Information Security Analyst - Cyber Resilience

This role is responsible for the daily operations and enhancement of programs and disciplines aligned with Trustmark's cyber resilience efforts. Candidate's for this role will be responsible for ensuring timely response to cyber incidents and disasters and tracking these issues through remediation in compliance with corporate policies. Cyber Resilience analysts ensure Business Units have plans in place to deal with sustained outages impacting critical banking applications.

This position may be filled as a Level I, II or III. Additional responsibilities and qualifications apply.

Assist with coordination and documentation of incidents
• Assist with conducting Business Impact Assessments and Continuity Plan development
• Review vendor risk questionnaires for adherence to cybersecurity best practices
• Conduct reviews of Insider Threat alerts and escalate to senior team members as necessary
• Development and maintenance of Information Security Policy and Standards for Trustmark
• Responsible for capturing KPIs associated with the Cyber Resilience team.
• Responsible for periodically requesting information and meeting with lines of business to review information Security risks.
• Assist in the coordination and documentation of responses to both internal and external audits involving Cyber Resilience
• Assist with research of information security issues, documentation, and reporting
• Perform Additional duties as assigned

Level II Additional Responsbilities:

• Development and maintenance of Information Security Policy and Standards for Trustmark
• Responsible for capturing KPIs associated with the Cyber Resilience team.
• Responsible for periodically requesting information and meeting with lines of business to review information Security risks.
• Lead the coordination and documentation of responses to both internal and external audits involving Cyber Resilience
• Research of information security issues, documentation, and reporting
• Perform Additional duties as assigned.

Level III Additional Responsibilities:

• Responsible overseeing Information Security reporting to senior management, including assisting the management team with creating the required Annual Information Security Report to the designated Board Committee
• Responsible for completing large scale changes to cyber resilience related policies and standards
• Responsible for proactively monitoring incidents throughout their lifecycle and coordinating the implementation of enhancements to the incident response process.
• Provides a forum for review, counsel, education and communication of Information Security Policies and Standards to all personnel
• Responsible for leading in the research and review of security incidents

Information Security Analyst I - Cyber Resilience Qualifications:

• Bachelor's Degree or 3 years of equivalent work experience in related Information Technology or Information Security required
• General knowledge of Federal Regulations, relative to incident reporting timelines
• Knowledge and work experience in Incident Response
• General knowledge of Business Continuity & Disaster Recovery best practices.
• General knowledge and experience developing and implementing policy and standards
• General knowledge of network infrastructure, client/server policies, and operating systems
• Oral communication skills
• Report writing skills with creating/maintaining information security policy and management reports
• Detail oriented
• Analytical skills
• Organizational skills
• Independent judgment
• Relevant industry certifications preferred
• Work experience and knowledge of End User Computing systems preferred
• Work experience in banking preferred

Information Security Analyst II - Cyber Resilience Qualifications:

• Bachelor's degree and 4 years of equivalent work experience in related Information Technology or Information Security
• Work experience and knowledge of End User Computing systems
• Work experience in conducting Business Impact Assessments
• Extensive experience in conducting cyber investigations and forensic analysis
• Comprehensive knowledge of Federal Regulations, relative to Information Security Risk Assessments
• Knowledge and work experience in Information Technology
• Broad knowledge of network infrastructure, client/server policies, and operating systems
• Advanced knowledge of Microsoft Suite tools
• General understanding of Information Security tools related to Information Security Functions (DLP, PAM, IAM, etc.)
• Master's degree in relevant field preferred
• Policy writing / management reporting experience preferred
• Security certifications (CISSP, CISA, CRISC, CISM, etc.) preferred

Information Security Analyst III - Cyber Resilience Qualifications:

• Bachelor's degree in a related field and at least 6 years of Information Security specific experience required
• Experience in policy creation and maintenance writing
• Work experience and knowledge of Network devices
• Knowledge and experience developing and implementing policy and standards
• Specific knowledge of various regulations governing security of customer information and in particular the Interagency Guidelines Establishing Standards for the Safeguarding Customer Information
• Writing skills involved with creating/maintaining information security policy and procedure
• Extensive knowledge of Microsoft Office (Word, Excel, PowerPoint, etc.)
• Extensive knowledge or experience (or training) in Risk Assessment processes

Physical Requirements/Working Conditions: Must be able to sit for long periods of time and use computer keyboard and/or mouse, while viewing computer screens.

Note: This is a brief description of this position and is not limited to those described herein. Management retains the right to add, delete or modify any of these responsibilities at any time during employment.

Trustmark Bank does not accept unsolicited resumes from agencies and/or search firms for any job postings on this site. Resumes submitted to any Trustmark Bank employee by a third-party agency and/or search firm without a valid, written search agreement signed by Trustmark, will become the sole property of Trustmark Bank. No fee will be paid if a candidate is hired for a position as a result of an unsolicited agency or search firm referral.