Cyber Security Engineer, responsible for helping to define, drive, and deliver major components of the firm’s User Security strategy. Work with the Program leader on complex, multi-million dollar projects that deliver world-class User/Data Protection controls in support of strategy. Knowledge and experience with information security controls, infrastructure and implementation techniques. Demonstrated exceptional organizational and cross-functional communication skills to drive data loss prevention best practices across the Enterprise.
Works with Global Information Security (GIS) senior leaders to assist with defining the strategy and roadmaps for technology products, service standards, and governance routines that impact the global Corporation. Partners with leadership across the firm to design controls, governance routines and service alternatives that improve the firm’s defenses against Insider risks. Directs multiple, major technology teams within Global Technology that research, engineer, test, implement, communicate, monitor, and maintain solutions supporting the Bank’s information security policies and/or procedures. Utilizes in-depth knowledge and business requirements to design & engineer secure solutions to meet customer / client needs or address critical audit findings while protecting the Bank's data assets. Works with the organizational spokesperson/s interacting with othertechnology or business groups to drive adoption of controls that support the strategy. Works independently with assistance, direction and goal setting from the Information SecurityTechnology Senior Manager.
Required Skills & Experience:
- 3-5 years experience within the financial services, 5+ years’ experience in Information Security and/or related technology field.
- Deep experience with Insider Threat as a focus area within Information Security.
- Knowledge of User and Entity Behavior Analytics and associated technologies.
- Familiarity Unstructured Data inspectiontechnology.
- Experience and hands on knowledge with Data Loss Prevention security controls.
- Experience Web Proxy controls.
- Experience with Microsoft Office suite including MS Project and Visio.
- Ability to navigate and work effectively across a complex, geographically dispersed organization.
- Exceptional communication and customer relationship skills.
- Ability to build consensus and cooperation as well as the ability to influence, interact and negotiate with senior leadership in the organization.
- Broad knowledge of change and project management methodologies and principles and the ability to integrate them into project design.
- Broad knowledge of Information Securitytechnologies, techniques and processes.
- Familiarity with Six Sigma tools and vocabulary.
- Experience in managing complex technical projects, meeting target timelines, facilitating project meetings, authoring project documentation, issue resolution, and project resource identification.
- Demonstrated ability to self-direct project outcomes, with minimal supervision to achieve program goals.
- Excellent process design capability to improve overall efficiency, mitigate resource conflicts, and improve customer/client experience.
Desired Skills & Experience:
- Bachelors / Master's degree within an Engineering discipline.
- CCNA, CISSP, CISA or equivalent.
- Familiarity with Data Classification and Information Rights Management concepts and strategies, cloud discovery and encryption, and Data Loss Prevention (DLP) strategies for cloud/SaaS applications.
- Experience across a variety of Information Security and technology disciplines, including infrastructure and applications.
- Six Sigma Green or Black Belt certification.
- Vendor/3rd party management experience.
- Ability to effectively collaborate with leadership to document complex topics into an effective presentation
Enterprise Role Overview:
As an experienced professional, provide advice to client management with regard to moderately complex security issues. Assists in the review, development, testing and implementation of security plans, products and control techniques. Coordinates the reporting data security incidents. Provides technical support to the client and management and staff in risk assessments and implementation of appropriate data security procedures and products. Monitors existing and proposed security standard setting groups. State and Federal legislation and regulations. Identifies and escalates changes that will affect information security policy, standards and procedures. Executes security controls to prevent hackers from infiltrating company information or jeopardizing e-commerce programs. Researches attempted efforts to compromise security protocols. Administers security policies to control access to systems and maintains the company firewall. Works on complex problems where analysis of situations or data requires an in-depth evaluation of various factors. Exercises judgment within broadly defined practices and policies in selecting methods, techniques, and evaluation criterion for obtaining results. Work leadership may be provided by assigning work and resolving problems. Typically 5-7 years of IT experience.
Job number: 17075775