Description of Position:
The future of banking is here! We’re building the next generation of banking technology and actively transforming the way we operate. In turn, our Information Security department is hiring folks at all levels, from Analyst to Manager.
Enterprise Information Security (EIS) is integrated with our technology division (860+ people) and is responsible for enabling secure innovation and business growth for over 13,000 employees spanning the country. EIS is a hard-working dedicated team with Executive and Board-level support to drive secure, highly-visible, and emergent enterprise-wide initiatives. We’re focused on creating business value and are seeking like-minded professionals to join our team!
Tasks and Responsibilities:
The Enterprise Cybersecurity Architecture and Engineering team (ECA for short) is responsible for creating effective and efficient controls and control patterns, improving existing controls, and creating security policies and standards to enable the corporation to conduct business at an appropriate level of risk. The team partners with Information Technology to establish controls for new technologies as well as for new and existing business systems and relationships. In addition to these duties, this new position will be supporting our WAF deployments to defend both on-prem and cloud-based resources.
What we expect:
You should have experience working within a dynamic, large business environment protecting diverse systems through WAF configurations, designing security controls, and documenting security standards and policies. You should also be effective in establishing and managing constructive, positive relationships and in communicating in both verbal and written form. A high degree of self-motivation and problem solving with the ability to manage multiple initiatives in parallel is essential. As part of ECA, your primary responsibilities are:
Required skills, abilities, and certifications
- Maintain and deploy WAF and AWAF infrastructure through on premise and cloud based WAF implementations.
- Create secure architectural designs with documented and measurable controls.
- Develop technical solutions and identify industry best practice or innovative implementations to mitigate security vulnerabilities.
- Automate repeatable tasks through workflow and development methods.
- Document controls and processes.
- Partner with teammates and other security teams to research, assess, and recommend improvements to control environments.
- Assist to develop Information Security Standards.
- Research technologies and solutions to securely deploy technologies to meet the needs of the organization.
- Solve complex problems with many variables.
- Provide high-level support and technical expertise in software technology to others within Information Security, including software development, secure coding, network architecture, authentication practices, and security administration.
- Periodically participate in incident response teams to assist in analyzing, containing, and coordinating technical elements of response.
- Occasional after-hours responsibilities.
Let’s talk about you:
- Three or more years in WAF assessment, deployment, maintenance, and migration.
- Five or more years in combined information technology / information security experience.
- Experience scripting and/or programming (shell, ruby, python, perl, java, c, etc.).
- Experience with enterprise full packet capture solutions.
- Technical experience in security control design and engineering across multiple technologies such as network design, network engineering, firewalls, web proxies, access control, IDS/IPS, DRM, middleware, endpoint security, VPNs, SIEM tools, NetFlow Tools, and DLP controls.
- Windows and UNIX operating system knowledge including network connectivity, security, and use of system tools and utilities.
- Strong analytical, interpersonal, and communication skills.
- Strong curiosity, initiative, willingness to experiment, and persistence in providing solutions to tough technical challenges.
- A Bachelor’s Degree in a technical field such as computer science or information technology or equivalent work experience.
- Experience in securing cloud infrastructure.
- Information security experience in the financial services industry is a plus.
- lead by example?
- have experience inspiring and maximizing others’ efforts?
- leverage your own technical expertise to inform and guide others?
- enjoy collaborating with and influencing others to achieve the right outcomes?
- get excited to work on implementing leading-edge solutions against enterprise challenges?
- demonstrate persistence in reaching goals in the face of adversity?
- function as team player who isn’t afraid to challenge the status quo?
- want to work on a team where your input matters?
- think in terms of confidentiality, integrity, and availability?
- excel in learning things quickly and thoroughly?
- transform ambiguity into focused, productive, impactful outcomes?
- love to get things done, the right way, the first time?
If you think systematically, achieve purposefully, speak diplomatically, and act with integrity, Our Enterprise Information Security (EIS) Team can’t wait to hear from you!