Security Engineer

Full Time

Madison-Davis

EXTERNAL CLIENT

Description:      Responsible for the day-to-day security operations. The individual will serve as a technical operations subject matter expert and will be responsible for the proper assessment of security controls, detection and investigation of potential threats, and remediation and escalation of incidents. Supports the cyber incidence response team, provides guidance to technology operators, and raises security awareness to end-users.

Job Responsibilities:

  • Performs ongoing analysis of various security events, incident alerts, event notifications, health status from security tools, and additional detection and response activities.
  • Investigates security incidents and collaborates with technology and business organizations in response to detected threats. Coordinates with internal and external resources for risk mitigation and service outage resolution.
  • Develops standard operating procedures for deployed security solutions, interfacing with managed security service providers, incident responses, review and escalation processes. Commits to ongoing professional education / training / certification in the Information / Cyber Security field.
  • Communicates security warnings, ongoing awareness, and general best practices to end-users. Collaborates with Culture & Development team to create security training material. Approves and publishes Information Security related awareness items in the intranet portal.
  • Oversees all the deployed detective security controls, both internal and external managed security services throughout the Bank’s technology infrastructure. This encompasses the perimeter, network, servers, virtual computing, and end-points.
  • Develops performance metrics, trend statistical data, and customizes management reports for Risk, IT and Information Security.
  • Performs Regulatory Compliance activities including gathering of SSAE-16 SOC reports and performs cyber security related due diligence from critical vendors. Assists in social engineering campaigns and scheduled vulnerability scanning events.

Job Requirements:

  • Bachelor’s degree in an IT related discipline preferred;  
  • Performs ongoing analysis of various security events, incident alerts, event notifications, health status from security tools, and additional detection and response activities;
  • Investigates security incidents and collaborates with the CISO and business organizations in response to detected threats;
  • Coordinates with internal and external resources for risk mitigation and service outage resolution;
  • Develops standard operating procedures for deployed security solutions, interfacing with managed security service providers, incident responses, review and escalation processes;
  • Communicates security warnings, ongoing awareness, and general best practices to end-users;  
  • Develops performance metrics, trend statistical data, and customizes management reports for Risk, IT and Information Security;
  • Assists in social engineering campaigns and scheduled audit vulnerability scanning events;
  • Strong knowledge of securing network/infrastructure design and deployment;
  • Experience in conducting a daily assessment of vulnerabilities identified by infrastructure scans;
  • Evaluate, rate, and perform risk assessments on assets;
  • Prioritizing vulnerabilities discovered along with remediation timeline(s);
  • Knowledge in one or two Scripting language. Gain scripting and automation experience (Python, PHP, HTML, CSS);
  • Deep knowledge of intrusion detection methodologies and techniques for detecting host and network-based intrusions;
  • Experience with packet flow, TCP/UDP traffic, firewall technologies, IDS technologies (e.g., Snort rules), proxy technologies, and antivirus, spam and spyware solutions;
  • Deep knowledge of computer networking concepts and protocols, and network security methodologies;
  • Knowledge of cybersecurity management frameworks, regulatory requirements and industry leading practices;
  • Experience in conducting technical risk assessments;  
  • Commits to ongoing professional education / training / certification in the Information / Cyber Security field.
Upload your CV/resume or any other relevant file. Max. file size: 2 GB.

Share on
Print