Location: Mineola, NY
About Us:
Hanover Bank– When you love your work and the people you work with, careers are made!
Embracing diversity, valuing inclusion and showing respect are the foundation upon which we build our team. At Hanover Bank, inclusion means respecting personal beliefs and appreciating that we all have perspectives that matter. We are stronger together as we move toward a shared vision of personal and corporate growth.
Whether you are just starting out or a seasoned professional, working for Hanover Bank can launch you on a path to success. With a passion for excellence, we strive to deliver exceptional service to our clients, foster a positive impact in the communities in which we work and live and help our team members achieve their professional goals.
When you work with us you are empowered, engaged and encouraged to collaborate because every voice matters, every person counts!
Job Summary:
Hanover Bank is looking for a full-time Information Security Analyst to join our team.
Job Duties & Responsibilities
- Program Maintenance: Assist the ISO/ISM in developing and maintaining an Information Security Program aligned with GLBA, FDICIA, SOX, FFIEC, FACTA, and the NYDFS 23 NYCRR 500.
- Regulatory Monitoring: Stay current on global and regional financial regulations and technology trends to ensure proactive compliance and program evolution.
- Audit Management: Serve as a point of contact for internal and external audits, ensuring timely and accurate responses to all requests.
- Enterprise Assessments: Develop and maintain security risk assessments that evaluate inherent risks, control effectiveness, and residual risk levels.
- Asset Management: Implement and maintain a comprehensive, documented information system asset inventory as required by 2025 NYDFS updates.
- Vendor and Project Risk: Evaluate security controls during vendor selection (Third-Party Risk Management) and consult on new product development to ensure "security by design".
- Data Classification: Partner with various business units to classify data according to sensitivity and ensure appropriate handling protocols.
- Threat Detection: Maintain and tune security tools to monitor for vulnerabilities and potential breaches, providing real-time alerting for the Bank's network.
- Access Control: Administer identity and access management (IAM) protocols, including the enforcement of Multi-Factor Authentication (MFA) and regular reviews of privileged access.
- Remediation: Collaborate with Information Technology teams to remediate identified security issues and review technical changes for adherence to best practices.
- Incident Management: Coordinate incident response planning, including the development of alerting and escalation procedures and managing the response to active security events.
- Business Resilience: Manage and oversee the Bank’s Business Continuity Plan (BCP) and Disaster Recovery (DR) program, including leading annual Business Impact Analyses (BIA) and recovery testing.
- Security Education: Handle the execution of the security awareness program by creating educational content, conducting phishing simulations, and delivering presentations on employee obligations.
- Strategic Reporting: Produce security KPI metrics and trend analysis reports for management to demonstrate the current state of the Bank's security posture.
Professional Requirements:
Education
- Bachelor’s Degree: Required in Computer Science, Cybersecurity, Information Technology, or a related technical field. Equivalent professional experience may be considered.
Certifications
- Foundational (Required): Must possess or be actively working toward a foundational security certification such as CompTIA Security+, ISC2 Certified in Cybersecurity (CC), or SSCP.
- Advanced (Preferred): Possession of, or eligibility for, advanced certifications such as CISSP (Associate status acceptable), CRISC, or CISA is highly desirable.
Experience
- Minimum Experience: 1–3 years of experience in information security, IT auditing, or network administration, preferably within the financial services sector
- Technical Proficiency: Demonstrated experience with security technologies (firewalls, IDS/IPS, SIEM, EDR) and a solid understanding of GRC (Governance, Risk, and Compliance) frameworks
Skills and Abilities:
- Communication Skills: Strong interpersonal skills with the ability to effectively communicate complex technical concepts to non-technical stakeholders (e.g., Board members, employees).
- Analytical Abilities: Excellent problem-solving, analytical skills, and detail-oriented approach to all tasks.
- Technical Proficiency: Strong technical knowledge across core security domains:
- Infrastructure: Network security, cloud security, and endpoint protection.
- Operations: Security Information and Event Management (SIEM) and Security Operations Center (SOC) systems.
- Development: Application security principles.
- Adaptability: Ability to adapt to evolving information technology and threat landscapes.
- GRC Capabilities: Proven ability to perform vendor and system cybersecurity risk assessments.
- Program Management:
- Experience running information security awareness and training programs.
- Experience planning and coordinating business continuity and disaster recovery tests.
- Time Management: Ability to prioritize and execute tasks efficiently within required time frames.
Our Benefits:
Health & Wellness Benefits
· Medical, Dental, and Vision insurance (with HSA, FSA, and Commuter Benefits options)
· Company-paid Life Insurance and Accidental Death & Dismemberment (AD&D)
· Company-paid Long-Term Disability Insurance
Voluntary Benefits
· Additional Life and AD&D Insurance for employee, spouse, and dependents
· Voluntary Short-Term Disability Insurance
· Pet Insurance
· Legal Services Plan
· Accident Insurance
· Hospital Indemnity Insurance
· Cancer Care Insurance
Retirement
· 401(k) Plan with Company Match
Time Off & Recognition
· Paid Personal Time Off (PTO)
· Paid Company Holidays
· Annual Performance Bonuses
· Annual Salary Increases
Employee Engagement
· Company-sponsored Events
· Employee Contests and Recognition Programs
*As a part-time employee, you may not be eligible for all of the above benefits. (include this if it is a part-time position).
Hourly Rate: $38-42/ hour; placement within this range will vary based on experience and skill level.
Hanover Bank is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender, national origin, disability or protected veteran status.