Senior Security Engineer

  • Full-Time
  • Cedar Rapids, IA
  • QCR Holdings, Inc.
  • Posted 3 years ago – Accepting applications
Job Description

JOB DEFINITION SUMMARY

The Senior Security Engineer is responsible for designing, implementing, and continually improving the security solutions identified in the organization’s security program to ensure that all information assets and associated technology, applications, systems, infrastructure and processes are adequately protected in the digital ecosystem in which the organization operates. The Senior Security Engineer will be responsible for day-to-day security operations including supporting and maintaining a wide range of information security products that monitor and provide compliance across the digital assets owned, controlled and/or processed by the organization. The Senior Security Engineer will take direction from the Chief Information Security Officer and will work jointly with other Security Analysts & Engineers along with other operational teams and Enterprise Architects to coordinate, facilitate and effectively implement the compliance of the organization’s security policies and procedures.

The Senior Security Engineer must be knowledgeable with the operation, maintenance and functionality of firewalls and endpoint security systems. The ideal candidate is dedicated and passionate about cyber security technologies and is constantly learning and evolving to have awareness of current hacking techniques and cybercrime and keeps pace with the industry’s latest trends to address these threats. This position requires a demonstrated track record of competency in cyber security design, engineering and operations with five to seven years of relevant experience preferably in a financial services, insurance, healthcare or a highly regulated environment.

ESSENTIAL DUTIES

· Develop and engineer secure, trusted systems to ensure appropriate confidentiality, integrity, availability, safety, privacy and recovery of digital assets owned, controlled and/or processed by the organization including custom or third-party solutions evaluation, selection, and implementation.

· Develop and support secure network solutions to protect against advanced persistent threats.

· Plan, implement, manage, monitor and upgrade security measures to protect QCRH data, systems and networks

· Perform and/or coordinate/manage third-party assessments and penetration testing to measure the effectiveness of the organizations cyber security program.

· Manage security technology and audit/intrusion systems that consist of Cisco, Microsoft and other security solutions related to VPNs, Data Loss Prevention, IDS/IPS, Web-Proxy, Security Audits and more.

· Responsible for assigned administrative tasks, reporting and communication with the relevant departments in the organization.

· Troubleshoot and remediate issues associated to the organizations security and network, including handling any system breaches.

· Participate in the change management process to forecast the effects of change through potential scenarios and the security consequences on information resource changes.

· Test and identify network and system vulnerabilities to determine potential vulnerabilities that could be leveraged by a threat source and address identified issues accordingly.

· Identify and respond to threats including the characterization and attribution of threats, creation and sharing of situational awareness, and the development of mitigation strategies.

· Work with vendor management, and risk to ensure that information security requirements are included in new or renewed contracts to manage third party risk.

· Understand and interact with key stakeholders to ensure the consistent application of policies and standards across all technology projects, systems and services – including privacy, risk, audit and compliance and business continuity management

· Provide clear risk mitigating directives for projects with digital technology components including the application of controls.

· Create and manage a unified and flexible control framework to integrate and normalize the wide variety and ever-changing requirements resulting from global laws, standards and regulations.

· Develop and maintain a document framework of continuously up-to-date information security policies, standards and guidelines. Oversee the approval and publication of the information security policies and processes.

· Create and maintain a framework for roles and responsibilities regarding information and master data ownership, classification, accountability and protection of digital assets.

· Build and nurture external networks consisting of industry and peers, partners, vendors and other relevant parties to stay up-to-date on best practices to address common trends, findings, incidents, and cybersecurity risks.

· Partner with the enterprise architecture team to develop security architecture standards and to ensure alignment between security and the enterprise architecture framework as a whole.

· Other duties as assigned by CISO

REQUIREMENTS AND QUALIFICATIONS:

· BA/BS degree with a minimum of five to seven years of experience in a combination of information security and IT

· Professional security certifications are desirable, such as Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), Certified Cloud Security Professional (CCSP), Certified Cloud Security Professional (CCSP), or other similar security related certifications

· Technical security solution certifications are desirable including Cisco Certified Network Professional - Security (CCNP Security), Cisco Certified CyberOps Professional, and Microsoft 365 Certified: Security Administrator Associate

· Experience in cloud and co-location data center security will be a significant advantage. Microsoft Azure experience will be highly desirable

· Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to speak clearly and concisely on cybersecurity strategy and policy, as well as to be able to convey technical information to individuals of different levels of technical comprehension, ranging from senior management to technical experts

· Fundamental Computer Forensics skills to effectively protect organizations' digital assets and prevent security breaches

· Understanding of regulatory and compliance specification relevant to FFIEC, PCI-DSS, SOC ½ and SOX is desirable

· Strong knowledge of web, mobile, and/or desktop application security vulnerabilities and countermeasures, including the OWASP Top 10

· Experience working with products in the following categories (Enterprise password vaults, Vulnerability scanning and management(Tenable), SIEM (AlienVault etc.), PKI, Application control, Network micro-segmentation, Cloud Security, O365, Azure AD, Manage Azure identities and governance, Identity and Access Management

· Experience working with CISCO Firepower 2120 Threat Defense, CISCO Firepower Management Center for VMware, CISCO ISE, ISCO Stealth Watch, CISCO Umbrella, CISCO AnyConnect Endpoint, CISCO AMP Endpoint

· Ability to distil complex security threats and risks into simple terms for non-security (and even non-technical) stakeholders

· Development experience sufficient to automate repetitive tasks and scale your impact.

· Experience securing networks and infrastructure through firewall design, network segmentation and access (VPNs etc.)

· A desire to learn and self-educate to stay current on best practices and emerging industry trends

· Knowledge of the latest trends and awareness of current hacking techniques and cybercrime

· Knowledge of hacking to know how systems could be breached, and in turn, create effective solutions to prevent attacks

· Highly vigilant and detail-oriented to effectively detect vulnerabilities and risks and quickly identify concerns and implement real-time security solutions to solve and address issues and complications before they expand

· Up-to-date knowledge of information security risk management and cybersecurity technologies, methodologies, and trends in both business and IT

· Proven track record and experience in successfully executing programs that meet the objectives of excellence in a dynamic and highly matrixed business environment

· Strong analytical and problem-solving skills with a proven ability to make decisions and lead through high-pressure, high-stress situations

· Knowledge of common information security and service management frameworks, such as ISO/IEC 27001, ITIL/ITSM, COBIT/ISACA, Cloud Security Alliance as well as those from NIST, including 800-53 and Cybersecurity Control Framework will be a real advantage

· Strong track record of sound judgement and professionally handling highly confidential and sensitive matters

· Experience with ITIL processes highly preferred

· Knowledge and understanding of the relevant legal and regulatory requirements for the Financial and Banking Industry, preferred

Job Type: Full-time

Pay: From $75,000.00 per year

Benefits:

  • 401(k)
  • 401(k) matching
  • Dental insurance
  • Disability insurance
  • Employee assistance program
  • Employee discount
  • Flexible schedule
  • Flexible spending account
  • Health insurance
  • Health savings account
  • Life insurance
  • Paid time off
  • Parental leave
  • Professional development assistance
  • Referral program
  • Tuition reimbursement
  • Vision insurance

Schedule:

  • Day shift
Apply to this Job