Staff Security Engineer

The Staff Security Engineer works under limited supervision and will perform information security tasks commensurate with their experience that ensure applications and projects meet defined quality standards.

Essential Job Functions:

1. Apply established processes and techniques to identify, validate, and prioritize security risks.
2. Architect and design security control systems to address requirements.
3. Operate and monitor established security controls.
4. Ensure that controls are operating effectively; resolve operating discrepancies.
5. Review, triage, and prioritize control output. Recommend actions to resolve identified security discrepancies.
6. Evaluate and recommend new security technologies, techniques, and tools.
7. Review and help define information security policies, standards, guidelines, and procedures.
8. Monitor and enforce compliance with internal and external regulations, policies, and standards. Recommend strategies to ensure that compliance is effectively monitored and enforced.
9. Lead / Co-lead internal project/program level process improvement initiatives. Provide feedback on processes by offering suggestions.
10. Informally mentor more junior staff.
11. Assist with adherence to technology policies and comply with all security controls.
12. Ensure all work products meets /exceeds FINRA standards.

Education/Experience Requirements:

1. Bachelor’s degree in Computer Science, Information Systems or related discipline with at least three (3) years of related experience, or equivalent training and / or work experience.
2. Experience must include direct experience in more than one of the following areas: securing networks and systems architecture, design and implementation, secure software assurance, intrusion detection, defense and incident response, security configuration management, access controls design and implementation and security policy and standards development.
3. Knowledge of communications protocols.
4. Experience with one or more Cyber Security tools, including: Configuration Assessment, Log Aggregation, Integrity Verification, Web Application Security Testing, Network Access Control System, Network Intrusion prevention systems, and Endpoint Security Solutions.
5. Strong written and verbal technical communication skills.
6. Demonstrated ability to develop effective working relationships that improved the quality of work products.
7. Should be well organized, thorough, and able to handle competing priorities.
8. Ability to maintain focus and develop proficiency in new skills rapidly.
9. Ability to work in a fast paced environment.
10. Solid knowledge of more than one Information Security principle and discipline.

Work Conditions:

1. Work is normally performed in an office environment.
2. Occasional travel and extended hours may be required.

To be considered for this position, please submit an application. Applications are accepted on an ongoing basis.

The information provided above has been designed to indicate the general nature and level of work of the position. It is not a comprehensive inventory of all duties, responsibilities and qualifications required.