Cybersecurity Engineer I (Remote)

The SouthState story is one of steady growth, deep community roots, and an unwavering commitment to helping our customers move forward. Since our beginnings in the 1930s to becoming a trusted financial partner across the South and beyond - we are known for combining personal relationships with forward-thinking solutions.

We are committed to helping our team members find their success while maintaining the integrity of our values: building trust, fostering lasting relationships and pursuing excellence. At SouthState, individual contributions are recognized, potential is cultivated and team members are inspired to achieve their greater purpose. Your future begins here!

SUMMARY/OBJECTIVES

The Cybersecurity Engineer (CSE) performs two core functions for the enterprise. The first is the day-to-day operations of the in-place security solutions while the second is the identification, investigation, and resolution of security related events detected by those systems. A Cybersecurity Engineer is expected to have a clear understanding of security best practice and understanding of the impacts of controls and the tuning thereof.

The CSE I performs day-to-day operational tasks to ensure the efficient operation of cybersecurity controls and platforms. This generally takes the form of response to tickets that are generated either from the system itself or as part of the Cybersecurity Operations ticket queue. The CSE I position requires initiative, accountability and ownership of tasks presented, leveraging knowledge and utilizing technical resources and other team members to drive success.

ESSENTIAL FUNCTIONS

• Ensures compliance with all bank policies and procedures as well as state, federal, and regulatory requirements.

• Be fully aware of the enterprise’s security goals as established by its stated policies, procedures, and guidelines and to actively work towards upholding those goals.

System Monitoring & Threat Management

• Review logs and reports of all in-place devices, whether they be under direct control (i.e. security tools) or not (i.e. workstations, servers, network devices, etc.) and interpret the implications of that activity to provide feedback to leadership.

• Participate in investigations into anomalous activity.

• Serve as a first responder and assist with initial investigations for potential security events or control impacts.

• Assist in the ticket queue rotation to ensure efficient handling of requests.

• Participate in the cybersecurity on-call rotation.

Operational Management

• Maintain operational configurations of all in-place security solutions as per the established baselines and security best practice.

• Participate in the design and execution of vulnerability assessments, penetration tests and security audits.

• Provide on-call support for end users and all in-place security solutions.

• Monitor all in-place security solutions for efficient and appropriate operations.

Acquisition & Deployment

• Maintain up-to-date detailed knowledge of the IT security industry including awareness of new or revised security solutions, improved security processes and the development of new attacks and threat vectors.

• Recommend and implement additional security solutions or enhancements to existing security solutions to improve overall enterprise security.

• Research, evaluate, and stay current on emerging tools, techniques, and technologies.

• Participate in projects or department initiatives.

• Assist in the development and implementation of internal security projects.

• Perform daily management of assigned security solutions.

Incident Response

• Serve as a member of the incident response team as needed for response to cybersecurity incidents.

• Participate in incident response planning and testing exercises.

Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

COMPETENCIES

• Proven analytical and problem-solving abilities.

• Ability to effectively prioritize and execute tasks in a high-pressure environment.

• Good written, oral, and interpersonal communication skills.

• Ability to conduct research into security issues and products as required.

• Ability to present ideas in business-friendly and user-friendly language.

• Highly self-motivated and directed.

Keen attention to detail.

• Team-oriented and skilled in working within a collaborative environment.

QUALIFICATIONS AND EDUCATION REQUIREMENTS

• Education: Associate Degree (or equivalent work experience) from a regionally accredited institution in Information Security, computer science, mathematics, engineering, or a closely related field.

• Experience:

  • Two (2) or more years of direct Cybersecurity experience preferably as a cybersecurity engineer or similar role maintaining cybersecurity safeguards at a financial institution.

  • Direct experience maintaining and operating current security platforms is preferred.

• Certifications/Specific Knowledge:

  • One or more of the following (or similar) certifications preferred:

    • Global Information Assurance Certification (GIAC) Certifications (e.g., GIAC Security Essentials (GSEC), GIAC Certified Incident Handler (GCIH), GIAC Continuous Monitoring Certification (GMON), GIAC Certified Intrusion Analyst (GCIA), GIAC Security Operations Certified (GSOC), GIAC Certified Enterprise Defender (GCED), GIAC Certified Detection Analyst (GCDA))

    • CompTIA Certifications (e.g., Security+, CySA+)

  • A strong security mindset, understanding of financial sector regulatory requirements and security best practice.

  • Other certificates and professional credentials with cybersecurity relevance will be considered.

TRAINING REQUIREMENTS/CLASSES

• Annual Compliance Training

• New Employee Orientation

PHYSICAL DEMANDS

Must be able to effectively access and interpret information on computer screens, documents, reports, and cash denominations, and identify customers. This position requires a large amount of time in front of a computer. This can be done sitting or standing with use of the right desk

WORK ENVIRONMENT

Telecommuting roles, no matter if hybrid or 100% full time telecommuting, must have a secure home office environment that is free from background noise and distractions. They must also have a reliable private internet connection that is not supplied by use of cellular data (hot spot). Cable or fiber connections are preferred.  Requirements are subject to change, as new systems and technology are delivered.

TRAVEL

Travel may be required to come to meetings as needed.

In accordance with Colorado law: Colorado pay for this position is anticipated to be between $74,400.00 - $118,848.00 , actual offers to be determined based on applicant’s skills, experience and education.

While the anticipated deadline for the job posting is 08-14-2025, we encourage you to submit your application as we may still consider qualified candidates beyond this date.

Benefits | SouthState Careers