US Citizen's and those authorized to work in the US are encouraged to apply. We are unable to sponsor at this time.
Perform day to day engineering duties related to Firewall, Proxy, VPN and Endpoint Security. Engineer solutions for business requests, test new hardware/software in lab environment and deploy to Production environment.
This position is responsible for Cyber Defense technologies and related services used to mitigate the organization's exposure to Advanced Persistent Threats (APT), Advanced Evasion Techniques (AET), hacktivism, cyber-crime, other forms of online attacks and unauthorized access targeting the financial services industry.
Position is responsible for engineering of technology supporting use in the following Information Security Services:
Perform the day to day engineering, management and administration to protect the confidentiality, integrity, and availability of information assets and technology infrastructures of the organization using one or more of the following technologies ;
Program activities include:
1.Implement changes that adhere to the network security architecture that includes distinct zones to separate internal, external, and DMZ traffic segments to limit impact, should a security incident occur
2.Continually maintain and enhance the Banks security through the use of risk mitigation tools and techniques in order to enable secure integrated information systems that support the customers, clients, and Banks financial growth.
3.Participate as an active member in technical team to recommend and implement effective security configurations.
4.Participate in the change management process to ensure that firewall, web proxy, and other perimeter security tools enforce network security architecture decisions
5.Administer process and tools to detect, remove and defend against malicious software
6.Administer processes and tools that only permits trusted software to run on a device (whitelisting)
7.Administer processes and tools to prevent certain software from running on a device (blacklisting)
8.Administer processes and tools to identity unauthorized changes to secure configurations
9.Administer processes and tools to encrypt sensitive data
Knowledge of data security practices and procedures.
*Knowledge of database administration, programming, and systems analysis procedures.
*Knowledge of risk management standards and procedures.
*Thorough knowledge of database software and operating systems.
*Proven ability to develop and implement information security strategies in large, complex organizations
*Highly effective in developing and communicating audience appropriate information to technical, management, and executive audiences
*Proven ability to anticipate and lead the response to cyber threats, attacks and vulnerabilities
*Ability to lead and perform risk analysis for vulnerabilities, incidents and change management requests
*Proven ability to quickly analyze large amounts of often conflicting data and make sound decisions in extremely stressful situations
*Proven ability to build and maintain strong enterprise relationships with internal and external teams/resources
*Prior experience that includes successful design, implementation and operation of enterprise information security service capabilities and functions in large scale, technically complex organizations
*Experience with large and complex technical infrastructure networks
*Strong knowledge of various platform technologies including internet, network, distributed systems, desktop computing, voice, and threat management technologies
*In depth experience with enterprise security controls including malware, protection, firewalls, intrusion detection systems, content filtering, internet proxies, encryption controls, and log management solutions
*In-depth understanding of TCP/IP networking, including routers, switches, public/private networks, internet protocol security (IPSec), and virtual private networks (VPN) and Unix experience
*Demonstrated Advanced knowledge with Packet Capture and analysis
*Ability to work as part of a team and independently with limited supervision
*Ability to prioritize work and meet deadlines
Firewalls, McAfee, Web Gateway, VPN, User VPN, Cisco, Palo Alto, Fortinet
Vaco - Raleigh