Senior Information Security Platform Engineer - Remote

Make banking a Fifth Third better®

We connect great people to great opportunities. Are you ready to take the next step? Discover a career in banking at Fifth Third Bank.

GENERAL FUNCTION:

The Senior Information Security Engineer (ISE) will be responsible for defining, delivering and supporting the enterprise security tools and architecture developed in collaboration with the IT Engineering team. The Senior ISE will also participate in a diverse variety of IS projects and support the ongoing operations of the Information Security department. The Senior ISE is focused on securing the network through the operations of intrusion detection system/intrusion prevention system (IDS/IPS), data loss prevention (DLP), Proxy, enterprise anti-virus and anti-malware solutions, log management, and vulnerability scanning and remediation.

Responsible and accountable for risk by openly exchanging ideas and opinions, elevating concerns, and personally following policies and procedures as defined. Accountable for always doing the right thing for customers and colleagues, and ensures that actions and behaviors drive a positive customer experience. While operating within the Bank's risk appetite, achieves results by consistently identifying, assessing, managing, monitoring, and reporting risks of all types.

ESSENTIAL DUTIES & RESPONSIBILITIES:

• Mentor more junior members of the team.
• Contribute to and enhance the bank's network vulnerability management program.
• Define security requirements for the implementation of new applications and projects.
• Serve as a security engineer/consultant on projects.
• Participate in conducting security research on threats and remediation techniques/ technology, make recommendations to the IS/IT teams and oversee their implementation.
• Support the Bank's operational information security responsibilities, including the development maintenance of standards, procedures, and guidelines necessary to satisfy the Information Security department's network operations.
• Proactively monitor and investigate network security alerts from managed security service provider and in-house security tools.
• Assist in conducting risk assessments to evaluate the effectiveness of existing controls and determine the impact of proposed changes to business processes, applications and systems.
• Provide technical support to regulatory agencies, external auditors, and internal auditors, as required, to respond to audits and examinations of the Bank's control environment.
• Threat analysis / Incident Response: interpreting events and analyzing network traffic.
• Mitigating and addressing threat vectors including APT, DDoS, Phishing, Malicious Payload, Cloud, Mobile Devices.
• Vulnerability/penetration testing/remediation.
• Seeking and maintaining knowledge (cross/up skill) of current and upcoming IT security technologies.
• Awareness of latest and common security threats.
• Knowledge of virtualization technologies.

SUPERVISORY RESPONSIBILITIES: None.

MINIMUM KNOWLEDGE, SKILLS & ABILITIES REQUIRED:

• Bachelor's degree in Computer Science/Information Systems or equivalent combination of education and experience. Master's degree a plus.
• Industry Standard Certifications such as, but not limited to: CompTIA A+, CompTIA Network +, CompTIA Security +, ISC2 CISSP, and EWS preferred.
• Must be able to communicate ideas both verbally and in writing to management, business and IT sponsors, and technical resources in language that is appropriate for each group.
• Four+ years of IT work experience relevant to the position, including at least two+ years in a hands-on information security development role.
• Experience working with and supporting Unix/Linux and Windows systems.
• Solid conceptual understanding of distributed computing principles.
• Working knowledge of application and data security concepts, best practices, and common vulnerabilities.
• Previous experience working with offshore teams desired.
• Financial industry experience is a plus.
• Excellent ability to diagnose and troubleshoot accessibility issues.
• Understanding of networks and experience diagnosing network related issues
• Experience working with zero trust tools such as AppGate or zScaler ZPA preferred
• Knowledge of AWS and Terraform preferred
• Experience with AWS services like Amazon CloudFront, Amazon API Gateway, and Application Load Balancer preferred
• Proficiency in creating and managing WAF rules, including custom rules preferred
• Knowledge of common web vulnerabilities (e.g., OWASP Top 10) and how to mitigate them.
• Familiarity
• with AWS security services like AWS Shield and AWS Firewall Manager.
• Experience in implementing and configuring Akamai CDN solutions. ION, Cloudlets, Certificate Management, Caching preferred
• Experience in implementing and configuring Akamai security solutions, including WAF, DDoS protection, and Bot Management preferred

Senior Information Security Platform Engineer - Remote

Total Base Pay Range 69,500.00 - 132,300.00 USD Annual

LOCATION -- Virtual, Ohio 00000

Fifth Third Bank, National Association is proud to have an engaged and inclusive culture and to promote and ensure equal employment opportunity in all employment decisions regardless of race, color, gender, national origin, religion, age, disability, sexual orientation, gender identity, military status, veteran status or any other legally protected status.