New

Information Security Analyst II

Federal Home Loan Bank of Cincinnati
United States, Ohio, Cincinnati
221 East 4th Street (Show on map)
Jan 31, 2026
Information Security Analyst II General Summary: Information Security Analyst who thrives in a fast-paced operations environment and is passionate about building efficient, scalable security processes. This role centers on daily security monitoring, incident triage, and continuous improvement with a strong focus on automating and streamlining workflows. The ideal candidate is an independent thinker who can proactively identify risks, make sound judgments with incomplete information, and adapt quickly to emerging technologies, tools, and threats. Principal Duties and Responsibilities: Perform daily monitoring and triage: Monitor SIEM, IDS, cloud security tools, identity/access logs, file integrity, and email security to detect suspicious activity. Perform initial triage, escalation, and documentation of alerts and events. Analyze alerts to recommend tuning, correlation rules and improvements. Build automation to eliminate manual steps and reduce false positives. Facilitates and/or executes vulnerability and compliance scans/reviews for new hardware on an asneeded basis to ensure alignment with organizational security standards, requirements and benchmarks. Assists in maintaining the configuration and policies of security tools used in daily monitoring and vulnerability management processes. Works with staff to understand their respective security needs and assists in implementing practices and procedures based on the Bank's Information Security Policy, including identifying sensitive data, recommending appropriate safeguards, and utilizing data loss prevention solutions. Monitors threat developments and maintains awareness on emerging practices in the cybersecurity field, security tools, best practices, and regulations related to information security. Develops, contributes to and/or maintains department procedures. Manage and/or participate in information security related projects. Performs other duties as requested by management. Minimum Knowledge, Skills and Abilities Required: Bachelor's degree in Computer Science, Cybersecurity or Information Technology preferred, or equivalent work experience in a security or technical environment. Five years' experience in the field of information security. Strong working knowledge of security frameworks (e.g. NIST Cybersecurity Framework 2.0, CIS Critical Security Controls, CIS Benchmarks), and other security standards and methodologies (NIST, CIS, ITIL, SOX or ISO27002). Demonstrated working experience with security tools used for vulnerability assessment, endpoint protection, event monitoring and correlation. Demonstrated working experience in the areas of vulnerability assessment, security monitoring, access management, and Azure cloud security. Working knowledge of Microsoft and Windows environments and platforms including Azure, Active Directory, Windows Desktop OS, Windows Server OS, SQL Server, SharePoint, Exchange (emphasis on security infrastructure). Experience with three or more of the following: Cloud Security, Identity and Access Management, Threat and Vulnerability Management, Antivirus/Malware prevention, Data Loss Prevention, IT Architecture, Penetration Testing, Intrusion Detection/Prevention, Security Monitoring, SQL Database Security, Policy and Procedure, Active Directory, cryptography, Incident Response, Application Security Assessments, Security Awareness, or Related Information Security subject areas. Excellent written and oral communication skills. Analytical skills and attention to detail to provide quick and effective response to situations that compromise information system security. Security certification(s) is beneficial: CISSP, SSCP, Security+, GSEC, MCSE. Demonstrates interests in working with a variety of backgrounds and perspectives that align with the Bank's core value. Promotes an environment of empathy and respect to ensure the inclusion of all team members. Working Conditions: Requires daily interaction with PCs and terminals for majority of duties. Normal business office environment with little physical discomfort due to temperature, dust, or noise. Must be able to quickly respond to problems affecting system security, occasionally requiring work outside the Bank's normal business hours (i.e. weekends, evenings or early mornings).