IT Information Security Analyst II
Job LocationSilver Spring, MD
Eagle Bancorp, Inc. headquartered in Bethesda, MD, was incorporated in 1997 to serve as the bank holding company for EagleBank. Eagle Bancorp is a publicly traded company under the symbol EGBN. EagleBank commenced banking operations on July 20, 1998, and currently operates 20 banking offices: six in Suburban, Maryland, five located in the District of Columbia; and nine in Northern Virginia. The Bank was founded to specifically address the business and personal needs of local business owners. It has been answering and exceeding those needs for over 20 years, providing custom financial solutions, local access to senior management, quick response, local decision-making, and a deeply-rooted dedication to the local community.
Our Mission is to be the most respected and profitable community bank by putting relationships first to the delight of our customers, employees, and shareholders, and relentlessly deliver the most compelling service and value. Eagle Bank’s Values are: Relationships F·I·R·S·T: Flexible, Involved, Responsive, Strong, and Trusted.
The Information Security Analyst II is responsible for the monitoring, analyzing and maintaining EagleBank’s technical security controls in support of EagleBank’s Information Security Program. This role will be focused on performing advanced triage and detail analysis of security events of EagleBank’s technology environments and integrating risk-based threat intelligence into the operational environment. The role also supports the ability to maintain assurance in our technical security controls so that risks to the confidentiality, integrity and availability of EagleBank’s information systems and infrastructure are sufficiently mitigated which in turn, supports the bank’s operational goals. Assists with end user support as needed and assists other information security analysts.
MAJOR DUTIES AND RESPONSIBILITIES:
- Advanced monitoring of the day-to-day operation of Security Information and Event Management (SIEM) and Network Anomaly Detection and other security control tools. Provides input into the daily security SOC report.
- Works on alerts assigned to the Eagle Bank Security Team from our outsourced managed SEIM monitoring provider as a Tier-2 advanced support person and on ServiceNow tickets sent to the security helpdesk.
- Ensures effective network monitoring, log management and log analysis from a variety of network sensors to investigate suspect network activity.
- Interprets raw network traffic (e.g. packet capture) and determining whether activity is legitimate.
- Provides technical security assistance to junior analysts and work jointly with engineers, where required.
- Assist in operating all technical security systems and their corresponding or associated user/analyst interfaces, including web proxy filtering systems, host and client based firewalls, intrusion detection/prevention systems, endpoint security systems, ant-malware and anti-virus software to monitor network activity.
- Conducts investigations and prepares comprehensive reports with timely escalations to Network or Security Engineer, for review.
- Remain informed on trends and issues in the security industry, including current and emerging technologies.
- Bachelor’s degree in Computer Science or Information Systems, Information Technology or related focused technical training or in lieu 4 additional years of engineering and project management experience.
- 4 year of related experience in Information Security, with at least 2 years of Security Engineering or Security Administration preferred.
- Familiarity with security tools (Vulnerability Management, SIEM, Endpoint Security, Web proxies, etc.)
- 6 years of Security Engineering or Security Administration preferred
- Familiarity with security tools (Application Security, Pen Testing, Network Anomaly Detection, email gateway, etc.)
Required Certifications, Licenses or systems needed:
- CompTIA Security+
- One of the following:
- SANS GIAC Certifications
- GISF: GIAC Information Security Fundamentals
- GSEC: GIAC Security Essentials Certification
- GOEC: GIAC Operations Essentials Certification
- Certified Network Defender (CND) or Ethical Hacker (CEH)
Preferred Certifications, Licenses or systems:
One or more of the following certifications (or equivalent) in addition to the above preferred:
- SANS GIAC Certifications such as
- GPPA: GIAC Certified Perimeter Protection Analyst
- GCIH: GIAC Certified Incident Handler
- GPEN: GIAC Penetration Teste
- Cisco Certified Network Associate Security (CCNA Security)
- Certified Network Defender (CND) or Ethical Hacker (CEH) or Certified SOC Analyst (CSA)
Required Knowledge & Skills:
- Knowledge of TCP/IP networking: networking topology, protocols and services.
- Advanced Knowledge of Microsoft and Linux operating systems.
- Knowledge of security best practice standards such as the Center for Internet Security (CIS) Top 20 Critical Security Controls or equivalent.
- Knowledge of SEIM tools like LogRythmn, vulnerability management tools like Rapid7 Nexpose or equivalent.
- Good working knowledge of Microsoft Office applications and other software applications as required.
- Broad knowledge of computer networking technology.
Preferred Knowledge & Skills:
- Knowledge and experience of Unified Threat Management, SIEM technologies, Virtualization, Windows Desktop and Server operating systems, firewall technologies, application layer security controls, and IDS/IPS technologies.
- Knowledge of NBA or UEBA tools.
- Familiarity with security best practice standards such as the ISO27001, PCI-DSS, FFIEC Regulatory Cybersecurity Standards, FIPS, ITIL and COBIT or equivalent.
- Knowledge of security best practice standards such as the NIST Cyber security Framework or equivalent.
OTHER JOB REQUIREMENTS:
- Ability to work extended hours, when necessary, to support operational requirements.
- Availability for participation in on-call rotation.