American Savings Bank

Receive alerts when this company posts new jobs.

Similar Jobs

Job Details

Information Security Operations Engineer

at American Savings Bank

Posted: 10/4/2019
Job Reference #: 5000512196006

Job Description

Job Description

Supports the bank's information security program through detection and analysis of all technology-related security events. Works across the enterprise to ensure the safeguarding of all protected information assets and data. Maintains subject matter expert level knowledge of security tools and techniques, incident response, containment, and recovery.

  • Responsible for escalation support, security tickets, and security incident response.

  • Services as project manager for key security initiatives.

  • Performs incident monitoring and reporting that includes analysis and correlation of information or data for the purpose of identifying intrusion attempts, vulnerabilities, and/or compromises to Bank systems.

  • Ensures technical enforcement of internal security policies to maintain the integrity of the networks, systems and applications utilized throughout the organization, including functionality of user access controls.

  • Serves as an information security expert. Maintains current knowledge of evolving information security risks, particularly cyber security, new and evolving trends with mitigation tools and changes to security regulations affecting financial institutions.

  • Performs security event monitoring and correlation using the SIEM, data loss prevention, and other tools to detect and respond to security events.

  • Develops and implements threat mitigation strategies. Performs event reporting and trending analysis.
  • Ensures work performed is compliant with all banking laws and regulations relevant to data security.

Qualifications

Education Requirements:

  • High school or equivalent
Experience Required:
  • 5 years experience Information Security and/or Security Operations experience. Prior experience within a financial services organization is a plus
  • 3 years working knowledge of security technologies including but not limited to firewalls, SIEM, web proxies, DLP, encryption, IDS/IPS and the ability to apply security principles based on best practices and industry standards.
Required Skills or Training
  • Hands-on experience with security architecture, technologies, and solutions.

  • Experience detecting, analyzing, and responding security events.

  • Able to apply security principles and oversight based on best practices and industry standards.

  • Excellent verbal, written and interpersonal communication skills. Able to work collaboratively across the organization.

  • Excellent organizational skills with strong attention to detail.

  • Demonstrated experience in network and system administration, programming, systems development, Security Operations Center (SOC), and/or incident response.

  • Demonstrated proficiency in a broad range of operating systems, platforms, client/server and web applications, and security services such as authentication and encryption technologies; Possesses knowledge of TCP/IP protocols, OSI model and associated vulnerabilities.

  • Possesses solid understanding of Federal and state laws/regulations relating to information safeguards and controls, including laws such as National Institute of Standards & Technology (NIST). Knowledge of the Federal Financial Institutions Examination Council (FFIEC) and section 501(b) of the Gramm-Leach-Bliley Act is a plus.

  • Demonstrates in-depth analytical skills, including the ability to consolidate broad data sets from multiple sources, both internal and external, to identify patterns and/or risk factors.

  • Must be self-motivated with a strong willingness to learn in a hands-on learning environment. Critical thinker with the ability to research, develop and communicate solutions to detect security incidents in a timely manner.