The Cloud/Network Information Security Engineer is part of the Information Security team and is responsible for support of the following areas: Information Security Configuration Management, Network/Cloud/Application Security, and Information Security Architecture & Consulting. This is a hands-on position that works closely with the Information Security team on continuous assessment and strengthening of the Bank s information security posture, maturity level and risk assessments. Acts as a liaison to IT teams regarding information security networks, applications, and cloud configuration for posture assessment and verification. Prepares analyses, metrics, Key Performances Indicators (KPIs) and evaluations to ensure compliance with bank policies, standards, and security regulations.Essential FunctionsInformation Security Configuration Management:
Systems/Network/Application/ Cloud Security
- Maintenance and enhancement of the security posture of the Bank s network, applications, and cloud environment.
- Implements secure baseline configurations, incorporating secure configuration settings for Information Security and IT products and services.
- Monitors and maintains information security tools and solutions for effective operation, peak performance and orchestration of the posture.
- Ensures information security standards, procedures and guidelines in compliance with bank regulations (e.g. FFIEC, NIST, PCI, etc.).
- Assists the Information Security Office with various activities associated with the banks Operational Risk Management Program.
Information Security Architecture & Consulting:
- Identifies opportunities to improve network, application, and cloud security through the implementation of secure frameworks and establishment of standards, procedures, and guidelines.
- Works closely with IT teams to analyze the current network, applications, and cloud security posture to detect critical deficiencies and recommend solution for improvements.
- Assists in supporting all reporting, metrics, and Key Risk Indicators (KRIs) requirements for security applications, tools, and services.
- Support implementation of static and dynamic application security testing.
- Documents necessary network, application, and cloud security design including project postmortem documentation and metrics collection and reporting.
- Works with IT teams and project managers to resolve security related issues with network, applications, and cloud during implementation and ongoing.
- Performs analysis of information security architecture needs and contributes to design, integration, and tune-up of required hardware and software.
- Identifies and defines initial information security design and architecture requirements, and ensures implementation and verification throughout the life cycle of network, applications and cloud projects and services.
- Provides consulting services across the organization and assists in defining information security network, applications, and cloud requirements.
- Develops training material that covers organizational policies, procedures, tools, artifacts, and monitoring requirements.
- Document information security processes and procedure as needed.
- Follow established change management procedures.
- Participates in incident response and vulnerability remediation efforts.
- Participates in on-call rotational duties with other team members.
- Regular, reliable attendance is required.
- Other duties and responsibilities as assigned.
- Bachelor s degree in Computer Science, MIS or related technical field or equivalent related work experience.
- 3 - 5 years' experience in configuration of secure networks, applications, and cloud.
- Experience with network, application, and cloud hardening and compliance (FFIEC, NIST and PCI).
- Network, application, and cloud security certification preferred (CCNP, CCSP, MCSE: Cloud Platform and Infrastructure).
- Experience with Common Secure Configurations (i.e. CIS, NIST) and other industry security checklists / benchmarks
- Experience in assessing the risk of a proposed solution, escalating appropriately and driving to closure.
- Technical knowledge of cloud engineering, networking and software architectures.
- Demonstrated proficiency with various security applications and investigation / forensic tools.
- Extensive knowledge of networking protocols and security implications.
- Excellent interpersonal communication skills; ability to collaborate with and work effectively with diverse groups of people.
- Exhibits the ability to explain complex technical security issues in layman s terms to peers and management.
Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities
The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor's legal duty to furnish information. 41 CFR 60-1.35(c)