Information Security Analyst in Mineola, New York at Hanover Community Bank

Location: Mineola, NY

About Us:

Hanover Bank– When you love your work and the people you work with, careers are made!

Embracing diversity, valuing inclusion and showing respect are the foundation upon which we build our team. At Hanover Bank, inclusion means respecting personal beliefs and appreciating that we all have perspectives that matter. We are stronger together as we move toward a shared vision of personal and corporate growth.

Whether you are just starting out or a seasoned professional, working for Hanover Bank can launch you on a path to success. With a passion for excellence, we strive to deliver exceptional service to our clients, foster a positive impact in the communities in which we work and live and help our team members achieve their professional goals.

When you work with us you are empowered, engaged and encouraged to collaborate because every voice matters, every person counts!

Job Summary

Hanover Bank is looking for a full-time Information Security Analyst to support and enhance the Bank’s Information Security Program. Reporting to the Information Security Manager (ISM), this role assists with the planning, implementation, and maintenance of security controls designed to protect the confidentiality, integrity, and availability of the Bank’s information assets.

The Information Security Analyst works closely with the ISM, Information Technology, business units, and third-party service providers to ensure security policies, procedures, and controls align with federal and New York State regulatory requirements. Responsibilities include conducting risk assessments, supporting vendor security oversight, incident response, and business continuity activities, enhancing security awareness, consulting on projects and vendors, and supporting compliance and audit efforts.

Essential Job Duties and Responsibilities

• Support the development and maintenance of the Information Security Program in accordance with GLBA, FDICIA, Sarbanes-Oxley, FFIEC, FACTA, and NYDFS Cybersecurity Requirements (23 NYCRR 500).
• Develop and maintain information security risk assessments to evaluate inherent risk, controls, and residual risk.
• Support third-party and vendor information security risk management activities, including due diligence, ongoing monitoring, and periodic risk assessments.
• Review vendor security documentation (e.g., SOC reports, cybersecurity questionnaires, policies, penetration test summaries) and identify security risks or control gaps.
• Assist in ensuring vendors comply with the Bank’s information security requirements, contractual security obligations, and regulatory expectations.
• Support the development and maintenance of vendor security procedures, standards, and documentation.
• Assist in tracking vendor risk issues, remediation efforts, and risk acceptance decisions.
• Assist in the selection, implementation, and maintenance of security tools used to monitor, detect, and alert on vulnerabilities and security events.
• Support incident detection, alerting, escalation, response, and reporting in accordance with established policies and procedures, including incidents involving third-party vendors.
• Work closely with Information Technology to review security controls and support the remediation of security-related issues.
• Assist in ensuring security requirements are considered during project planning, system changes, and vendor onboarding activities.
• Produce security reports, including key risk indicators (KRIs), key performance indicators (KPIs), and trend analysis.
• Support access control processes to ensure appropriate access to systems and data based on role and risk.
• Research emerging threats, vulnerabilities, and cybersecurity trends and recommend improvements to enhance the Bank’s security posture.
• Collaborate with business units to support proper data classification practices.
• Support the maintenance, testing, and improvement of the Bank’s business continuity and disaster recovery program, including business impact analysis (BIA).
• Assist in the review of Information Technology changes to ensure alignment with security best practices.
• Support employee security awareness and training initiatives, including phishing simulations and educational materials.
• Assist with regulatory compliance monitoring and respond to audit and examination requests as required, including requests related to vendor oversight.
• Perform other duties as assigned.

Education and Experience

• Bachelor’s degree in computer science or a related field, or equivalent experience and/or certifications.
• Professional security certification (e.g., CISSP, CRISC) preferred or equivalent experience.
• 1–3 years of experience implementing, managing, or supporting information security, risk management, and/or third-party vendor risk management activities.

Skills and Abilities

• Strong analytical, problem-solving, and attention-to-detail skills.
• Ability to communicate technical concepts clearly to both technical and non-technical audiences.
• Working knowledge of network, cloud, endpoint, and application security, as well as SIEM and SOC technologies.
• Familiarity with vendor and third-party risk management concepts, including due diligence, ongoing monitoring, security assessments, and control reviews.
• Knowledge of business continuity planning and disaster recovery concepts.
• Ability to support vendor and system cybersecurity risk assessments, including documentation review and issue tracking.
• Ability to support and deliver information security awareness and training programs.
• Ability to manage priorities and execute tasks within established timeframes.
• Adaptability in a fast-changing technology and threat landscape.

Our Benefits:

Health & Wellness Benefits

· Medical, Dental, and Vision insurance (with HSA, FSA, and Commuter Benefits options)

· Company-paid Life Insurance and Accidental Death & Dismemberment (AD&D)

· Company-paid Long-Term Disability Insurance

Voluntary Benefits

· Additional Life and AD&D Insurance for employee, spouse, and dependents

· Voluntary Short-Term Disability Insurance

· Pet Insurance

· Legal Services Plan

· Accident Insurance

· Hospital Indemnity Insurance

· Cancer Care Insurance

Retirement

· 401(k) Plan with Company Match

Time Off & Recognition

· Paid Personal Time Off (PTO)

· Paid Company Holidays

· Annual Performance Bonuses

· Annual Salary Increases

Employee Engagement

· Company-sponsored Events

· Employee Contests and Recognition Programs

Hourly Rate: $28.00 -$32.00; placement within this range will vary based on experience and skill level.

Hanover Bank is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or protected veteran status.