FUNCTION: Responsible for the daily supervision, execution, and effectiveness of the Bank’s Information Security Program the InfoSec team is responsible for a variety of functions in support of Risk Management’s mission to protect the confidentiality, integrity and availability of Bank assets and information. This is accomplished by identifying the assets and their associated threats, and by minimizing risks through the application of preventive, detective, and corrective controls.

　　Accountabilities

　　Monitors Bank security systems for alerts and conducts appropriate investigations to their conclusion.

　　Monitors Bank systems (Operations, IT, etc) for anomalies and conducts appropriate investigations to their conclusion.

　　Develops standards, procedures, and documentation for information security policies, systems, and practices.

　　Assists in overseeing the Bank’s Vulnerability Management Program

　　Assists in overseeing the Bank’s Data Loss Prevention Program

　　Assists in overseeing the Bank’s Phishing Prevention Program

　　Assists in the facilitation of system risk assessments.

　　Provides guidance to Bank departments on maintaining compliance with information security policies.

　　Identifies direct non-compliance or general weaknesses the Bank’s information security posture and provides recommendations on improvements.

　　Participates in the Bank’s Incident Response and Forensics Program.

　　Stays current on Cyber and Information security trends and news.

　　Makes an effort to continue their education in the Cyber and Information security field.

　　Intentionally socializes with Bank personnel to ensure the Information Security department is a welcoming presence within the Bank.

　　General

　　Interacts harmoniously and effectively with others, focusing upon the attainment of bank goals and objectives through a commitment to teamwork.

　　Assists in ensuring that the Bank is in compliance with local, state and federal regulations.

　　Conforms to acceptable punctuality/attendance standards as expressed in the Employee Handbook

　　Must be able to work in a fast-paced environment with demonstrated ability to juggle multiple competing tasks and demands.

　　Skills/Knowledge

　　College Degree or equivalent in education and work experience required.

　　InfoSec, I.T, and/or Risk Management experience, preferably in the Banking industry.

　　Strong analytical skills and ability to handle complex problems required.

　　Strong written and verbal communication skills required.

　　Knowledge in GLBA, PCI, FACTA regulations preferred.

　　Strong understanding of security tools (DLP, Stateful Firewalls, IDS/IPS, EDR) required.

　　Strong understanding of networking protocols preferred.

　　Strong understanding of Windows and Linux operating systems and their management solutions preferred.

　　Knowledge in the AS/400 operating system preferred.

　　Levels

　　Level I will be proactively training towards gaining sufficient knowledge in the processes and accountabilities associated with the position . May have little to no experience in the Information and Cybersecurity industries.

　　Level II will be fully proficient in all, or nearly all, processes associated with the position, and be able to operate with minimal supervision or assistance. May have several years of experience in the Information and Cybersecurity industries.

　　Level III/Lead will have a detailed understanding of job specific processes, will routinely work with highly complex or detailed problems, will proactively assist with projects and identifying process improvements.

　　Physical Demands/Conditions Requirements:

　　General office environment. Moderate lifting (to 35 lbs.) required. Moderate reaching, walking, sitting and standing required.Equipment Used:

　　General office equipment.External and internal applicants, as well as position incumbents who become disabled must be able to perform the essential functions (as listed) either unaided or with the assistance of a reasonable accommodation to be determined by management on an individual basis.

　　At Bangor Savings, we understand the importance of continuing to nurture an internal culture of excellence for each of our employees. We offer internal and external training to assist our employees in realizing their career aspirations including internships, lateral training, management training, and tuition reimbursement.

　　We also offer a unique set of benefits designed to support our employees in living their best life and achieving their goals. Our holistic health and wellness programs allows each employee to customize their approach to well-being. And our pay, rewards, recognition, and incentive programs ensure that they are well-compensated for a job well-done.

　　At Bangor Savings Bank, the work our employees do each and every day allows us to deliver on our promise to make a difference in the lives of people in New England in a way that really matters.

　　Bangor Savings Bank provides equal employment opportunities to all applicants and employees without regard to race, color, religion, gender, sexual orientation, age, national origin or any other class protected under state or federal law and affirmatively seeks to advance the principals of equal employment opportunity. In addition, the Bank is committed to providing equal employment opportunities to qualified persons with disability, veterans, and/or disabled veterans. No question on this application is intended to secure information to be used for such discrimination, this application will be given every consideration, but its receipt does not imply that the applicant will be employed. This application will remain active for a period of 90 days. If, after such time, you still wish to be considered for employment, you must reapply. Bangor Savings Bank does provide workers compensation coverage for employees injured on the job. It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability.