Northern Bank
The Senior Information Security Analyst plays a pivotal role in the second line of defense, providing independent review, challenge, and strategic guidance to ensure the effectiveness of the organization’s information security program. Key functions of the role include identification, assessment and mitigation of threats to the bank’s information systems and proprietary data. This role is also responsible for conducting advanced risk assessments, evaluating control frameworks, and advising security governance, architecture, and compliance. The analyst will collaborate with first line of defense to ensure alignment with regulatory expectations and industry best practices._
ESSENTIAL FUNCTIONS
Lead and execute complex risk assessments across applications, infrastructure, and business processes. Evaluate and challenge the design and effectiveness of security controls implemented by First Line teams. Monitor and report on key risk indicators (KRIs), control performance, and emerging threats. Analyze security logs, threat intelligence, and incident data to identify systemic risks and recommend mitigation strategies. Provide subject matter expertise on regulatory frameworks (e.g., NIST CSF, FFIEC, PCI DSS). Support the development and enhancement of security policies, standards, and procedures. Lead or assist in incident response activities, including triage, investigation, containment, and post-incident reviews. Participate in internal and external audits, regulatory exams, and risk committee reporting. Collaborate with IT, legal, compliance, and business units to assess security risks in new initiatives and technologies. Contribute to the development of the GRC platform and risk reporting dashboards. Mentor junior analysts and support knowledge-sharing across the security team. JOB QUALIFICATIONS
4–6 years of experience in Information Security, IT Risk, or IT Audit, preferably in a regulated industry. Bachelor’s degree in Information Security, Computer Science, or a related field; Master’s degree or certifications (e.g., CISSP, CISM, CRISC, CISA) strongly preferred. Deep understanding of risk management and control frameworks (e.g., NIST, ISO, COBIT). Experience with IAM platforms (e.g., SailPoint, Microsoft Entra ID, CyberArk) and access governance. Proficiency in cloud security, endpoint protection, and data loss prevention (DLP) technologies. Familiarity with SIEM tools, vulnerability management platforms, and incident response processes. Strong analytical, communication, and stakeholder engagement skills. Experience with GRC platforms (e.g., Archer, ServiceNow IRM) is a plus. Familiarity with AI tools and their implications for cybersecurity (e.g., threat detection, automation). Excellent analytical, communication, and documentation skills. Strong attention to detail and ability to manage multiple priorities. About Northern Bank & Trust Company
Northern Bank is a full-service bank dedicated to providing practical, common sense financial solutions to help our customers live their lives and grow their businesses. From deposit products to loans to payment and collections services, we work hands-on with our entrepreneurial customers, both locally and across the country, to provide the financial support they need to realize their personal and business goals. Founded in 1960, Northern Bank has assets of over $3 billion with 12 locations serving communities throughout Middlesex County. Northern Bank is a Member of the FDIC, and an Equal Housing Lender. For more information on online banking services, please visit www.NBTC.com or follow Northern Bank on Facebook (/NorthernBankM A/), Twitter (@northernbankma), Instagram (@northernbankma) and LinkedIn (company/northern-bank-ma/).
ESSENTIAL FUNCTIONS
Lead and execute complex risk assessments across applications, infrastructure, and business processes. Evaluate and challenge the design and effectiveness of security controls implemented by First Line teams. Monitor and report on key risk indicators (KRIs), control performance, and emerging threats. Analyze security logs, threat intelligence, and incident data to identify systemic risks and recommend mitigation strategies. Provide subject matter expertise on regulatory frameworks (e.g., NIST CSF, FFIEC, PCI DSS). Support the development and enhancement of security policies, standards, and procedures. Lead or assist in incident response activities, including triage, investigation, containment, and post-incident reviews. Participate in internal and external audits, regulatory exams, and risk committee reporting. Collaborate with IT, legal, compliance, and business units to assess security risks in new initiatives and technologies. Contribute to the development of the GRC platform and risk reporting dashboards. Mentor junior analysts and support knowledge-sharing across the security team. JOB QUALIFICATIONS
4–6 years of experience in Information Security, IT Risk, or IT Audit, preferably in a regulated industry. Bachelor’s degree in Information Security, Computer Science, or a related field; Master’s degree or certifications (e.g., CISSP, CISM, CRISC, CISA) strongly preferred. Deep understanding of risk management and control frameworks (e.g., NIST, ISO, COBIT). Experience with IAM platforms (e.g., SailPoint, Microsoft Entra ID, CyberArk) and access governance. Proficiency in cloud security, endpoint protection, and data loss prevention (DLP) technologies. Familiarity with SIEM tools, vulnerability management platforms, and incident response processes. Strong analytical, communication, and stakeholder engagement skills. Experience with GRC platforms (e.g., Archer, ServiceNow IRM) is a plus. Familiarity with AI tools and their implications for cybersecurity (e.g., threat detection, automation). Excellent analytical, communication, and documentation skills. Strong attention to detail and ability to manage multiple priorities. About Northern Bank & Trust Company
Northern Bank is a full-service bank dedicated to providing practical, common sense financial solutions to help our customers live their lives and grow their businesses. From deposit products to loans to payment and collections services, we work hands-on with our entrepreneurial customers, both locally and across the country, to provide the financial support they need to realize their personal and business goals. Founded in 1960, Northern Bank has assets of over $3 billion with 12 locations serving communities throughout Middlesex County. Northern Bank is a Member of the FDIC, and an Equal Housing Lender. For more information on online banking services, please visit www.NBTC.com or follow Northern Bank on Facebook (/NorthernBankM A/), Twitter (@northernbankma), Instagram (@northernbankma) and LinkedIn (company/northern-bank-ma/).