|Published||September 15, 2022|
The Information/Cyber Security Compliance Analyst ensures compliance with regulatory guidance and statutes in connection with the areas of Information Technology and Information Security. Assesses cyber and information security risks and makes recommendations to mitigate risk. Ensures practices are sound and in compliance with applicable laws, regulations and policy.
Perform analyses of current cyber/information security regulations and guidance to identify areas of potential non-compliance and develop strategy for addressing weaknesses. Perform and prepare written information security-related risk assessment and other information security-related analytical documents as needed. Develop and implement a compliance verification strategy to ensure ongoing compliance with information security regulations and regulatory guidance. Maintain awareness of regulations, laws, emerging issues, trends, and ongoing developments regarding cyber/information security. Develop, prepare and maintain periodic information security-related risk reports or presentations to keep the Chief Information Security Officer, Chief Information Officer and management abreast of trends, strategies, and potential issues. Liaise and assist with activities between the Bank, and Federal and State regulatory agencies, as needed. Develop and implement an IT documentation review process to ensure compliance with existing corporate policy. Research and identify cyber/information security risks and exposures and recommend strategies to mitigate vulnerabilities. Coordinate closely information security staff. Act as an internal subject matter expert for cyber/information security risk and compliance. Performs special projects, and additional duties and responsibilities as required. Where applicable and when performing the responsibilities of the job, employees are accountable to maintain Sarbanes-Oxley compliance and adhere to internal control policies and procedures.