Cyber Security Analyst

at Canandaigua National Bank & Tr
Location Pittsford, NY
Date Posted March 3, 2021
Category Default
Job Type Full-time


Cyber Security Analyst

Canandaigua National Bank & Trust 


The Cyber Security Analyst at CNB develops and implements advanced cyber defense solutions and changes for the organization.  The position safeguards the corporate infrastructure from infiltrations or exfiltration, and assures that the system is built to specification and is deployed successfully.

Education, Training and Experience:

Education/Training:Associate or Bachelor’s degree in Computer Science, Information Science, Management Information Systems, Business Administration, or related field normally required; specialized education and training relating to computer systems and applications.

Skill(s): Proficient reading, writing, and grammar skills; proficient mathematics skills; proficient analytical skills and problem-solving ability; proficient research skills; good project management skills; working knowledge of current network hardware, protocols, and standards; working technical knowledge of SQL programming languages; working knowledge of network and PC operating systems; proficient interpersonal relations and communicative skills; ability to stand, stoop, bend, climb and lift items weighing thirty (30) lbs. or less; visual and auditory skills; valid driver's license.
Experience:  A minimum of five (5) years' experience in related positions normally required; proven experience in overseeing the implementation of hardware and software solutions, systems, or products.  Minimum of (3) years’ experience in Cyber Security field. 

Essential Duties:

Participates in security team that designs, maintains, and operates highly complex and high secure communications network environments.

Performs in-depth network security analysis, and conducts preliminary incident response, event analysis, and threat intelligence.

Perform daily operational real-time monitoring and analysis of security events from multiple sources.

Oversees patch management analysis, deployment, and monitoring program.

Ensures compliance with and provide input to security policies, standards, and procedures. Conducts all tasks in accordance with the requirement to comply with security controls and any pertinent regulations.

Participates in a team that analyzes systems and networks; detects intrusions of sophisticated and slightly different attacks to the network infrastructure, applications, operating systems, firewalls, proxy devices, malware detection, and more; and monitors the environment to locate and remediate unauthorized activity.

Performs day to day monitoring of information security alerts, including alert logs from firewalls, intrusion detection system, operating system, Antivirus, web application firewalls, and web servers; responds, triages, analyzes, and discerns false positives; and escalates results to management as needed.

Performs vulnerability scanning of the network environment, analyzes the results to assess risk to the organization, prioritizes remediation efforts, prepares reports that document vulnerabilities from network-based attacks, and recommends actions to prevent, repair, or mitigate these vulnerabilities.

Utilizes skills in advanced internal/external routing and switching technologies gained from experience working in various disciplines. Technologies include, Antivirus, host-based protection, security incident event management, virtual shared computing environments, and network/security management.

Must participate in continuing education to increase security knowledge to stay current of threat landscape.

Works with Information Security Risk Office to measure the effectiveness of organizations information security risk program.

Plans, designs, develops, and launches efficient information systems and operations systems in support of core organizational functions of which the following are illustrative:

Meets with decision makers, systems owners, and end users to ensure business requirements and security goals are being maintained.

Ensures compatibility and inter-operability of complex computing systems.

Reviews and analyzes the effectiveness and efficiency of existing systems and develops strategies for improving or further leveraging these systems.

Assists in the deployment of new applications and enhancements to existing applications.

Conducts research on hardware and software products to justify recommendations and to support purchasing efforts.

Ensures the integrity and security of enterprise data on host computers, multiple databases, and during data transfer in accordance with business needs and industry best-practices regarding privacy, security, and regulatory compliance.

Provides guidance to individuals that manage permissions, access rights, and storage allocations in accordance with best practices regarding privacy, security, and regulatory compliance.

Performs network and security audits.

Practices network asset management, including maintenance of network component inventory and related documentation and technical specifications information.

Analyzes system, server, application, network, and input/output device performance.

Recommends, schedules, and performs software and hardware improvements, upgrades, patches, reconfigurations, and/or purchases.

Participates in developing, documenting, and maintaining policies, procedures for system administration and appropriate use.

Assists with team that performs cost-benefit and return on investment analyses for proposed systems to aid management in making implementation decisions.

Follows departmental procedures for change management, project management, business continuity planning, incident/problem management and asset management.

Coordinates with other personnel within the department as well as with other departments to ensure the smooth and efficient flow of information.

Abides by the current laws and organizational policies and procedures designed and implemented to promote an environment which is free of sexual harassment and other forms of illegal discriminatory behavior in the workplace.

Cooperates with, participates in, and supports the adherence to all internal policies, procedures, and practices in support of risk management and overall safety and soundness.

Complies with established operating policies and procedures in order to maintain adequate controls and to support the Bank's adherence to outside regulatory requirements.

Communicates with management and staff personnel to integrate goals and activities.

Responds to inquiries relating to his/her area, or to requests from other Bank personnel, customers, etc., within given time frames and within established policy.

Maintains appropriate records and provides assigned reports.

Participates in CNB IT On-Call Program.

Performs tasks which are supportive in nature to the essential functions of the job, but which may be altered or re-designed depending upon individual circumstances.

About Canandaigua National Bank & Trust Company 

As the only local, full-service, community-owned financial institution in the Rochester area, Canandaigua National Bank & Trust is investing in you, your business, and your community through our products, personal service, technology, and community support. Our Core Values of Honesty and Integrity, Responsibility, Teamwork, Respect, Innovation, Professionalism, and Commitment represent who we are and what we do, each and every day. That's what makes us different from our competitors and a great place to work! Before making any business decision, we carefully consider how it will affect the people who rely on us the most: our valued customers, the communities we serve, our employees, and shareholders. Some of the main reasons we love our jobs include: 

• Challenging Work 

• Excellent Culture 

• Extraordinary Co-Workers 

• Great Rewards including a strong benefits package, learning opportunities, flexibility, and other perks aimed at creating a solid work/life balance. 

Canandaigua National Corporation and its subsidiaries encourage diversity in the workplace; we are an Equal Opportunity Employer. Minority/Female/Sexual Orientation/Gender Identity/Disability/Veteran.