Sr. Analyst, Information Security; hybrid onsite, Omaha NE

At FNBO, our employees are the heart of our story—and we’re committed to their success! Please see below the details of this career opportunity and how it fits into our organization’s success.

We are seeking a Senior Analyst to join our Information Security Assessment team. In this role, you’ll lead offensive security testing across applications, APIs, and enterprise systems while partnering closely with technology and business teams to improve defenses. This position requires deep technical expertise in penetration testing and vulnerability management, combined with strong communication skills to translate findings into actionable security improvements.

You’ll serve as a subject matter expert for penetration testing and secure design, advising project teams, system owners, and business leaders on how to mitigate risk and meet compliance requirements.

• Lead and execute penetration testing of APIs, web applications, and internal/external systems.
• Coordinate penetration testing activities with application/system owners and guide issue resolution.
• Act as a subject matter expert on offensive security and secure design for enterprise projects.
• Contribute to operating system hardening standards and secure configuration guidelines.
• Manage vulnerability management activities and ensure remediation efforts are effective.
• Evaluate and advise on new technologies for secure enterprise adoption.
• Provide consulting and training to business and technical teams on reducing security risks.
• Partner with regulators and internal auditors on compliance reporting and assessments.
• Monitor and scan systems for compliance with security standards, remediating gaps as needed.
• Recommend process improvements to strengthen the enterprise security posture.

• Work in a highly visible, impact-driven security role.
• Collaborate with senior leaders to shape enterprise security strategy.
• Stay ahead of the curve with access to new technologies and professional development opportunities.
• Be part of a team that values innovation, collaboration, and continuous learning.

This position will support our broker‑dealer and therefore will be subject to certain supervisory requirements. The scope of supervision may include but is not necessarily limited to monitoring of electronic communications, monitoring of personal securities transactions, and annual training. Qualifications requirements include employment verification and meeting applicable financial responsibility and criminal background standards.

• 5+ years of relevant experience in information security, with at least 2 years of hands‑on penetration testing.
• Expertise across multiple security domains, including penetration testing, vulnerability assessment, risk assessment, and secure architecture.
• Strong knowledge of application security principles, including secure SDLC and threat modeling.
• Practical experience with tools such as Burp Suite, Metasploit, Nmap, Nessus, or similar.
• Familiarity with regulatory and industry frameworks (ISO 27001, PCI‑DSS, FFIEC, OCC, etc.).
• Excellent communication and documentation skills — able to present complex findings to both technical and non‑technical audiences.
• Ability to mentor junior team members and influence cross‑functional teams.
• Bachelor’s degree in Computer Science, Information Systems, Engineering, or related field (or equivalent experience).
• Professional certifications strongly preferred: OSCP, GPEN, GXPN, CISSP, or similar.

Candidates must possess unrestricted work authorization and not require future sponsorship.

Compensation range (base pay): $89,828.00–$

Final compensation offer to candidate may vary from posted hiring range based upon work experience, education, and/or skill level.

It is anticipated that the incumbent in this role will work in a hybrid capacity, balancing in‑person collaboration three (3) days a week with remote flexibility two (2) days a week. As part of our team, you'll experience the energy and relationship‑building of face‑to‑face collaboration while still enjoying the flexibility of remote…