematics and analytical skills. Excellent interpersonal and communication skills. Knowledge of current corporate network systems and their related security administration. Ability to quickly pick up and improve key security applications. Demonstrated ability to manage projects of a technical nature.

Experience:

• 5-10 years Information Technology Experience (corporate environment)
• 5+ years applied Information Security or Cybersecurity Experience
• 3+ years Financial Industry Experience (desired but not required)

Compensation: Commensurate with experience plus potential for annual merit increase. In addition to your competitive salary, you will be rewarded benefits including: 11 paid holidays, paid vacation, Medical, Vision & Dental insurance, 401K with generous match, Pension, Tuition Reimbursement, Banking discounts and the list goes on!

Physical Requirements:

The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. While performing the duties of this job, the employee may be required to stand, walk or sit. Use hands and fingers, handle or feel, reach with hands or arms, and speak and hear. The employee may occasionally be required to lift and or move up to 25 pounds. Specific vision abilities required by this job include close vision, and the ability to focus.

An Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or protected veteran status and will not be discriminated against on the basis of disability.

Community Bank System, Inc. is an Affirmative Action, Equal Opportunity Employer who fully embraces diversity - minorities/females/veterans/individuals with disabilities/sexual orientation/gender identity.

Minimum Salary: 31200.00 Maximum Salary: 31200.00 Salary Unit: Yearly