This job is responsible for supporting multiple security engineering efforts to deliver enterprise security capabilities. Key responsibilities include serving as a subject matter expert of security technology, overseeing major engineering milestones including the design, development, and implementation of systems, and reporting on key metrics. Job expectations include executing on engineering initiatives, partnering with cross-functional teams, solving complex issues within one or more security domains, and mentoring team members.
Responsibilities:
- Serves as a subject matter expert for one or more engineering initiatives
- Designs, develops, and implements systems to contribute to the protection of system boundaries, harden computer systems and network devices against attacks, and secure sensitive data
- Drives complex technical information security projects to ensure on-time delivery and identifies and raises risks and potential vulnerabilities at all stages of the security engineering process
- Leverages broad knowledge of information security technologies, techniques, and processes and prepares to grow knowledge within one or more security-engineering domains
- Leads the identification, definition, and documentation of system security requirements
- Leads work efforts with a diverse set of stakeholders with varying priorities to debate and negotiate paths forward
- Drives the development and execution of test plans to produce quantitative results and thinks outside the box to develop and implement multiple solutions to complex problems
Qualifications:
- Knowledge of scripting languages (e.g. Powershell, Python, Perl, JavaScript)
- Knowledge with Data at rest crypto, i.e - Key Management/Lifecycle
- Strong understanding of key exchange protocols and message authentication codes, along with practical implementation experience.
- Familiarity with modern security protocols such as TLS and SSH.
- Deep knowledge of Post Quantum Cryptography and its implications on system security and encryption.
- Familiarity with NIST, ISO, PCI-DSS standards
- Knowledge Cloud Service Providers and key protection
- Excellent communication skills, with the ability to effectively convey complex cryptographic concepts to both technical and non-technical stakeholders.
- Strong analytical and problem-solving abilities, with a keen attention to detail.
- Proven ability to work collaboratively in a team-oriented environment.
- Experience working with an Agile delivery team
- Understanding of production system management
- Experience with managing risk, security, and other compliance deliverables
- Experience with assisting with audit exams and risk assessments for the applications.
- Experience working closely with vendors for vendor applications to ensure their applications meet bank requirements.
- Interface with technology infrastructure teams for infrastructure requirements like requests for additional storage
Skills:
- Influence
- Result Orientation
- Solution Design
- Stakeholder Management
- Technical Strategy Development
- Access and Identity Management
- Critical Thinking
- Cyber Security
- Information Systems Management
- Risk Management
- Collaboration
- DevOps Practices
- Financial Management
- Solution Delivery Process
- Test Engineering
1st shift (United States of America)