Systems Security Engineer II or III

If you are unable to complete this application due to a disability, contact this employer to ask for an accommodation or an alternative application process. Systems Security Engineer II or III Regular Full-Time Des Moines, IA, US This position will be hired as either a Systems Security Engineer (SSE) II or III depending on experience. Systems Security Engineer II (2) Job Summary: The Systems Security Engineer II is responsible for working with cross-functional teams to ensure that controls are properly designed, implemented, configured, and performing as expected in support of the company’s security program and policies. This position is responsible for the design, implementation, configuration of Security tools and controls that enable the organization to detect and prevent computer and infrastructure security and cyber threats. The Systems Security Engineer II will act as a subject matter expert (SME) on multiple security solutions, and will provide guidance to security team members, as well as other IT teams, on the proper adoption and support of Security tools and controls. This individual will identify, assess, prioritize, and remediate processes for cyber security risks and vulnerabilities. This individual is responsible to train peers and other team members on the newly deployed products and solutions, preparing SOP (Standard Operating Procedure) documents, troubleshooting documents as part of projects. Primary Functions and/or Responsibilities: Applies knowledge of controls, threats, vulnerabilities, risk, and technical systems to assist with future-state security planning and roadmaps to harden systems and close vulnerabilities. Researches and analyzes searches and analyze business trends and behavioral data to identify opportunities for improvements and new initiatives. Develops a deep understanding of the network and security infrastructure, systems, and tools to improve security strategies relative to the vision of the business while meeting compliance obligations by evaluating cyber security threats, risk, vulnerabilities, and processes to determine relative risk to the product, system, and organization. Implements security systems by specifying intrusion detection methodologies and equipment; directing equipment and software installation and calibration; preparing preventive and reactive measures; creating, transmitting, and maintaining keys; providing technical support; completing documentation Investigates intrusion detections, malware, file propagation and any other form of malicious activity on the network Rolls out, maintains and improves strict security policies to reflect industry best practices and banking sector's compliance obligations Develops and maintains documentation critical to operating and executing the security program using tools such as Microsoft Visio and office Analyzes security incidents using research and forensic techniques Administers and monitors network security equipment and systems including but not limited to Data Loss Prevention (DLP), Security Incident and Event Monitoring (SIEM), anti-virus/anti-malware, application whitelisting, web and email security, Identity Access Management (IAM), Mobile Access Management, firewall, Intrusion Prevention Systems (IPS), Encryption, Virtual Private Networks (VPN), and other systems critical to the security of the corporate network Continually develops security skills and competencies. Helps transform control culture from current detective controls to preventative controls Prepares implementation, rollout and rollback plan for security tool introduction to the organization Adheres to existing disciplines in place for software/application change control processes in order to meet both regulatory and business requirements Provides superior customer service to all employees at multiple locations Meets with auditors and compliance officers as needed to represent security Collaborates with internal IT teams to coordinate projects and critical troubleshooting Works on multiple projects simultaneously and controls project deliverables and expectations. Troubleshoots documents preparation and train other team members as necessary Performs other duties as assigned Education and/or Experience: Four-year degree in Computer Science or equivalent required, or a combination of education and experience At least six years of experience in network security and/or systems management with a focus on information security required Certification in the Technology Industry related to Cybersecurity, such as, but not limited to, Security+, CEH, GSEC, OSCP and CISSP, preferred Specific Skills, Knowledge & Abilities: Computer, peripherals, software, hardware including Windows, Linux/Unix SIEM, SCCM, DLP, AV/AS, IPS/IDS, Firewall, Application Whitelisting, Basic Penetration Testing, Web and Email Filter, Encryption, Password Management, Identity Access Management, Mobile Access Management Systems Security Engineer III (3) Job Summary: The Systems Security Engineer III is responsible for establishing an enterprise security stance through policy, architecture, and training processes. This includes the evaluation and recommendation of appropriate security solutions and oversight of any vulnerability audits and assessments. This position develops and recommends IT security policies and interface Technology Manager of Infrastructure and peers to ensure proper implementation of appropriate policies. The position also researches network security events and implements changes to improve security and will also respond to regulators' and auditors’ requests. The Systems Security Engineer III works to assess network risk and cyber security vulnerability and recommends appropriate actions to protect the environment from risk. Primary Functions and/or Responsibilities: Mentors and develops security engineers responsible for delivering and supporting the technology infrastructure, toolsets/solutions, and critical systems. Provides technical expertise and provides training to other Technology department personnel on existing threats and vulnerabilities Possesses a thorough understanding of all aspects of computer, network, and physical security with the ability to architect, design, implement, support, and evaluate network + cyber security tools and services Administers and monitors network security equipment and systems including Data Loss Prevention (DLP), collaborate with SEIM/SOC provider, Endpoint Detection and Response (antivirus/anti-malware), application whitelisting, web and email security), Mobile Access Management, firewall, Intrusion Protection Systems (IPS), Encryption, Virtual Private Networks (VPN), Multi-Factor Authentication (MFA), and other systems critical to the security of the corporate network Assesses network risk and cyber security vulnerabilities using penetration testing tools for information gathering (vulnerability scanners, NMAP), analyzing and exploitation Ensures the confidentiality, integrity and availability of the data residing on or transmitted to/from/through enterprise workstations, servers, and other systems and in databases Monitors industry trends, analysis, threat reports, and vulnerabilities, and ensures mitigation of known and anticipated threats. Analyzes security incidents using research and forensic techniques Partners with IT Compliance Administrator to respond to auditing body information requests, communicate IT security policies and procedures, and implement approved recommended changes Maintains up-to-date knowledge of the IT security industry including awareness of new or revised security solutions, improved security processes and the development of new attacks and threat vectors. Reviews and maintains the enterprise’s security documents (policies, standards, baselines, guidelines, and procedures) and the security awareness training program Periodically tests and updates systems to ensure they are operating effectively Adheres to existing disciplines in place for software/application change control processes to meet both regulatory and business requirements Works on multiple projects simultaneously and control project deliverables and expectations Performs other duties as assigned Education and/or Experience Four-year degree in Computer Science or equivalent required, or a combination of education and experience At least 8 years of experience in network security and/or systems management with a focus on information security required Certification in the Technology Industry related to Cybersecurity, such as, but not limited to, Security+, CEH, GSEC, OSCP and CISSP, preferred Specific Skills, Knowledge & Abilities: Results oriented, high energy, and self-motivated Prior/Current experience with Banking or Financial Institutions helpful Knowledge of Banking/Financial Institution regulatory requirements helpful Experience with the following toolsets preferred: Carbon Black, Cylance +Optics, Cisco ISE and Umbrella, Meraki, Palo Alto Panorama and firewall o/s, Proofpoint email security and ObservIT, Digital Persona HID multi-factor authentication, F5, Varonis Hiring Salary Range The hiring range below reflects targeted base salary. Actual compensation will be determined based on the candidate’s prior related experience & education and will be finalized at the time of offer. In addition to base salary, most positions are also eligible to participate in our annual bonus program. Select positions may also be eligible to earn incentives and/or commissions. SSE III Hiring Base Salary Range: $102,500 - $121,500 plus annual bonus, SSE II Hiring Base Salary Range: $88,000 - $104,500 plus annual bonus. Group Health, Dental, and Vision Insurance Generous Paid Time Off (PTO) 401(k) plan with lucrative company match Tuition assistance Company Paid Life Insurance Lifestyle Accounts that provide employees with reimbursement for the things that are most important to them such as childcare, student loan payments, gym memberships, pet insurance and much more. Team Member Banking - a suite of products and services with special benefits for employees Hybrid Eligibility: Position may be eligible for a hybrid work schedule (requiring some days in the office each week).

EQUAL OPPORTUNITY EMPLOYER

PROTECTED VETERANS AND INDIVIDUAL WITH DISABILITY

#J-18808-Ljbffr Bankers Trust