H

Cybersecurity Analyst

Job Description - Cybersecurity Analyst



Full-time


Description

Position Summary

The Cybersecurity Analyst is responsible for protecting the bank's information assets, systems, and data through proactive threat analysis, security operations, and compliance with applicable regulatory and industry frameworks. This role serves as a key contributor to Heritage Bank's information security program, with ownership of information security management alignment, AI security governance, and continuous monitoring. Working closely with the VP of Information Technology and in close partnership with the Network Security Engineer, this position ensures the confidentiality, integrity, and availability of bank systems while fostering a culture of security awareness across the organization.

Core Responsibilities

Security Operations & Threat Management

  • Monitor SIEM systems and alert on anomalies, threats, and policy violations
  • Define detection rules and policies for IDS/IPS; own EDR and email security controls
  • Own the vulnerability management program: coordinate assessments, assign risk ratings, and track remediation with the Network Security Engineer
  • Perform threat intelligence analysis and translate findings into defensive action
  • Lead security analysis and forensic response during incidents; coordinate network-level containment with the Network Security Engineer
  • Define patching strategy and standards; partner with the Network Security Engineer on execution

Information Security Management & Regulatory Compliance

  • Own alignment to information security management standards and best practices
  • Maintain the ISMS including risk register, statement of applicability, and control documentation
  • Coordinate internal audits and gap analyses against applicable cybersecurity frameworks and FFIEC guidance
  • Support regulatory examinations; prepare and present security posture documentation
  • Develop and maintain security policies, standards, and procedures
  • Govern access control policies and conduct privilege access reviews with the Network Security Engineer

AI Security & Emerging Technology Risk

  • Develop and maintain the bank's AI security framework, governing the secure adoption and use of AI/ML tools and platforms
  • Assess risks associated with generative AI, third-party AI integrations, and internal AI-assisted workflows
  • Define controls for AI model governance including data privacy, bias risk, adversarial inputs, and output integrity
  • Evaluate AI vendor security practices and ensure appropriate contractual and technical safeguards are in place
  • Monitor the evolving AI threat landscape and provide guidance on emerging risks to leadership
  • Partner with business units to establish acceptable use policies for AI tools in alignment with bank risk appetite

Security Awareness & Training

  • Design and deliver ongoing security awareness training for all bank staff, including phishing simulations
  • Serve as a subject matter expert for staff on cybersecurity best practices and emerging threats
  • Promote a security-first culture in alignment with Heritage Bank's values

Third-Party & Vendor Risk

  • Conduct cybersecurity due diligence on third-party vendors and technology providers
  • Review vendor security assessments (SOC 2, penetration tests, questionnaires) and escalate gaps
  • Provide cybersecurity risk assessments to inform vendor onboarding decisions; collaborate with procurement and the Network Security Engineer on ongoing third-party risk monitoring

Documentation & Reporting

  • Maintain accurate security documentation including risk registers, incident logs, and audit evidence
  • Produce regular cybersecurity metrics and reporting for IT leadership and senior management
  • Define security requirements for disaster recovery and business continuity plans; support testing and validation in partnership with the Network Security Engineer

Bank Standards

At Heritage Bank, we are committed to a customer-centric, service-driven culture. We operate under the following core standards:

  • Mission: Help people succeed financially.
  • Ethics: Always do the right thing. 
  • Solutions: Bring innovative solutions to challenges. 
  • Ownership: Take accountability and learn from our mistakes. 
  • Positivity: Bring energy and enthusiasm to everything we do. 

Compensation & Benefits

Get ready to be rewarded! Full-time team members enjoy a comprehensive benefits package including paid time off, paid holidays, and even paid volunteer days. Your health is covered with medical, dental, and vision insurance, plus plan for your future with our 401(k) and ESOP retirement plans. Enjoy additional benefits and incentives consistent with our company policy. Join us and discover how rewarding your career can be!

Disclaimer

This job description outlines the general nature of the role and is not intended to be all-inclusive. Duties, responsibilities, and benefits may change as business needs evolve. Employment is at will, meaning either the employee or the Company may end the employment relationship at any time, consistent with applicable law.  

We are an Equal Opportunity Employer and value diversity at all levels of the organization.


Requirements

Education & Experience

  • Bachelor’s degree in Information Technology, Computer Science, Cybersecurity or related field (or equivalent experience) 
  • 5+ years of experience in: network engineering, IT infrastructure or cybersecurity operations. Preferably in financial services or a regulated industry. 

Technical Skills

  • Strong knowledge of routing and switching (Cisco, Aruba, or similar) 
  • Experience with firewalls (e.g., Fortinet, Palo Alto, Cisco ASA) 
  • Familiarity with VPNs, VLANs, QoS, and network segmentation 
  • Understanding of cloud networking (Azure/AWS)
  • Knowledge of cybersecurity principles and frameworks 

Key Competencies

  • Strong problem-solving and analytical skills 
  • Ability to work independently and manage multiple priorities 
  • Excellent communication skills for both technical and non-technical stakeholders 
  • High attention to detail and commitment to security and compliance 
  • Proactive mindset with a focus on continuous improvement 

Work Environment & Expectations

  • On-call availability for critical incidents and maintenance windows 
  • Occasional travel to branch locations 
  • Ability to work in a fast-paced, highly regulated environment 

Original job Cybersecurity Analyst posted on GrabJobs ©. To flag any issues with this job please use the Report Job button on GrabJobs.
Share Job
Share Job

Similar Cybersecurity Analyst Jobs in the US

GrabJobs is the no1 job portal in the US, connecting you to thousands of jobs fast! Find the best jobs in the US, apply in 1 click and get a job today!

Mobile Apps

Copyright © 2026 Grabjobs Pte.Ltd. All Rights Reserved.