Senior Security Engineer
The Senior Security Engineer works under minimal supervision and will perform information security tasks commensurate with their experience that ensure applications and projects meet defined quality standards.
Essential Job Functions :
- Apply established and ad hoc processes and techniques to identify, validate, prioritize, and track security risks.
- Identify uncontrolled risks and recommend control improvements.
- Proactively identify security requirement deficiencies.
- Engage business and technology personnel to elicit security requirements.
- Architect and design security control systems to address requirements.
- Operate and monitor established security controls.
- Identify control deficiencies and make appropriate recommendations.
- Ensure that controls are operating effectively; resolve operating discrepancies.
- Review, triage, and prioritize control output.
- Take appropriate action to resolve security discrepancies.
- Identify, evaluate, and recommend new security technologies, techniques, and tools.
- Define, review, and promote information security policies, standards, guidelines, and procedures.
- As compliance subject matter expert, enforce and monitor compliance with internal and external regulations, policies, and standards.
- Establish and promote strategies to ensure that compliance is effectively monitored and enforced.
- Lead / Co-lead internal process improvement initiatives. Provide feedback on processes by offering suggestions.
- Mentor and supervise junior staff in project-level tasks.
- Assist with adherence to technology policies and comply with all security controls.
- Ensure all work products meet / exceed FINRA standards.
Education / Experience Requirements :
Bachelor’s degree in Computer Science, Information Systems or related discipline with at least five (5) years of related experience, or equivalent training and / or work experience.Experience must include direct experience in several of the key areas listed : securing networks and systems architecture, design and implementation, secure software assurance, intrusion detection, defense and incident response, security configuration management, access controls design and implementation and security policy and standards development.In-depth knowledge of one or more communications protocols.Experience with more than one Cyber Security tools, including : Configuration Assessment, Log Aggregation, Integrity Verification, Web Application Security Testing, Network Access Control System, Network Intrusion prevention systems, and Endpoint Security Solutions.Strong written and verbal technical communication skills.Demonstrated ability to develop effective working relationships that improved the quality of work products.Should be well organized, thorough, and able to handle competing priorities.Ability to maintain focus and develop proficiency in new skills rapidly.Ability to work in a fast-paced environment.In-depth knowledge of more than one Information Security principle and discipline.Work Conditions :
Work is normally performed in an office environment.Occasional travel and extended hours may be required.To be considered for this position, please submit an application. Applications are accepted on an ongoing basis.
FINRA is an Equal Opportunity and Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to age, citizenship status, color, disability, marital status, national origin, race, religion, sex, sexual orientation, gender identity, veteran status or any other classification protected by federal state or local laws as appropriate, or upon the protected status of the person’s relatives, friends or associates.
J-18808-Ljbffr