IT Information Security Operation Analyst

About the Role

We are seeking a seasoned Senior IT Information Security Operations Specialist for a leading international banking institute in New York City. This role demands a strategic thinker with comprehensive knowledge of information security practices and a proven track record of executing and maintaining security operations in a fast-paced, regulated environment. The ideal candidate will have 5-10 years of experience within the banking industry. Fluency in both English and Mandarin is highly desired to facilitate seamless communication across global teams.

Key Responsibilities

• Lead and Manage Security Operations:
  

  • Oversee day-to-day security operations, including monitoring, incident response, vulnerability management, and security assessments.
    
  • Manage and optimize security tools and technologies such as firewalls, IDS/IPS, SIEM systems, antivirus solutions, and encryption protocols.
    

• Regulatory Compliance:
  

  • Ensure compliance with federal and state regulatory requirements (e.g., FFIEC, GLBA, NYDFS, PCI-DSS, GDPR).
    
  • Prepare and present audit and compliance reports to internal and external stakeholders.
    

• Network and Infrastructure Security:
  

  • Design and implement security strategies for network, cloud, and endpoint protection.
    
  • Conduct security audits and penetration testing to identify and mitigate risks.
    

• Backup and Patch Management:
  

  • Manage backup and disaster recovery solutions to ensure data integrity and availability.
    
  • Oversee patch management to address vulnerabilities promptly.
    

• Risk Assessment and Mitigation:
  

  • Perform IT risk assessments, identify vulnerabilities, and develop mitigation plans.
    
  • Collaborate with IT and business teams to ensure security measures align with business objectives.
    

• Collaboration and Communication:
  

  • Work closely with internal IT teams, business units, and external partners to implement security policies and procedures.
    
  • Communicate security risks and action plans effectively to both technical and non-technical audiences.
    

• Continuous Improvement:
  

  • Stay updated on emerging security threats and best practices.
    
  • Recommend and implement enhancements to strengthen the security posture.
    

Required Qualifications

• Experience: 5-10 years of IT security experience within the banking industry.
  
• Education: Bachelor’s degree in Information Security, Computer Science, or a related field. Advanced certifications such as CISSP, CISM, or CISA are preferred.
  
• Regulatory Knowledge: Strong understanding of federal and state regulatory requirements affecting the banking sector.
  
• Technical Expertise:
  • Proven experience in network security, backup solutions, patch management, and IT risk assessments.
    
  • Hands-on experience with security tools like firewalls, SIEM, IDS/IPS, DLP, and antivirus systems.
    
• Languages: Fluency in both English and Mandarin is highly desired.
  
• Communication Skills: Excellent verbal and written communication skills with the ability to interact with diverse teams globally.
  
• Certifications: Security certifications such as CISSP, CISM, CEH, or similar are a plus.
  

Key Competencies

• Strategic thinking and problem-solving skills.
  
• Ability to work independently and lead cross-functional teams.
  
• Strong organizational skills and attention to detail.
  
• Ability to manage multiple projects and prioritize effectively.