Information Security Engineer III

This position ensures the technological and digital security of the Bank at a high level of ability and technical expertise. Mitigates exposure to data loss and unauthorized access.

Maintains a strong knowledge of information security data protection industry practices, technology, and evolving data loss techniques in order to enhance defenses for the Banks information systems and resources. May oversee less experienced associates in the work group. Responsibilities • Technical Security – The main responsibility is to administer Data Loss Prevention (DLP) tools and processes that secure assigned technical areas and data.

This role will have expertise in creating and maintaining DLP policies/rules at the enterprise level. Also, required to participate in security audits, identify security data loss gaps, and develop and implement risk mitigation solutions. Ensures compliance with necessary protocols, configurations, and procedures. • Security Expertise

• Maintains current strong knowledge of Data Loss Prevention (DLP) technology. Provides guidance on appropriate data loss protocols.
  
  Leads technical projects and may serve as a resource to other business units. Ensures team members are trained on the DLP policy build and administration. • Analysis

• Identifies and evaluates potential data loss egress channels via email, endpoint, web. Compiles data from multiple sources and creates actionable intelligence based on review of analysis. • Issue Resolution

• Investigates and resolves complex, escalated data loss incidents which may include unauthorized access, disclosure, or exfiltration of sensitive data. • Remote eligible. • The base pay for this position is relative to your experience but the range is generally $114,978.00 to $199,296.00 per year. This position is eligible for variable compensation, which may be in the form of incentive, bonus, or commission pay.
  
  Qualifications Bachelors Degree and 6 years of experience in Systems Engineering, Network, or Information Security OR High School Diploma or GED and 10 years of experience in Systems Engineering, Network, or Information Security Skill(s): Knowledge of data security practices, procedures. monitoring and alert tools (SCCM, SCOM, and Splunk), and risk management standards, Knowledge of Active Directory administration and user provisioning, Domain Name System, Group Policy Objects, New Technology File System permissions, File Shares, SharePoint, Lightweight Directory Access Protocol, data loss prevention technologies, encryption technologies, and single sign on technologies. Knowledge of Identity and Access Management concepts and technologies, Ability to clearly communicate risks, threats, and vulnerabilities identified during assessments. Availability to provide after-hours operational support on a rotational basis, with minimal travel Preferred Qualifications: Experience with Microsoft Purview DLP, Zscaler DLP, Microsoft Defender for Endpoint, Microsoft Defender for Cloud Apps, Broadcom Symantec DLP.