Avp, Information Security Perimeter Defense Analyst

Synchrony Financial Kettering , OH 45429

Posted 2 weeks ago

Job Description:

Role Summary/Purpose:

Perimeter Defense Analyst will focus primarily on the analysis and implementation of firewall and proxy policy and the identification, tracking and remediation of risks related to network security infrastructure.

Essential Responsibilities:

  • Responsible for management/design/governance around the Firewall and Proxy technology listed here: Cisco ASA Policy, VMware NSX DFW and ESG Policy, Akamai Web Application Firewall Policy, Amazon AWS Security Groups, Palo Alto Firewall Policy, and BlueCoat Policy.

  • Analyze Firewall Rule and Web Proxy Policy configuration to ensure continued compliance and operational effectiveness and efficiency. (NICE K0135)

  • Implement security compliance strategies including: (NICE A0035)

  • Review and understand traffic patterns as reported by logs (NICE T0154)

  • Evaluate and document the needs for new firewall/proxy rules (NICE S0185)

  • Draft proposed rules for implementation (NICE S0097)

  • Demonstrable ability to discuss with other IT personnel who as less network-savvy the development of a least-privilege firewall security rulebase fitting the requirements of their application, identifying access that may be excessive or not compliant with existing Company Policies, Standards, best practices and guidance (NICE A0064)

  • Monitor usage of the new and existing rules to identify need for additional rule adjustments and make recommendations, review impact and submit changes in support of the elimination of unused/stale rules (NICE T0154 and NICE S0304)

Work with the Perimeter Defense Lead, the business, network and other IT teams that are proposing changes that impact Synchrony network security controls to ensure that the teams follow defined security standards.

  • Support incoming security requests including:

  • Gain knowledge of the security posture of the organization and be able to identify and escalate to management if incoming requests appear to be non-compliant with existing standards, guidelines and/or best practices. (NICE T0079)

  • Develop and Implement solutions that conform to existing standards, guidelines and best practices. (NICE A0033)

  • Identify and evaluate, if necessary, alternative solutions weighing the risks of the solutions and make recommendations to management (NICE T0106)

  • Perform firewall rule and proxy policy periodic review activities ensuring appropriate owner's evidenced approvals and perform remediation activities while ensuring no business impact (NICE T0904)

  • Perform cybersecurity defense incident triage, to include determining scope, urgency, and potential impact; identify the specific vulnerability; and make recommendations that enable expeditious remediation (NICE T0163)

  • Develop and utilize metrics to track the performance and efficiency of security operations requests processes, remediation efforts, and associated technologies (NICE T0975)

  • Identify potential process improvement projects and serve as a change agent (NICE S0296)

  • Ensure that expectations are met and ensure high customer satisfaction levels through established metrics against SLAs (NICE T0349)

  • Design SIEM/Splunk queries to provide insight into operational effectiveness and help identify risks/threats. (NICE S0004)

  • Support the design and implementation of procedures and controls necessary to ensure and protect the safety and security of all information systems assets, including prevention of intentional or inadvertent access, modification, disclosure, or destruction (NICE A0034)

  • Collaborate with management in developing technical directions, setting objectives, and setting realistic and challenging goals (NICE T0001)

  • Perform other duties and/or special projects as assigned

Qualifications/Requirements:

  • Bachelor's degree and a minimum 2 years of work experience or Computer Science, Information Technology or related field OR in in lieu of a degree, a High School Diploma/GED and minimum 4 years equivalent work experience

  • A minimum of 3 years of experience in Information Technology, Information Security Operations, Information Assurance, and IT Auditing

  • Minimum of 2 years' experience working in a large, complex network environment.

  • Minimum of 2 year of working knowledge of Enterprise firewall access list management, Web Proxy technology, routers, switches, VPNs, routing, network address translation, PAC files and DNS, and CDNs (NICE K0001)

Desired Characteristics:

  • Results driven, strategic, conceptual, and innovative thinker

  • Must have strong verbal and written communication skills (NICE A0014)

  • Highly analytical, detail-oriented, and strong problem solving with a common sense approach to resolving problems (NICE T0207)

  • Expertise to clearly define complex issues despite incomplete or ambiguous information (NICE A0080)

  • Prior security operations experience and/or experience working with the following firewall/proxy technology: VMware NSX DFW and ESG Policy, Akamai WAF Policy, Amazon AWS Security Groups, Cisco ASA Policy, PaloAlto Firewall Policy, BlueCoat Policy (NICE S0084)

  • Experience working with SIEM tools such as Splunk and ability to develop your own Splunk query (NICE A0159)

  • One or more relevant security certifications (CISSP, CCNA, CCNE, CISM, etc.) (NICE K0001)

  • Experience working in a regulatory environment

  • Proficient with any scripting language such as Python, Powershell, or Rest and experience using these languages to assist in the management or automation laborious/repetitive work (NICE S0130)

  • Excellent consulting skills and superior ability to develop and maintain effective client relationships (NICE A0011)

  • Ability to work independently as well as part of a team (NICE A0098)

Eligibility Requirements:

  • You must be 18 years or older

  • You must have a high school diploma or equivalent

  • You must be willing to take a drug test, submit to a background investigation and submit fingerprints as part of the onboarding process

  • You must be able to satisfy the requirements of Section 19 of the Federal Deposit Insurance Act.

  • New hires (Level 4-7) must have 9 months of continuous service with the company before they are eligible to post on other roles. Once this new hire time in position requirement is met, the associate will have a minimum 6 months' time in position before they can post for future non-exempt roles. Employees, level 8 or greater, must have at least 24 months' time in position before they can post. All internal employees must have at least a "consistently meets expectations" performance rating and have approval from your manager to post (or the approval of your manager and HR if you don't meet the time in position or performance requirement).

Legal authorization to work in the U.S. is required. We will not sponsor individuals for employment visas, now or in the future, for this job opening.

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status.

Reasonable Accommodation Notice:

  • Federal law requires employers to provide reasonable accommodation to qualified individuals with disabilities. Please tell us if you require a reasonable accommodation to apply for a job or to perform your job. Examples of reasonable accommodation include making a change to the application process or work procedures, providing documents in an alternate format, using a sign language interpreter, or using specialized equipment.

  • If you need special accommodations, please call our Career Support Line so that we can discuss your specific situation. We can be reached at 1-866-301-5627. Representatives are available from 8am 5pm Monday to Friday, Central Standard Time.

The salary range for this position is 60,000.00 - 130,000.00 USD Annual

Salaries are adjusted according to market in CA and Metro NY and some positions are bonus eligible.

Grade/Level: 10

Job Family Group:

Information Technology


icon no score

See how you match
to the job

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon
lc_ad

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Avp Email Security Engineer

Synchrony Financial

Posted 2 days ago

VIEW JOBS 4/16/2019 12:00:00 AM 2019-07-15T00:00 Job Description: Role Summary/Purpose: The email security engineer is responsible to provide troubleshooting, maintenance, and configuration for Symantec Mail Gateways and Proofpoint email solutions. The engineer will collaborate with internal teams to provide a secure and resilient email platform and reduce risk presented by fraudulent or malicious email. Essential Responsibilities: * Administration of Symantec Mail Gateways, Proofpoint, and Email Fraud Defense * Identification and resolution of incidents impacting email * Maintaining ACL, configuration, and policies * Support and assist the SOC and CIRT with security incidents and to design new policies to identify and mitigate risk * Participate in providing documentation to ensure a well-managed and mature security infrastructure * Perform other duties and/or special projects as assigned Qualifications/Requirements: * Bachelor's degree in Computer Science/Engineering or related field, with a minimum of 3 years of experience in Information Technology; OR 2) In lieu of the Bachelor's degree, a minimum of 7 years of experience in Information Technology * Minimum 3 years of previous mail gateway experience * Experience configuring email and authentication (SMTP, SPF, DKIM, DMARC, DNS) * Troubleshooting email in large and complex environments Desired Characteristics: * Familiarity with Symantec Mail Gateway * Previous Proofpoint administration * Understanding of network, protocols, troubleshooting * O365 migration experience * Good understanding of security landscape as a whole * Creativity and individual thinking, and the ability to work both with a team and unsupervised * Strong and efficient problem-solving and analytical skills * Willingness to learn * Ability to work under pressure and sustain productivity with multiple simultaneous projects * Familiarity with problem and incident management, change management, notifications, and basic operational understanding of running and maintaining infrastructure * Good teamwork, oral and written communication Eligibility Requirements: * You must be 18 years or older * You must have a high school diploma or equivalent * You must be willing to take a drug test, submit to a background investigation and submit fingerprints as part of the onboarding process * You must be able to satisfy the requirements of Section 19 of the Federal Deposit Insurance Act. * New hires (Level 4-7) must have 9 months of continuous service with the company before they are eligible to post on other roles. Once this new hire time in position requirement is met, the associate will have a minimum 6 months' time in position before they can post for future non-exempt roles. Employees, level 8 or greater, must have at least 24 months' time in position before they can post. All internal employees must have at least a "consistently meets expectations" performance rating and have approval from your manager to post (or the approval of your manager and HR if you don't meet the time in position or performance requirement). Legal authorization to work in the U.S. is required. We will not sponsor individuals for employment visas, now or in the future, for this job opening. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status. Reasonable Accommodation Notice: * Federal law requires employers to provide reasonable accommodation to qualified individuals with disabilities. Please tell us if you require a reasonable accommodation to apply for a job or to perform your job. Examples of reasonable accommodation include making a change to the application process or work procedures, providing documents in an alternate format, using a sign language interpreter, or using specialized equipment. * If you need special accommodations, please call our Career Support Line so that we can discuss your specific situation. We can be reached at 1-866-301-5627. Representatives are available from 8am – 5pm Monday to Friday, Central Standard Time. The salary range for this position is 60,000.00 - 130,000.00 USD Annual Salaries are adjusted according to market in CA and Metro NY and some positions are bonus eligible. Grade/Level: 10 Job Family Group: Information Technology Synchrony Financial Kettering OH

Avp, Information Security Perimeter Defense Analyst

Synchrony Financial