Information Security Analyst at Bravera

Job Details

Description

Bravera is hiring for an Information Security Analyst at any Bravera Bank location (MT, ND or MN). The Information Security Analyst supports the Information Security Officer (ISO) in safeguarding the bank’s information assets by assisting in the development, implementation, and monitoring of security policies, procedures, and controls. This role is critical in helping maintain the confidentiality, integrity, and availability of the bank’s information systems and data. In addition, this position will assist with performing audits for Bravera Holdings Corp. & Subsidiaries, remaining independent and objective while assessing compliance with controls, policies/procedures, and regulations.

Measures Of Success

• Contribution to successful regulatory or external audit outcomes.
• Security awareness training to prevent cybersecurity incidents.
• Attention to detail
• Strong Communication – written and verbal
• Willingness to learn, work independently, and ask questions
  
  

Duties And Responsibilities

• Assist the ISO in implementing and maintaining the bank’s information security program. This includes Information Security, Information Systems, Access Control, Incident Response Plan and Vendor Management Program.
• Assist with vendor risk assessments and third-party due diligence. (includes vendor risk assessment, due diligence, ongoing monitoring, proper documentation and reporting, and contracts)
• Ensure appropriate administrative, physical, and technical safeguards are in place to protect information assets from internal and external threats.
• Information Security Monitoring (Firewall, core system, internet banking platforms, etc.)
• Coordinate phishing simulations, security awareness campaigns, and training for security awareness month.
• Evaluate and recommend information security technologies to countermeasures against threats to information or privacy.
• Monitor, analyze and report on internal/external threats, cyber-crimes, and critical third-party vendor risks. Stay updated on the latest security trends and technologies to enhance the organization's security posture.
• Assist with annual access control review.
• Assist with Incident Response functional testing for appropriate staff.
• Assist with Information Technology Risk Assessments.
• Assist with CRI Profile, CIS Controls, and PCI compliance reviews/updates.
• Lead Clean Desk and Fedline Audit.
• Monitor Phishlabs, Information Security Committee & Abuse email accounts.
• Will assist with examinations of Federal Regulators, external and internal audits, and investigations of fraud as requested. (Including evidence collection and remediation tracking)
• Work with IT teams to ensure security measures are integrated into the organization's infrastructure.
• Must maintain a high level of confidentiality and professionalism regarding all employee and customer issues and information.
• The employee will adhere to all rules and regulations, including but not limited to the requirements of the Bank Secrecy Act. In addition, the employee will be proactive in the prevention of illegal activities, will vigilantly look for activities that may constitute any type of fraud including money laundering, and will report any suspicious activity to the BSA Officer.
• Will assist with special projects and new technology initiatives, as requested.
• Stay current on emerging threats, vulnerabilities, and regulatory changes.
• Contribute to the overall success of the organization.
• Responsibilities require a high degree of accuracy and strong communication skills.
• Earn and maintain the respect and trust of people. Display honesty, integrity, and morality.
• Must be able to efficiently organize work assignments in order to meet deadlines.
  
  

Secondary Duties And Responsiblities

• Create a monthly/quarterly fraud report.
• Will assist with internal audits and FDICIA Testing.
  
  

Qualifications (knowledge, Skills And Abilities)

• Education: Bachelor’s degree in Computer Science, Information Technology, Management Information Systems, Cybersecurity or related field (or equivalent experience).
• 2+ years of experience in cybersecurity, Information Security, or Information Technology (banking or financial services preferred).
• Familiarity with cybersecurity/regulatory frameworks such as FFIEC, GLBA, NIST, or CRI Profile.
• Obtain and keep current professional certification and training, as required. (Certified Community Bank Technology Officer, Certified Banking Vendor Manager)
  
  

LOCATION:

Any of Bravera's locations in Montana, North Dakota or Minnesota.

Benefits

To support this, we provide a competitive and rewarding compensation package which includes a competitive salary, incentive compensation opportunities, retirement plan with company match, health insurance, paid holidays, paid time off (PTO), paid community volunteer time and stock opportunities. As a learning organization, we are committed to investing in the growth and development of our team members, offering training opportunities and tuition reimbursement.

Our Values

• Give and earn trust. We support and empower one another to earn trust through accountable performance.
• Learn, teach and mentor. We are a learning organization that invests in growth and development.
• Collaborate and innovate. We work together to drive continuous improvement to enhance your experience.
  
  

Want to learn more about careers with Bravera? Go to bravera.bank/careers.

#ForgeYourPath with us! Find us on Facebook, Instagram, X, LinkedIn, Youtube, and Tik Tok.

Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities.

The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing or action, including an investigation conducted by the employer or (c) consistent with the contractor’s legal duty to furnish information. 41 CFR 60-1.35(c).