Security Engineer - Cybersecurity Infrastructure...
Role details
Job location
Tech stack
Job description
Following is a summary of the essential functions for this job. Other duties may be performed, both major and minor, which are not mentioned below. Specific activities may change from time to time.
-
Designs and implements cybersecurity solutions that protect critical assets within the job area, contributing to the technical design and implementation approach while following established strategies and patterns.
-
Performs threat modeling, security testing, and penetration testing for the platforms and services in scope, using structured analysis to identify and remediate significant vulnerabilities.
-
Integrates and configures information security technologies in production environments, implementing and refining configuration patterns, automation, and handoff steps for assigned systems or services.
-
Serves as a technical escalation point within the team for challenging security issues, investigating root causes and developing practical, reusable fixes that improve team workflows.
-
Evaluates relevant security threats, tools, and design options, and provides input that helps shape technical plans, priorities, and goals for the job area.
-
Collaborates closely with product and engineering teammates to apply security architecture guidance, secure by design practices, and governance controls in day-to-day development activities.
-
Develops and maintains security baselines, guardrails, and control implementations for systems and applications in the area of responsibility, helping support regulatory and policy compliance.
-
Leads the technical execution of incident response and basic forensic activities for services in scope, following playbooks, coordinating tasks with teammates, and suggesting improvements to procedures and tooling.
-
Provides guidance, coaching, and informal training to other security engineers and technical teammates, sharing best practices through design and code reviews and knowledge sharing sessions.
-
Leads significant security engineering workstreams or end-to-end processes within the job area, coordinating contributions from lower level technical professionals and reviewing outputs for quality and alignment.
Requirements
Language Fluency: English (Required)
Work Shift:
1st shift (United States of America)
Please review the following job description:
Come join a growing team that is responsible for the design/engineering/operation of the following foundational infrastructure technology services:
-
Microsoft Active Directory Domain Services
-
Microsoft Active Directory Federation Services (ADFS)
-
Microsoft Active Directory Certificate Services
-
Microsoft DHCP
-
Microsoft DNS
-
Microsoft Entra Connect
-
Microsoft Distributed File System (DFS)
-
Microsoft Key Management Services (KMS)
-
Microsoft Identity Manager (MIM)
-
Microsoft Remote Desktop Licensing (RDL)
-
Symantec product suite
-
Quest product suite
-
Cisco Identity Services Engine (ISE)
For this opportunity: Truist will not sponsor an applicant for work visa status or employment authorization, nor will we offer any immigration-related support for this position (including, but not limited to H-1B, F-1 OPT, F-1 STEM OPT, F-1 CPT, J-1, TN-1 or TN-2, E-3, O-1, or future sponsorship for U.S. lawful permanent residence status.)
This position is office-centric 5 days a week in one of the following offices. (Atlanta/GA, Charlotte/NC, Raleigh/NC, or Wilson, NC.), The requirements listed below are representative of the knowledge, skill and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
-
Bachelor's degree or equivalent education, training, and work-related experience.
-
Minimum of 5 years of experience in security engineering or related cybersecurity roles.
-
Advanced knowledge in cybersecurity principles, theories, and concepts.
-
Proven experience in software development lifecycle security practices.
-
Advanced knowledge of threat modeling, security testing, and penetration testing.
-
Experience implementing and managing complex information security technologies.
Preferred Qualifications
-
Bachelor's degree and six years of experience or an equivalent combination of education and work experience.
-
Banking or financial services experience.
-
Certification Strongly Preferred: ServiceNow's Certified System Administrator (CSA)
-
Knowledge of and experience with the following technology systems and platforms is preferred:
-
Microsoft Active Directory Domain Services
-
Microsoft Active Directory Federation Services (ADFS)
-
Microsoft Active Directory Certificate Services
-
Microsoft DHCP
-
Microsoft DNS
-
Microsoft Distributed File System (DFS)
-
Microsoft Key Management Services (KMS)
-
Microsoft Identity Manager (MIM)
-
Microsoft Remote Desktop Licensing (RDL)
-
Quest product suite
-
Hewlett Packard Enterprise physical servers
-
Dell physical servers
-
Windows Server operating systems (Windows Server 2025 through Windows Server 2012 R2)
-
PowerShell scripting knowledge and ability to write customized scripts is preferred.
-
Knowledge of networking and firewall rulesets is preferred