At OceanFirst Bank, each one of our employees plays an important role in delivering value to our customers and executing daily tasks in accordance with our core values. We recognize that our employees are essential to our success, making OceanFirst a great place to work and do business.
Great benefits include: on-site fitness facility at Red Bank and Toms River headquarter offices, employee perks & discount programs, tuition assistance, incentive compensation program, professional development opportunities, and more! Apply today to #BecomeOceanFirst and make an impact in the local community!
PRIMARY PURPOSE:
In conjunction with the Information Security Operations Manager, develop, implement, and manage an enterprise wide information security framework to establish IT systems defenses against security vulnerability/ breaches.
Assist in the creation and maintenance of information security procedures designed for business and technology
units to establish and maintain a compliant, risk-focused information security platform. Partner with business and
functional units to create and maintain the bank's Business Continuity, Disaster Recovery Plans, and Incident
Response Plan. Implement appropriate monitoring and testing to ensure adherence to the bank's information
security protocols across the organization.
ESSENTIAL DUTIES AND RESPONSIBILITIES:
Utilize an expertise in security solutions such as SIEM, SOAR, IPS/IDS, Endpoint Security, Network Security,
Database Security, Firewalls, Cloud Proxy, Network Access Control and Network Segmentation to identify security
risks.
on or transmitted to/from/through enterprise workstations, servers and other systems and in databases and other
data repositories.
with IT partners in accordance with standard best operating practices and the enterprise's documented information
security procedures.
organization's information security and compliance with all applicable banking regulations.
risks for recurrence of security and continuity incidents and/or data breaches.
security risks and develop mitigating controls where appropriate.
goals, solicit feedback and foster co-operation.
Support the information security activities of the bank's external network sources.
Maintain current knowledge and understanding of the IT security industry including awareness of new or revised
security solutions, improved security processes and the development of new attacks and threat vectors. Understand
the IT threat landscape for banking and financial services industry.
compliance with enterprise security requirements.
Active participant in Incident Response Plan tabletop exercises.
Create/Maintain vulnerability scans and then analyze data and integrate into reporting and dashboard creation.
Update security software tools to maintain current versions.
Review and recommend security policies, controls and cyber incident response planning.
Contribute to automation workflows and integration of Artificial Intelligence (AI) and agentic capabilities to increase
efficiencies and coverage while reducing detection and remediation timelines
Approve and oversee identity and access management (IAM) policies and system access control.
Ensure continued compliance with laws and applicable regulations.
Schedule and participate in periodic security assessments.
Choose and recommend security products as necessary.
Coordinate electronic discovery and digital forensic investigations.
Ensure an inventory of technology assets, classified by sensitivity and criticality is properly maintained.
Review relevant logs for security events
JOB SPECIFICATIONS:
Knowledge, Skills & Abilities
include Next Generation Extended Detection and Response (XDR), Security information and event management
(SIEM), Security Orchestration, Automation, and Response (SOAR), Firewalls, Intrusion Detection
Systems/Intrusion Prevention Systems (IDS/IPS), security testing tactics techniques and procedures.
management, vulnerability intelligence, patch management)
Insider Threat Matrix, NIST CSF, etc.
GIAC Security Essentials, CISSP: Certified Information Systems Security Professional, CISM: Certified Information
Security Manager, strongly desired.
business challenges and develop alternatives to mitigate.
complexities on business financials and performance.