Description:
Full Stack Security Engineer
The Full Stack Security Engineer is a key resource within the Corporate Security and Resilience (CS&R) Security Engineering and Architecture (SEA) team. In this role, you are the subject matter expert (SME) who, through independent project engagements and collaboration with internal and external partners, will secure next generation digital Banking and Mortgage solutions. This includes, but is not limited to, critical technologies and capabilities like consumer Banking and Mortgage platforms, commercial Banking and Mortgage platforms, middleware platforms, CI/CD platforms, API driven orchestration and business-centric platforms.
You will be responsible for security engineering activities and helping ensure that security is "built into" the organization's core digital Banking and Mortgage applications and platforms throughout the application and capability lifecycle. You will support critical security activities between CS&R and technology delivery teams and will participate in agile/DevOps project work streams as a security SME representing and engineering digital Banking and Mortgage security solutions. You will also analyze, design, propose and help deliver modernized technology solutions that are appropriate for next generation Banking and Mortgage applications.
This Full Stack Security Engineer maintains current knowledge of modernized computing paradigms, automation/orchestration frameworks, virtualization platforms, security threats and recommends security enhancements and purchases that allow Citizens Bank to deliver the most secure and robust digital Banking and Mortgage applications deployed within the organization and within the cloud.
Responsibilities Include:
• Gaining a comprehensive understanding of the company's digital Banking and Mortgage technology and information systems and capabilities.
• Participation in Agile meetings and timely delivery of project-related artifacts.
• Working on significant and unique issues where analysis of situations or data requires an evaluation of intangibles. Candidate should exercise independent judgment in methods, techniques and evaluation criteria for obtaining results.
• Deployment and configuration of complex applications throughout the project and secure software development lifecycle. Project delivery work may include delivery of AWS solutions, CI/CD tool sets, automation/orchestration platforms, micro-services, cryptographic safeguards, J2E platform software, and deployment of software artifacts, web server setup and configuration, coordination of network and database connectivity.
• Integration of internally developed components (API's, web services, broker services, MQ and Data Power artifacts).
• Remediation of vulnerabilities, close coordination with project testing teams for performance analysis, creation of documentation, and knowledge transfer to support staff.
• Providing guidance and recommendations related to digital security engineering efforts and lead proof of concept (POC) projects.
• Leading in the development and providing guidance during security architecture design activities of new and existing applications.
• Researching and evaluating proposed digital security and business solutions for adherence to documented company standards, policies and regulatory responsibilities.
• Acting as a security SME with regards to strengths and weaknesses of security capabilities and being able to recommend improvements to both software and hardware.
• Assessing emerging digital Banking and Mortgage security technologies against security architecture standards to determine where they fill gaps, overlap with existing solutions or extend capabilities.
Location is not a barrier for this role and while our preference would be to have a chosen candidate with onsite capabilities in one of our corporate headquarters - we are open to remote employment within the United States for an experienced candidate.
Experience and Skills:
• Proficiency in C/C++ Programming and Bash, Python or other scripting languages.
• Familiarity with Information Security frameworks/standards (i.e. CIS, NIST, RFC2196, etc).
• Experience with internal controls, risk assessments, business process and internal IT control testing or operational auditing
• Demonstrated ability leading programs
• Influencing experience at senior levels within an organization
• Excellent verbal and written communication skills
• Industry experiences in financial services, high-tech, and /or healthcare preferred
Education and Certifications:
• Bachelor's degree ( Degree in Computer Science or Computer Engineering preferred)
• CISSP or other relevant industry certifications (TOGAF, ITIL).
• Knowledge of ISO and NIST security standards preferred
Required Skills : Experience and Skills: • Proficiency in C/C++ Programming and Bash, Python or other scripting languages. • Familiarity with Information Security frameworks/standards (i.e. CIS, NIST, RFC2196, etc). • Experience with internal controls, risk assessments, business process and internal IT control testing or operational auditing • Demonstrated ability leading programs • Influencing experience at senior levels within an organization • Excellent verbal and written communication skills • Industry experiences in financial services, high-tech, and /or healthcare preferred Education and Certifications: • Bachelor's degree ( Degree in Computer Science or Computer Engineering preferred) • CISSP or other relevant industry certifications (TOGAF, ITIL). • Knowledge of ISO and NIST security standards preferred
Basic Qualification :
Additional Skills :
Background Check :Yes
Drug Screen :Yes
Notes :
Selling points for candidate :
Project Verification Info :
Candidate must be your W2 Employee :Yes
Exclusive to Apex :Yes
Face to face interview required :No
Candidate must be local :No
Candidate must be authorized to work without sponsorship ::No
Interview times set :Yes
Type of project :Development/Engineering
Master Job Title :Security Engineer
Branch Code :Boston