Middlesex Savings Bank Senior Risk Analyst in Westborough, Massachusetts

Reporting to the Information Security Officer, the Senior Risk Analyst is responsible for assisting the Information Security Officer with maintaining and continually enhancing the Bank’s information security and vendor management programs. In particular, responsibilities include assisting with the development, coordination, implementation and governance of enterprise-wide policy and controls.

Assist with ensuring the Bank’s information security program remains in compliance with applicable standards and regulations, including evolving data privacy regulations.

Assist with enhancement of control testing processes to ensure information security, risk, and vendor management policies are adhered to.

Assist with compliance with cyber security functions including reporting on gaps, variances, and the assessment and disposition of cyber risk. Assist with completion and maintenance of the Bank’s FFIEC Cybersecurity Assessment

Perform assessments of the current information security and vendor management framework and assist Information Security Officer with development of guidance that addresses gaps.

Assist with adherence to vendor management, risk, and information security policies, standards, and procedures. Assist with socialization of policy & control recommendations to stakeholders across the enterprise in order to gain acceptance.

Help support the completion of risk assessments of business processes and products to ensure that they align with Bank policies and objectives.

Participate in information security, vendor management, and risk related projects and initiatives.

Assist with the collection and review of vendor due diligence materials in line with GLBA and TSP regulatory guidance

Assist with the resolution of internal audit and examination findings related to risk, information security, and vendor management.

Effectively utilize the Bank’s Enterprise Risk Management Software System.

Ensures full compliance with the Bank’s Information Systems Policies and Procedures.

Performs related and unrelated duties as may be required.

  • Bachelor’s degree.

  • 2 - 4 of experience in Bank-specific information security, risk, and/or audit areas.

  • Ability to develop and maintain knowledge of applicable laws, regulations, and standards relating to information security and data privacy.

  • Knowledge of bank operations and bank technology applications.

  • Effective communicator, relationship builder, and advocate for sound risk mitigation practices.

  • Privacy and GLBA experience a plus.

  • Strong organizational skills.

Middlesex Savings Bank is an EO/AA Employer: Min/Fem/Vet/Disabled

Search Firm Representatives, Please Read Carefully: Middlesex Savings Bank does not accept unsolicited resumes from search firms for this or any employment opportunity

Req #: 3782

Standard Working Hours: Monday - Friday 8:00am to 5:00pm

External Company URL: www.middlesexbank.com

Street: 120 Flanders Road