OverviewThe cybersecurity engineer has a dual role in the Bank: a responsibility for architecting, building, and maintaining secure environments and applications that are designed to protect the Bank's networks, data and digital assets from risk. In addition, a responsibility for monitoring, detecting, and responding to security related risks. Their primary focus is strengthening defenses, identifying vulnerabilities and weaknesses, responding to threats, and implementing measures to continually strengthen the Banks security posture.
Responsibilities- Threat Hunting, Monitoring, Detection, and Response:
- Monitor security alerts and dashboards (SIEM, Vulnerability Management, , etc.) for suspicious activity.
- Triage and respond to security incidents. Escalate to senior analysts or the incident response team when necessary.
- Investigate and document security observations/incidents, ensuring resolution.
- Analyze logs, network traffic, and endpoint activity for signs for malicious behavior.
- Perform regular vulnerability assessments and prioritize risk within the network, system, and applications.
- Create formal incidents and support the investigation of such incidents.
- Conduct Security Assessments: Perform regular security audits, vulnerability assessments, and penetration testing to identify and mitigate potential risks.
- Correlate telemetry data from security systems to identity cyber threats, risk patterns, and control weaknesses.
- System & Security Application Administration:
- Implementation, secure configuration, and ongoing management of the Bank's security environments and applications. Examples of systems/functions a Cyber Security Engineer may be responsible for are firewall management, IDS/IPS, perimeter security, protective DNS, vulnerability detection/response, secure email and spam protection, application whitelisting, remote access, etc.).
- Server ownership - building, hardening, securing, and ongoing management of assigned server assets.
- Identifying and mitigating vulnerabilities on assigned assets.
- Ensures assigned systems and required data is backed up successfully.
- Ensures adherence to IT security control requirements.
- Security Application ownership
- Effective configuration of application functionality, detection, and mitigation abilities.
- Identifying and mitigating vulnerabilities on assigned applications.
- Review system, application, and security logs across assigned systems to ensure that all are functional and secure.
- Manages and leverages third party vendor relationships as required.
- Participates in the planning and execution of the Business Continuity and Disaster Recovery Plan.
- Ensures assigned systems and applications are prepared for planned or unplanned DR failover.
- Manages and communicates system and applications changes using the change management process.
- Track and understand emerging security practices and threats. Leverage this knowledge to improve security configurations across the enterprise and hunt for potential or active threats.
RequirementsEducation
- Bachelor's Degree in computer science, information systems or equivalent work experience is required
Work Experience
- Experience managing and securing Microsoft Windows or Linux is is required
- 5+ years experience supporting security components and applying security best practices across an enterprise application/network infrastructure is required
Knowledge, Skills, and Abilities
- Working knowledge of IT security controls and how to manage their effectiveness.
- Strong understanding of cybersecurity protocols, including intrusion detection systems, firewalls, patch management, and vulnerability management.
- Formal technical training on Microsoft technologies, Network Operating Systems and Internet perimeter components required.
- Working knowledge of CIS Top 18 Controls or alternative security frameworks.
- Certified Information Systems Security Professional (CISSP) desired but not required.
- An ability to perform independent analysis of complex problems and distill relevant findings and root causes
- Must possess excellent analytical, organizational and documentation skills.
- Experience analyzing and interpreting alert notifications from organizations such as FS-ISAC and CERN
Licenses and Certifications
- Industry standard certification required in a technical discipline to include one of the following Network Operating System (Microsoft), or Network infrastructure, or Information Security. Required
Expected Pay RangeThe expected annual pay range for this role is $76,463 to $135,731. This pay range is the annual salary we in good faith expect to pay for this role at the time of posting. Actual compensation paid may fluctuate higher or lower than the posted range and the range may be modified in the future due to several factors including, but not limited to, relevant experience, certifications, and qualifications, internal equity, adjustments to the requirements and responsibilities of the job, business needs, and economic and market data.