Information Security Analyst - Sugar Land East Lawn or Lubbock

If you are unable to complete this application due to a disability, contact this employer to ask for an accommodation or an alternative application process.

Full Time Security Analyst – LUBBOCK ANNEX, Lubbock, TX, US

External Applicants: Please apply through Prosperity Bank's Career Center at  Applying through any other source may prevent Prosperity from receiving your application.

Internal Applicants: If you are a current associate of Prosperity Bank, please apply through the internal Talent – Career Center in ADP.

Prosperity Bank is an Equal Opportunity Employer.

The Information Security Analyst serves as a member of the Security Operations Center (SOC), protecting the bank’s information infrastructure and data. Working under the guidance of senior security team members, the analyst monitors and identifies potential or active threats and conducts security investigations to contain and resolve cybersecurity incidents.

• Monitor security events and alerts across a variety of platforms (e.g., SIEM tools, intrusion detection systems).
• Identify and triage security incidents and determine scope, severity, and potential impact.
• Respond to incidents promptly, coordinating with the incident response team to contain and mitigate threats.
• Maintain consistent documentation of incidents and actions to ensure transparency and compliance.
• Produce incident‑response post‑mortem analysis reports with technical summaries of tactics, techniques, impacts, root cause, and findings.
• Provide regular updates to stakeholders on security posture, ongoing incidents, and potential exposures.
• Collect, analyze, and correlate log data to identify vulnerabilities, threats, intrusions, and incidents.
• Create threat‑detection techniques and alerting rules to enhance detective controls.
• Assess risk from technical and operational vulnerabilities using automated and manual tools.
• Collaborate with cross‑functional teams to support remediation of identified vulnerabilities.
• Stay aware of emerging threats, attack vectors, and vulnerabilities to improve detection and prevention strategies.
• Share threat intelligence relevant to the organization’s security posture with appropriate personnel.
• Maintain effective communication with internal and external stakeholders for timely incident awareness.
• Participate in security meetings and contribute to the development of incident‑response policies and best practices.
• Work outside of regular business hours when necessary.
• Other duties as assigned.

Education & Certification: Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related discipline; or equivalent combined education and relevant work experience. Advanced degrees in cybersecurity can replace work experience on a year‑for‑year basis. Professional certifications from ISC(2), ISACA, GIAC, Off Sec, or CompTIA are preferred.

Experience

Required:

Minimum of 1 year in an information security or information technology role, with responsibilities in one or more of the following domains: security and risk management, asset security, security architecture and engineering, communications and network security, identity and access management, security assessment and testing, security operations, software development security. Direct experience in security operations, cyber defense, or incident management is preferred.

Demonstrated ability to execute initiatives in complex, highly regulated environments. Banking or financial services industry experience is a plus.

Required Knowledge: General understanding of network communications, computer networking principles, network addressing, configurations, digital communication systems, client/server architecture, operating systems, encryption algorithms, authentication/authorization tools, and data encryption. Strong grasp of cybersecurity principles including data integrity, OPSEC, network security, access control, threat remediation, and threat characteristics (e.g., malware, filename extension abuse, web application risks). Knowledge of adversarial tactics, cyber‑attack…