Senior Security Engineer - Network Defense

If you are motivated and believe in the credit union philosophy of "People Helping People," join our team!

Purpose:

The Senior Security Engineer uses their industry experience and technical knowledge across a broad portfolio of Network, Security, Virtualization and Cloud technologies to ensure operational and project-based activities related to Containment Cyber Services are planned, approved, and performed in a timely manner with minimal application impact. This hands-on position requires strong collaboration skills to work with other infrastructure experts and software developers to deliver infrastructure and software features which improve SECU’s security posture and responsiveness across the entire range of infrastructure.  The ideal candidate will have the ability to identify, document, recommend and lead projects to achieve this end state globally.  Knowledge of Security methodologies and TCP/IP will be very advantageous for this role.

Responsibilities: 

• Rapidly understand SECU Cloud and Data Center environments, becoming an expert in the implementation of security features within the infrastructure environments.
• Evaluate security related features within vendor infrastructure offerings and new security tools which improve SECU’s security responsiveness.
• Represent Containment related infrastructure changes accurately within the SECU Change Management process.
• Deliver thoroughly planned and executed changes within the environment without application impact.
• Coordinate with software developers to ensure Containment security capabilities are verified, regardless of environment.
• Champion all efforts collaboratively.
• Continuously identify, review, and recommend potential opportunities for enterprise cost-savings, service quality improvement, and operational efficiency.
• Manage security product life cycle from Network Defense roadmap to Annual Vendor Reviews.
• Assist with driving milestone planning, deployment coordination, change management, documentation, and user training of new and existing technologies.
• Ability to work and collaborate with teams outside of Security division.
• Create documentation to ensure appropriate operational process and procedures are followed in the event of business impacting incidents or issues.
• Ability to identify and fully automate processes, when possible
• Serve as a Security Engineering subject matter expert that can lead projects and initiatives. 
• Serve as a tier III resource for security related issues or outages.
• Needs minimal to zero supervision to complete tasks and projects.
• Provide support for security related issues on 24 hours a day, seven days a week, 365 days a year basis

Business Experience and Technical Skills:
 

Required:

• Thorough understanding of TCP/IP
• Excellent analytical, problem-solving, and written/oral communication skills
• Leadership, teamwork, collaboration, self-driven and effective communication skills - both written and verbal.
• 3-5+ years of IT Security Engineering experience working in an enterprise infrastructure or security architecture environment.  Preferred experience within the network security environment.
• 3-5+ years of experience in one or more of the following security technologies:
  • Network IDS/IPS
  • VPN/ Remote Access
  • NGFW
  • WAF
  • DDoS Protection
  • Web Proxy/ Content Filtering
  • Cloud Security Controls
• 3-5+ years of troubleshooting and investigating complex issues within a highly regulated and secure environment.  Experience working with change management controls is required.
• 3-5+ years of experience working with applications enabled in the cloud and network.
• Working knowledge of various industry security standards and frameworks including: NIST, ISO 27001, ISF Standard of Good Practice (SoGP), etc.

Preferred:

• One or more Industry Certifications:  VCP, CCIE/CCNP, CISSP, PCNSE, etc.
• Bachelor’s degree in Computer Science, Information Systems or at least 5yrs of experience in related field.
• Knowledge of modern enterprise and security architectures, their challenges, common approaches to overcome their challenges, and their inherent security strengths and weaknesses.
• Professional certifications such as: CISSP, CISA, CISM, GIAC, CGEIT, CRISC, CEH, or other relevant industry certification and/or desire to obtain such certifications.
• Experience working with tools such as Wireshark, Snort, Bro/Zeek, Burp, Nessus, Kali, Security Onion, and Metasploit.
• Experience working with both external and internal auditors to ensure compliance and accurate reporting.
• Experience with scripting languages such as Powershell, Python, VBScript, and Bash.
• Experience working within a DevOps environment is a plus.

Job Environment:

• Working on-site is required with limited remote work.
• Office setting with physical proximity to other employees is also intermittently required.
• Some background noise from other employees and their activities can be expected.

Physical Demands:

• Must be able to comprehend and carry out verbal and written instructions.
• Job requires a substantial amount of sitting.
• Use hands and fingers to press keys on a computer keyboard to enter or retrieve information.
• Use hands and fingers to press telephone keypad and lift telephone receiver.
• Must be able to comprehend phone calls.
• Must be able to lift 5 pounds.

SECU provides equal employment opportunity to all qualified persons regardless of race, color, religion, age, sex, sexual orientation, gender identity, national origin, genetic information, disability, veteran status, or other classification protected by law.

Disclaimer

State Employees' Credit Union reserves the right to fill this role at a higher/lower level based on business need.