Corporate Information Security Principal Data Scientist

Bb&T Raleigh , NC 27611

Posted 2 weeks ago

Specific information related to the position is outlined below. To apply, click on the button above. You will be required to create an account (or sign in with an existing account). Your account will provide you access to your application information. Need Help?Should you have a disability and need assistance with the application process, please request a reasonable accommodation by emailing BB&T Accessibility or by calling 866-362-6451. This email inbox is monitored for reasonable accommodation requests only. Any other correspondence will not receive a response.Regular or
Temporary:RegularLanguage Fluency: English (Required)Work Shift:
1st shift (United States of America)Please review the following job description:A highly-skilled, principle data scientist, accountable for leading payment security data and delivery of value driven data decisions for banking and the financial industry. This position will provide day-to-day operational monitoring and efficiencies including providing thought leadership and hands-on technical leadership for applying advanced statistical and machine learning algorithms in the security domain. Accountable for researching, designing, and engineering security solutions related to computer/network infrastructure, software applications, business processes, and people, from initial conceptual design to full production.Do you want to work for a top tier financial institution that places value on both character and innovation? This position is will be reporting to the payment security team dedicated to protecting BB&T. Growth mindsets along with solid security evaluation skills are required for this position. If you are a security professional with proven track record then this position may be right for you. The team currently has innovation experts from around the research industry asking questions about how we creatively solve for the security challenges of the next 10 years while dealing with a rapidly changing payment landscape such as real time payments. These positions will assist the team to ensure that security and trust is a key tenant in all solutions.Design, implement, and tune algorithms that leverage numerous data sources to improve the security posture of critical payment systems. Hands-on expertise in algorithm performance tuning, hands-on optimization of analytic compute environments, and hands-on experience with production datasets in excess of 5TB daily. Efficiently utilize a large cluster of analytic servers to drive security solutions towards Subject matter expert with a demonstrated portfolio / track record of applying statistical and machine learning algorithms to derive actionable intelligence from all of the following: * Machine-generated data (Windows/Unix/Linux operating system logs, netflow, pcap, network firewalls, web application firewalls, intrusion detection systems, load balancers, Citrix, VPN logs, multifactor authentications, middleware solutions, web servers, vulnerability scans);* Banking data (electronic payment systems, customer web portals, accounting systems);* Large-scale corporate IT data (ServiceNow, Archer, System Architect); and * Physical security data (photographs, voice recordings, video surveillance, biometric face/fingerprint/iris data, access control logs, etc.)Design data-driven solutions that ensure legal/regulatory/policy compliance for logging, monitoring, privacy, and data protection.Leverage BB&T's corporate investment in security data analysis to provide revenue-generating business value back to core banking operations.Ability to prioritize and direct the security and data-related workflows of a large, matrixed team to quantitatively minimize financial risk to the bank. Serve as organization spokesperson on specialized projects. Act as a prime technical lead on large projects that affect the organization's long-term goals and objectives. Exercise independent judgment in methods, techniques and evaluation criteria for obtaining results. Provide direction and guidance to others in the group. Work under minimal supervision, with general guidance from management. * Lead the development and integration of technologies in support of Corporate Information Security (CIS). * Partner with architecture and strategy teams on the evaluation, testing, selection, and architectural design of new information security technologies and the integration of existing technologies into new use cases. * Develop/invent highly innovative solutions within multiple information security technologies, theories and/or techniques that impact CIS strategy. * Develop security designs for systems and networks with multilevel security requirements. * Maintain awareness of existing and emerging information security technologies, strategies and trends. * Develop risk mitigation plans to resolve vulnerabilities and recommend security changes to systems, as needed. * Develop high level design documents for new technologies. * Lead the development and maintenance of production support and production hand-off documentation and associated processes. * Ensure current-state documentation is accurate and maintained. * Build strong partnerships with senior management to drive adoption of CIS strategy across IT and other functions.Required Skills and Competencies* MS in Computer Science * Strong functional and technical knowledge of information security capabilities with deep expertise in one or more of the following areas: Encryption, Data Security, Application Security, End Point Security, Identity and Access Management, Windows/Unix/Linux Systems Security, Mainframe Security, Perimeter Security, Network Security, Mobility Security, Cloud Security, Cyber Security, Cryptography, or Authentication Systems * Strong functional and technical knowledge of data science capabilities with deep expertise in one of more of the following areas: linear/logistic regression, support vector machines, random forest, principal component analysis, k-means clustering, time series analyses, neural networks * Fifteen-plus years of industry-recognized information technology experience and technical leadership, including at least five years of direct, hands-on experience applying AI/ML algorithms specifically in the cyber security domain. * Five-plus years of coding experience with Python, R, Java, and/or C++* Experience in building cloud-scale systems and experience working with open source stacks for data processing and data science * Experienced with commercial data science tools such as Splunk and Tableau * Intelligence community and law enforcement experience * Certified Information Systems Security Professional (CISSP) certification * Strong understanding of service lifecycle management, strategic planning and the cyber security * Business acumen and effective communication skills * Ability to establish strong relationships with the corresponding technical community * Ability to serve as a visionary concerning future technological capabilities and operational scenarios; ability to create new business models and technologies * Ability to create change * Ability to unify activities within the BB&T technology community, coordinating with other businesses and engineering organizations, as needed * High level of skill in written and verbal communication * Knowledge of financial services industry and all applicable regulations and industry standardsEssential Duties and

Responsibilities:
Following is a summary of the essential functions for this job. Other duties may be performed, both major and minor, which are not mentioned below. Specific activities may change from time to time.1.Lead the development and integration of technologies in support of Corporate Information Security (CIS).2.Partner with architecture and strategy teams on the evaluation, testing, selection, and architectural design of new information security technologies and the integration of existing technologies into new use cases.3.Develop/invent highly innovative solutions within multiple information security technologies, theories and/or techniques that impact CIS strategy.4.Develop security designs for systems and networks with multilevel security requirements.5.Maintain awareness of existing and emerging information security technologies, strategies and trends.6.Develop risk mitigation plans to resolve vulnerabilities and recommend security changes to systems, as needed.7.Develop high level design documents for new technologies.8.Lead the development and maintenance of production support and production hand-off documentation and associated processes.9.Ensure current-state documentation is accurate and maintained.10. Build strong partnerships with senior management to drive adoption of CIS strategy across IT and other functions.11. Demonstrated proficiency in basic computer applications, such as Microsoft Office software products12. Ability to travel, occasionally overnightBB&T is an Equal Opportunity Employer and considers all qualified applicants regardless of race, gender, color, religion, national origin, age, sexual orientation, gender identity, disability, veteran status or other classification protected by law.EEO is the Law Pay Transparency Nondiscrimination Provision E-Verify
icon no score

See how you match
to the job

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon
lc_ad

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Apps Systems Engineer / Information Security

Wells Fargo

Posted 3 days ago

VIEW JOBS 10/20/2019 12:00:00 AM 2020-01-18T00:00 Job Description Important Note: During the application process, ensure your contact information (email and phone number) is up to date and upload your current resume prior to submitting your application for consideration. To participate in some selection activities you will need to respond to an invitation. The invitation can be sent by both email and text message. In order to receive text message invitations, your profile must include a mobile phone number designated as "Personal Cell" or "Cellular" in the contact information of your application. At Wells Fargo, we want to satisfy our customers' financial needs and help them succeed financially. We're looking for talented people who will put our customers at the center of everything we do. Join our diverse and inclusive team where you'll feel valued and inspired to contribute your unique skills and experience. Help us build a better Wells Fargo. It all begins with outstanding talent. It all begins with you. Wells Fargo Technology sets IT strategy; enhances the design, development, and operations of our systems; optimizes the Wells Fargo infrastructure footprint; provides information security; and enables continuous banking access through in-store, online, ATM, and other channels to Wells Fargo's more than 70 million global customers. Wells Fargo Technology's Information Security team is looking for an Applications Systems Engineer (ASE) to join our Cyber Threat Engineering Team (CTE) as part of the Cyber Threat Management (CTM) organization. The position provides technical consultation, support, and custom development for Wells Fargo's incident response, patch & vulnerability reporting tools. Analyzes business requirements, designs and writes technical specifications to create original, and update existing, security control content. Verifies program logic to provide quality assurance by: overseeing the preparation of test data, creating test plans, participating in overall systems testing, and debugging of solutions for CTE, including updating and testing of the business continuation plan. Develops new documentation, procedures, troubleshooting and user guides. Responsible for following work flow processes, reporting, and peer reviews. Is available as an escalation point for application support and troubleshooting, in resolution of escalated production issues or system problems. May provide guidance and direction to less experienced and non-technical team members. The ideal candidate will work with an existing team of content engineers to develop solutions that combat or detect cyber threats that are in existence or emerging. Solutions that supports Wells Fargo's cyber security strategies with regards to vulnerability & exploit research, control gap testing, attack simulation, and proactively identifying indicators of compromise (IOCs) that can help deter cyber-based attacks against Wells Fargo and its business operations and subsidiaries. The person selected will be required to make informed and data driven decision of emerging technologies that can further enhance the platform. Specifically, the position develops custom content, module configurations, and rules, that provide high fidelity information for security event creations and risk mitigation. Content and solutions may include: cross-platform scripts or sensors, data transformation scripts, rules for endpoint detection & response, file integrity monitoring, plus configurations for file indexing, process recording, and compliance. Additionally, partners with CTE infrastructure/operations team to promote content and configurations to test and productions environments. Responsibilities include: 1. Write complex queries to retrieve the system information from all endpoints. 2. Develop scripts (e.g. Bash, PowerShell, Python, Shell, VBScript, or WMI) that will: a. Retrieve specific Windows or Linux/Unix information related to files, running/installed applications, processes, network connections, etc. b. Integrate/interact with other applications and security tools via application program interfaces (API). c. Provide data transform scripts that parses data for formatted output as needed (e.g. JSON, XML, Syslog, etc.) so that data can be ingested into data repositories (e.g. SQL, Splunk, Elastic, MongoDB, InfluxDB, etc.) 3. Create packages that determine installed software and patch levels, or versions, of applications installed on endpoints. 4. Write configuration rules for security tools that will detect and alert on process and/or network behaviors, configuration or file changes, and compliance checks, which should be forwarded for security event creation or further analysis by security operations teams. 5. Engineer Data Processing Flows, languages and standards 6. Produce Functional System Design Documents 7. Document and demonstrate solutions by writing documentation, diagrams and code comments 8. Debug and document existing systems through code analysis 9. DevOps development lifecycle using Agile framework 10. Collaborate effectively with both technical and non-technical stakeholders 11. Ability to handle confidential material in a professional manner Required Qualifications * 5+ years of application development and implementation experience * 3+ years of experience with scripting languages such as Bash, PowerShell, Python, Shell, VBScript, or JavaScript * 1 + years of experience with network security, endpoint security, or security threat vectors * Experience with Waterfall and Agile project methodologies Desired Qualifications * Excellent verbal, written, and interpersonal communication skills * Experience utilizing PowerShell, Bash, Perl, or Python to automate complex manual tasks * Knowledge and understanding of API programming with Perl, XML, REST or JSON * 1+ year of Splunk experience * 1+ year of Agile experience * 1+ year of JIRA experience * Ability to execute in a fast paced, high demand, environment while balancing multiple priorities * Experience working in a large enterprise environment * Experience with change Management * Experience analyzing large data sets * Knowledge and understanding of business requirements gathering and translation to technical requirements * Ability to prioritize work, meet deadlines, achieve goals, and work under pressure in a dynamic and complex environment * Strong analytical skills with high attention to detail and accuracy * Experience with Agile Scrum (Daily Standup, Sprint Planning and Sprint Retrospective meetings) and Kanban * Knowledge and understanding of Splunk * Experience with Security Information and Event Management (SIEM) products * Knowledge and understanding of information security log management system * Experience using the team collaboration software Confluence * Knowledge and understanding of technical documentation: impact analysis, detailed designs and unit test plans * Ability to work effectively, as well as independently, in a team environment * Strong organizational, multi-tasking, and prioritizing skills * Customer service focus with the ability to respond to requests in a timely manner * Ability to present complex material in a digestible, consumable manner to all levels of management Job Expectations * Ability to work additional hours as needed * Ability to work weekends and holidays as needed or scheduled Street Address NC-Winston Salem: 809 W 4 1/2 St - Winston Salem, NC NC-Charlotte: 401 S Tryon St - Charlotte, NC NC-Charlotte: 1525 W Wt Harris Blvd - Charlotte, NC NC-Raleigh: 1100 Corporate Center Dr - Raleigh, NC Disclaimer All offers for employment with Wells Fargo are contingent upon the candidate having successfully completed a criminal background check. Wells Fargo will consider qualified candidates with criminal histories in a manner consistent with the requirements of applicable local, state and Federal law, including Section 19 of the Federal Deposit Insurance Act. Relevant military experience is considered for veterans and transitioning service men and women. Wells Fargo is an Affirmative Action and Equal Opportunity Employer, Minority/Female/Disabled/Veteran/Gender Identity/Sexual Orientation. Wells Fargo Raleigh NC

Corporate Information Security Principal Data Scientist

Bb&T