Senior Information Security Analyst

ABOUT US

Here at MVB, our company culture defines the environment in which Team Members thrive. Our culture impacts a wide range of elements, including our purpose, values, expectations and goals that support growth and engagement – it is the secret sauce of our organization!

Our values live at the core of all that we do – Trust, Commitment, Teamwork, Adaptive, Respect, Love and Caring are our foundation for success.

MVB Financial Corp. (“MVB Financial” or “MVB”), the innovative financial holding company of MVB Bank, Inc., is publicly traded on The Nasdaq Capital Market® under the ticker “MVBF.” Through its subsidiary, MVB Bank, Inc., (“MVB Bank”) and the bank’s subsidiaries, MVB provides services to individuals and corporate clients in the Mid-Atlantic region, as well as to Fintech, Payment and Gaming clients throughout the United States. For more information about MVB, please visit www.mvbbanking.com.

This role can be based remotely.

Candidates must reside in one of the following states: West Virginia, Virginia, Texas, Florida, Ohio, Pennsylvania, Maryland, Washington D.C., New York, New Jersey, Arizona, North Carolina, Georgia, or South Dakota. 

ABOUT THE ROLE

The Sr. Information Security Analyst will lead projects and activities that support the corporate enterprise information security strategy for MVB. In addition, this role will be responsible for coordinating all phases of the security technology lifecycle including technical requirements, architecture, design, and oversight.  The Sr. Information Security Analyst possesses an in-depth understanding of current and emerging threats and technology to drive improvement in all technical areas of security including network, data, application, cloud, IAM, mobile, endpoint, and Artificial Intelligence (AI). 

WHAT YOU’LL DO

• Develop and implement security policies, protocols, and procedures.

• Participate in the identification, response, investigation, and remediation of potential breaches of and issues surrounding information security ensuring remediation efforts are completed and recording of the event. 

• Conduct security assessments, identify gaps, and recommend changes or improvements based on security and compliance requirements, industry best practices, and customer commitments.
• Identify, evaluate, and report on information security risks in a manner that meets compliance and regulatory requirements using frameworks such as (i.e.: Personally Identifiable Information (PII), NIST, Payment Card Industry (PCI), Data Privacy, etc.).
• Work collaboratively with the IT Ops, Enterprise Data & AI Automation, and other teams as a SME for compliance, configuration setting, best practices, and information security matters as needed.
• Assist with GRC related activities including control evaluations for GLBA and annual cybersecurity maturity assessments.
• Responsible for supporting training programs for user awareness and compliance monitoring, which includes publications for awareness, phishing campaign simulations, and other training.
• Oversee and monitor vulnerability management program by ensuring all critical vulnerabilities are escalated within defined SLAs, tracking remediation progress weekly, and delivering metrics reports to management.
• Facilitate internal and external penetration testing, risk assessments and audit participation, where applicable. Prepare management response plans for remediation actions and tracking to closure.

• Performing tasks related to special projects as assigned.

EDUCATION & WORK EXPERIENCE

• Degree in business administration or a technology-related field, or equivalent work or education related experience.
• 5 years of experience in technical information security role, risk management and audit functions.
• Experience with writing technical documentation and knowledge of Cloud and Security concepts.
• Prior experience working with Public Cloud Service Providers such as (AWS, Google, Azure), is desired.
• Knowledge and understanding of relevant legal and regulatory requirements such as Personally Identifiable Information (PII) Protection and Payment Card Industry (PCI)/Data Security Standards or SOC.
• Demonstrated ability to work on cross-functional projects and audit remediation efforts to closure.
• Must have experience interacting with process owners, reviewing test outcomes, and documenting large control sets, providing evidence for inquiries from external regulators or auditors, and assessing security/compliance risk. 
• Working towards or have at least one professional security management certification such as a Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA) or other similar credentials, is desired.
• Knowledge of common information technology management frameworks such as NIST CSF, ITIL, COBIT, and/or FFIEC Guidance.
• Experience with security tools usage such as Tenable, DLP, Qualys, LogRhythm, Phishing analysis, Arctic Wolf, etc. are preferred.
• Ability to review and make configuration changes to improve the over security of the environment.
• Ability to produce presentations, metrics or graphs to report on key performance metrics.
• Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate security and risk-related concepts to technical and nontechnical audiences.

BENEFITS AT MVB

MVB Financial Corp., (“MVB”) offers an excellent selection of benefits for regular, part-time and full-time Team Members, including:

• Medical, Dental and Vision Insurance
• Health Savings Account (HSA), Health Reimbursement Account (HRA) & Flexible Spending Accounts (FSA)
• Short- and Long-Term Disability Plan
• Group Life Insurance
• 401K Salary Deferral Plan
• Wellness Program
• Education & Tuition Expense Reimbursement
• PTO and Unique Vacation Purchase Program
• Nationwide Pet Insurance Coverage

#LI-Remote

We encourage you to submit an application even if you haven’t performed every job duty listed above, as your skills may be transferrable. MVB is looking for ambitious individuals with related knowledge, understanding and abilities who are willing to learn and grow. What we care about most is allowing you to develop and, in return, you help us become a stronger, more diverse and well-rounded organization.