Jobs for People with MS: National MS Society

Merchants Bank, Winona, has an opening for an Information Security Analyst. This position will work on-site at our Winona, MN location. The hours for this position will generally be Monday-Friday from 8am-4:30pm. This position is part of the Risk Management team and will provide monitoring of the vulnerability management program, exception analysis and reporting to make sure bank standards are met. Duties also include coordinating with multiple vendors to achieve vendor performance at the contracted level of service. This position will lead maintenance, management, testing and training of the Access Management Program and also administer annual application access reviews. Two years experience working in vulnerability management, access management or an information security role desired. Excellent written & verbal communication skills required. Must be highly organized, a self-starter, and good at investigating. Must have the ability to create and use new and existing Spreadsheets, Word documents, PowerPoint and access technology tools in reporting and monitoring progress in vulnerability management. Please click on Apply Now or apply in person at Merchants Bank, Winona (102 E 3rd Street). Questions can be emailed to hr@merchantsbank.com. Merchants Bank is an Equal Opportunity Employer of women, minorities, protected veterans and individuals with disabilities. General Summary Provide in-house monitoring of the bank s vulnerability management program, exception analysis and reporting to management. Will coordinate with multiple vendors in achieving satisfactory vendor performance to the contracted level of service, as well as working collaboratively on solution measurement with in-house IS and IT personnel and other staff across the bank. Primary Responsibilities and Duties Provide monitoring of vulnerability management program, exception analysis and reporting to management. Coordinate with multiple vendors in achieving satisfactory vendor performance to the contracted level of service Assist in auditing and cross-referencing vulnerability scans, logs, and reports to assure high quality and provable resolution to vulnerabilities Monitor the management and resolution of vulnerability management related exceptions, assure exceptions meet bank standards Monitor, respond and escalate as needed incoming SIEM alerts and daily reports. Lead maintenance and maturation of the organization s Identity and Access Management Program. Monitor and manage application access requests to ensure proper process for review, approvals and documentation is followed. Administer annual application access reviews Perform training related to the bank s Identity and Access Management processes and procedures. Assist with management of the Bank s phishing security testing, training and remediation program Assist with employee management, workflow/email/report and equipment request triage Monitor and notify Darkweb compromise alerts from vendors Understand and review internal and external logs to compare various logs and align results with vulnerability management goals Monitor external info sec sources for relevant threat information Participate as a member of the bank s incident response team Serve as documentation coordinator for IT security, outage and external incidents. Participate in the IT audits and the IT related portion of bank audits and regulatory examinations Assist management in directing in-house staff and third-party remediation of vulnerabilities. Act as back-up facilitator for onboarding and offboarding employees Employee will be expected to contribute to a positive working environment through words and actions. Employee will be expected to greet internal and external customers in a friendly and outgoing manner. Employee will be expected to take responsibility to ensure that internal and external customers receive outstanding service. Regular and dependable attendance is an essential function of the job Employee may be asked to perform o her duties as required by business needs Employee will be expected to complete compliance and product knowledge assignments in a timely manner Other IT administrative duties as needed Skills and Abilities Required: 2 years experience working in vulnerability management or access management or information security role. 2 years of experience working in an IT or audit department. Highly organized self-starter Curious and willing to investigate suspect areas Willing to learn IT/IS vocabulary or have knowledge of IT/IS vocabulary Does not need to be an IT professional but should have an aptitude to learn IT terminology and understand IT operations Administrative organization skills Ability to create and use new and existing Spreadsheets, Word documents, PowerPoint and to access technology tools in reporting and monitoring progress in vulnerability management. Excellent written and verbal communication abilities. Working Conditions: Little or no discomfort caused by environmental factors. Some exposure to mental/visual fatigue resulting from research of complex systems issues. Some travel required. Hours may be unpredictable due to installations, configuration, research, and updates that must be performed outside of normal banking hours. Relationships: Responsible to the VP/Director of Security for fulfillment of functions, responsibilities, and authority, and for their proper interpretation. Will have extensive contact with IT department managers and staff, bank-wide managers, end-users, and third-party application developers.