COMPANY DESCRIPTION: Forbright is a nationwide full-service bank and lender helping accelerate the transition to a sustainable and low-carbon economy. Headquartered in Chevy Chase, Maryland, Forbright is committed to accelerating the transition to a sustainable economy by financing visionary leader in clean energy, healthcare, technology, financial services, real estate, and other industries with extraordinary service.
COMPANY CULTURE: We are a dynamic, high energy, fun, and fast-paced organization that has an exciting growth trajectory, meaningful mission, and embedded responsible environmental, social, and governance (ESG) practices into our daily interactions. We offer our team members a culture of collaboration, inclusion, flexibility, recognition, and giving back. We look to hire individuals that are passionate about our mission, and who are motivated, customer and results-oriented, innovative, adaptable, and thoughtful.
COMPANY MISSION: We are a mission-driven institution. We operate a sound dynamic institution that is well capitalized, liquid, profitable and uses best practices to manage risk and assure compliance with laws and regulations. We use Forbright’s capital, capabilities, innovation, and expertise to help our clients succeed and contribute broadly to building a more sustainable future.
JOB SUMMARY: The Senior Information Security Analyst is responsible for supporting the Bank's security operations, including but not limited to threat identification, intrusion detection, digital forensics, incident response, and the design, implementation, and maintenance of enterprise-wide on-premise and cloud-based security solutions. The role provides technical analysis, assessment, and recommendations in security situational awareness, operational, network, and applications systems security monitoring, and vulnerability management.
DUTIES AND RESPONSIBILITIES:

• Design and architect secure systems, networks, and applications to protect against cyber threats
• Evaluate and recommend security technologies and tools to enhance the organization's security posture
• Implement and manage security information and event management (SIEM) systems
• Conduct penetration testing and ethical hacking to identify and remediate vulnerabilities
• Define and assess compliance security configurations for hardware, software, and cloud services
• Provide expertise in security governance and compliance frameworks, e.g., CIS Benchmarks
• Develop and maintain security documentation, including security policies and procedures
• Define, conduct, and report on internal and 3rd party Red Team, Purple Team, and Blue Team assessments and exercises
• Collaborate with the Application and Development to ensure that all custom development, both on-premises and in the cloud, meets strict security guidelines
• Define, conduct, and report on digital forensics procedures, policies, and deliverables
• Conduct regular tabletop exercises to test and improve the effectiveness of incident response plans
• Active participation in the Information and Cybersecurity, Bank Vulnerability Management, and Data Loss Prevention programs, including efforts related to vulnerability remediation planning, tracking, implementation, threat research, log analysis, end-user security education and training, and recommendations for process improvement
• Participate in change management processes when remediating threats or vulnerabilities
• Provide after-hours and weekend analysis on an as-needed basis outside of general working hours
• Other projects as assigned

SUPERVISORY RESPONSIBILITIES:

• Supervise assigned employees by organizing and monitoring work progress
• Maintain staff by recruiting, selecting, orienting, and training employees
• Manage performance of employees through development, coaching, and counseling

QUALIFICATIONS:

• Bachelor’s Degree from a 4-year accredited institution and a minimum of 4 years of related experience required; or 8 years of Information Security experience required
• 4 years of Cybersecurity Engineering or Architecting experience required
• Cybersecurity-related certifications such as Certified Information Security Professional (CISSP), GIAC Defensible Security Architecture (GDSA), GIAC Certified Incident Handler (GCIH), CERT Certified Computer Security Incident Handler (CSIH), GIAC Certified Forensic Examiner (GCFE), and Offensive Security Certified Professional (OSCP)
• Experience and solid working knowledge of cybersecurity and network analysis tools, network topologies, intrusion detection methodologies, Windows systems, and preferably Linux systems analysis for evidence of compromise
• Familiarity with the requirements of NIST SP 800-53, FFIEC Booklets, and Critical Security Controls

POSITION REQUIREMENTS: The requirements described are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable employees to perform the essential functions. Work is conducted primarily in an office; however, some positions may be conducted remotely via technology. While performing duties of this job, the employee may be regularly required for prolonged periods of time to:

• Sit or stand at a desk
• Walk, stoop down, crouch, kneel or bend over
• Use hands and fingers
• Utilize a computer monitor with visual acuity
• Operate technology and other office machinery such as printers, fax machines, scanners, etc
• Communicate clearly both verbally and in writing with others

ADDITIONAL DUTIES: For Forbright Bank to remain efficient and nimble as a growing organization, team members are expected to exhibit a high level of flexibility regarding any duties that may be situationally assigned outside of this job description.
PERKS/BENEFITS:

• Comprehensive health, dental, and vision plans
• 4 weeks PTO
• 401k company match
• Metro SmartTrip benefits ($50/mo)
• Remote or hybrid work schedules for most positions
• Bonuses for purchasing solar panels, electric vehicles, biking to work, etc
• Paid subscriptions to Veterans Compost, Imperfect Foods, and more!
• Best Workplaces for Commuters 2023 & 2024 winner
• The Washington Post Top Workplaces 2023 & 2024 winner
• American Banker Best Banks to Work For 2023 winner

It is the policy of Forbright Bank to provide equal employment opportunities to all qualified individuals and to administer all aspects and conditions of pre-employment and employment without regard to protected characteristics.