IT Security Analyst

At Community Financial System, Inc. (CFSI), we are dedicated to providing our customers with friendly, personalized, high-quality financial services and products. Our retail division, Community Bank, N.A., operates more than 200 customer facilities across Upstate New York, Northeastern Pennsylvania, Vermont and Western Massachusetts. Beyond retail banking, we also offer commercial banking, wealth management, investment management, insurance and risk management, and benefit plan administration.

Just as our employees are committed to helping our customers manage their finances, we're committed to our employees. After all, they make it happen for our customers every day.

To ensure our people can enjoy long and successful careers here at CFSI, we offer competitive compensation, great benefits, and professional development and advancement opportunities. As an equal-opportunity workplace and affirmative-action employer, we celebrate and support a diverse workplace for the benefit of all: our employees, customers and communities.

The function of this position is to independently analyze, design, and implement information security solutions to protect organizational assets. Exercise discretion and independent judgment in evaluating security risks, developing protocols, and making recommendations to management regarding security strategy and incident response. This may include but is not limited to log review, user requests, procedure creation, network scanning, security application oversight, vendor security reviews, project management, security alert investigations, risk analysis and incident response.

Essential Responsibilities:

• Conduct independent risk assessments and vulnerability of PCs, Servers, Network and endpoint systems. Develop and implement remediation strategies and report findings directly to management, as assigned.
• Assist in the vendor security and user access review processes.
• Support vendor security reviews and the user access provisioning/deprovisioning process.
• Monitor, analyze and respond to submissions to the phishing mailbox for analysis and escalate when needed.
• Advise management on emerging security threats and recommend technology solutions to mitigate risks. Provide backup for other members of the department to help fulfil their responsibilities including log review/analysis, application support, project follow-ups, etc.
• Utilize Information Security test environment to investigate suspicious emails/files as assigned.
• Monitor network traffic and security alerts, investigate anomalies, and escalate incident response concerns as needed.
• Assist with security incident investigations, root cause, and recommend corrective actions when applicable.
• On-going responsibility to support and assist members of the department and IT in virus/malware detection and prevention efforts.
• Participate in Audit and Regulatory reviews providing analysis and recommendations, as assigned.
• Manage and/or participate in IT/Information Security projects, as assigned.
• Identify opportunities for process improvement and automation, leveraging AI and other technologies to enhance department efficiency.
• Document and verify compliance of department procedures.
• Review Endpoint Security System activity and investigate as necessary.
• Participate in the rotation of team operational duties.
• Participate in the on-call rotation for after-hours support (evening, nights, weekends, holidays)
• Maintain proficient knowledge of and demonstrate ongoing compliance with all laws and regulations applicable to this position, ensure ongoing adherence to pertinent policies, procedures, and internal controls, and meet all job-specific training requirements in a timely fashion.
• Develop a training routine for your ongoing professional development (i.e. online training, conferences, certifications).
• Maintain proficiency in AI related technologies and assist members of the team with identifying how they can be applied to the department and company with a focus on efficiency and automation.
• Analyzing and evaluating security risks and recommending technical and procedural controls.
• Participating in the development and modification of security programs and configurations.

Ancillary Duties:

As an integral member of the Risk Department, this position is also responsible to provide assistance wherever necessary to help the department and the bank in achieving their goals.

Education/Training:

• Bachelor's Degree required in Information Security, Cybersecurity, Information Technology or equivalent experience

Skills:

• Strong reading, writing, mathematics and analytical skills. Excellent interpersonal and communication skills. Exceptional decision-making skills, demonstrating a high level of judgement and autonomy in daily responsibilities. Knowledge of current corporate network systems and their related security administration. Ability to work independently and collaboratively in a team environment with minimal supervision.

Experience:

• 1+ years Information Security / Cybersecurity Experience or
• 3+ years Information Technology Experience with Security focus
• Financial Industry Experience is desired but not required

Hours: Fill In hours/week

Compensation: Commensurate with experience plus potential for annual merit increase. In addition to your competitive salary, you will be rewarded benefits including: 11 paid holidays, paid vacation, Medical, Vision & Dental insurance, 401K with generous match, Pension, Tuition Reimbursement, Banking discounts and the list goes on!

Physical Requirements:

The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. While performing the duties of this job, the employee may be required to stand, walk or sit. Use hands and fingers, handle or feel, reach with hands or arms, and speak and hear. The employee may occasionally be required to lift and or move up to 25 pounds. Specific vision abilities required by this job include close vision, and the ability to focus.

The Company is an Affirmative Action, Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex (including pregnancy, sexual orientation and gender identity), national origin, citizenship status, age, disability, genetic information, veteran status, or any other characteristic protected by applicable federal, state or local law.

The Company will make reasonable accommodations for qualified individuals with a disability. If you have a physical or mental impairment and would like to request an accommodation with respect to the application process, please contact the Human Resources Department.