From its humble beginnings since its founding in 2001, Westfield Bank has become one of the leading financial institutions in Northeast Ohio. With a Five-Star Superior rating from BauerFinancial, the bank provides comprehensive personal, business, and agency banking products and services. Supported by Westfield Insurance, one of the nation’s 50 largest property and casualty insurance groups, Westfield Bank has grown to manage more than $1 billion in assets. The group’s motto is “Sharing Knowledge. Building Trust.” – a message and commitment lived out each day by employees across the country. The center of the bank’s business model revolves not around profits or numbers, but through personal relationships and close contact with its customers. All Westfield companies stress the importance of hiring quality employees, as well as developing them and empowering each employee to be the best they can be, both in their work and in their life. As an employee of Westfield Bank, you will have the opportunity to not only create peace of mind for our customers, but to grow your career in one of the best workplaces in Northeast Ohio. Information Security Risk Analyst Job Summary
The Information Security Risk Analyst, working under minimal supervision, will support the Bank’s information security risk management process to ensure information and assets are adequately protected. The Information Security Risk Analyst will identify, develop, implement, and maintain controls and processes across the Bank to mitigate the risk of internal and external threats to information assets and technologies. This role will be a critical contributor to the Bank’s information security incident response program, the Information Security Oversight Committee (ISOC) activities, and will help establish appropriate standards and controls in accordance with established policies and procedures.
Essential Functions (primary functions and/or reasons the job exists in order of importance)1. Identifies and monitors information security risk in accordance with FFIEC guidance by performing logical/physical risk assessments, including the identification and evaluation of potential threats and vulnerabilities that could impact the Bank’s information, applications or infrastructure and recommends mitigating controls to reduce the Bank’s risk profile in regards to confidentiality, availaibility and integrity of information assets.2. Serves as a key member of the Bank’s information security incident response program, including assisting with the facilitation of exercises and tabletops to validate and improve the performance of the information security incident response plans and processes. 3. Collaborates with IT to respond to incidents identified through IT monitoring and identification of intrusion attempts.4. Helps coordinate and collaborate on periodic systems vulnerability assessmentsincluding those related to social engineering.5. Investigates and reports information security related risk incidents and potential suspicious or fraudulent activity to the BSA Officer. Assists with case investigations as necessary. 6. Promotes information security awareness through education programs or campaigns. Assists with or leads training activities that promote the information security program and the security incident response process to all levels of the organization.7. Works proactively to establish and maintain good working relationships with the Bank’s internal/external IT teams and service providers to ensure compliance with all requirements and to maximize service provider relationships. 8. Identifies and tracks metrics and scorecards that represent the current state of the Bank’s information security program based on expectations determined by the Information Security Oversight Committee (ISOC).9. Provides assistance to internal and external auditors/examiners for information security related audits and findings.10. Serves as a key member of ISOC and works with the Information Security Officer (ISO) to set the ISOC agenda.11. Participates in activities with the Legal Department involving e-discovery data collection tasks, coordinating information security investigations, coordinating computer forensics activities and the organization and presentation of electronic forms of evidence. 12. Contributes to the development of policies or procedures in collaboration with the ISO, Risk Management and Compliance Officer, General Counsel, and BSA Officer, particularly when there are changes in the legal or regulatory environment. 13. Maintains awareness, understanding and compliance with the Bank’s internal policies and procedures, laws and regulations appropriate for this position.
Desired Qualifications/Experience/Certification/Education (in order of importance)1. 5 or more years of demonstrated information security experience. 2. Certification in one or more of the following; Certified Information Systems Security Professional (CISSP), Certified Information Secuity Manager (CISM), Certified Information Security Auditor (CISA), or other equivalent certifications. 3. Understanding of current information security techniques and technologies as well as the methods used in performing risk analyses and assessments. 4. Bachelor’s Degree in Computer Science, Information Systems or related technical field or commensurate experience.5. Skill with office automation tools including the Microsoft Suite of Tools6. Excellent oral, written and interpersonal skills, resulting in the ability to interact with all levels of management, employee population, and vendors.7. Ability to understand and communicate effectively with executive and senior leadership regarding regulatory expectaions associated with with information security requirements8. Ability to provide after hours/ weekend support on a required rotational basis. 9. Valid driver’s license and a driving record that conforms to company standards.
Physical Requirements (specific to the role) The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. • Ability to work effectively in an office environment for 40+ hours per week (including sitting, standing and working on a computer for extended periods of time).• Ability to communicate effectively in a collaborative work environment utilizing various technologies such as: telephone, computer, web, voice, teleconferencing, e-mail, etc.• Ability to respond to emergency service calls at any time outside of normally assigned work hours.• Ability to travel as required.
This job description describes the general nature and level of work performed in this role. It is not intended to be an exhaustive list of all duties, skills, responsibilities, knowledge, etc. These may be subject to change and additional functions may be assigned as needed by management. Westfield offers a Total Rewards program that focuses on compensation, benefits, and wellness and includes perks like 401(k), pension plan, annual incentive, education reimbursement, onsite fitness center and casual dress. Work-life balance, recognition, and learning and career development are all part of a rewarding career with Westfield Bank. To learn more about Westfield Bank and the opportunities available, please visit us at westfield-bank.com.
We are an equal opportunity employer/minority/female/disability/protected veteran.