Cyber Security Engineer III
Role details
Job location
Tech stack
Job description
- Proactively hunt for IOCs and IOAs across endpoints, networks, and cloud environments
- Develop hypotheses based on attacker tactics and techniques and use behavioral analysis to identify anomalous patterns related to authentication and access
- Collaborate with team members to investigate suspicious activity
- Perform Incident Response and event management, including Incident remediation protocol, lessons learned, and process improvement/efficiency
- Perform Intrusion prevention, administration of Information Security IPS systems, phishing monitoring and anti-phishing practices
- Handle remote access maintenance, administration and configuration
- Participate in the Internet Monitoring process in addition to Data Loss Prevention
- Perform Firewall administration, policy configuration and management of web application firewalls, VPN configuration and administration
- Perform Anti-virus anti-malware system maintenance and best practices configuration
- Perform Internal customer service related to access requests, troubleshooting, and problem resolution
- Promote awareness of applicable security standards, policy, and best practices across the Bank
- Perform other duties as assigned
Requirements
- Strong knowledge of Firewall, WAF, Virtual Private Network and Remote Access systems administration
- Strong knowledge of Internet Monitoring and Vulnerability Management systems
- Strong ability to administer IPS/IDS, SIEM technologies, Anti-Virus, and Data Loss Prevention systems
- Ability to work with threat intelligence, developing proactive best practices, monitoring and alerting, and remediation
- Strong project management skills or experience working within Information Security project implementations
- Motivated and organized self-starter with strong attention to detail and the ability to manage multiple priorities.
- Inquisitive, agile and strong team player with excellent written, verbal and interpersonal communication skills.
- Ability to remain adaptable and resilient to all situations with an optimistic outlook and cast a positive shadow that is aligned with our culture and Core Values.
- Intermediate level proficiency with Microsoft Word, Excel and Outlook, * Bachelor's Degree in Information Systems, Computer Science, Information Security, related field or equivalent combination of education and experience required
- 5+ years IT security or information security experience with ability to engage with internal customers and management required
- 5+ years experience conducting incident response remediation and process protocol required
- 5+ years experience in administering firewall, WAF, and Virtual private network systems/appliances required
- Windows and Linux workstation, server administration, and scripting experience required
- Prior experience working within a financial services organization preferred
- Certified Information Systems Security Professional (CISSP), or related certification preferred
*Remote Schedule: In office 1 day per week
**Must be eligible to work in the US without sponsorship now or in the future
***For individuals applying, assigned and/or hired to work in areas with pay transparency requirements, Commerce is required by law to include a reasonable estimate of the compensation range for some roles. This compensation range is for the Cyber Security Engineer III job and contemplates a wide range of factors that are considered in making compensation decisions, including but not limited to location, skill sets, education, relevant experience and training, licensure and certifications, and other business and organizational needs. The disclosed range estimate has not been adjusted for any applicable differentials (geographic, bilingual, or shift) that could be associated with the position or where it is filled. At Commerce, compensation decisions are dependent on the facts and circumstances of each situation. A reasonable estimate of the current base pay is $44.70 to $52.40 per hour. This position will be eligible for additional compensation through performance-based incentive plan(s) that will correspond to meeting performance goals.