Senior Security Engineer bei Five Star Bank
Five Star Bank · Rochester, Vereinigte Staaten Von Amerika · Onsite
- Senior
- Optionales Büro in Rochester
Purpose: The Senior Security Engineer is a strategic and hands-on role responsible for safeguarding the digital assets, infrastructure, and sensitive data of the financial institution. This individual will design, implement, and manage advanced security technologies to protect the bank’s information assets, infrastructure, and systems. This role will lead efforts to strengthen the bank’s cybersecurity posture, ensure regulatory compliance, and proactively defend against a variety of threats in a highly regulated environment. The Senior Security Engineer will collaborate across departments, lead security initiatives and programs, lead incident response investigation efforts, and act as a subject matter expert for corporate initiatives on behalf of the Information Security team.
Essential Functions:
- Design, implement, and maintain security architectures for networks, applications, and cloud environments.
- Monitor, analyze, and respond to security events and incidents using SIEM and security operations tools.
- Lead investigations of security alerts, events, and incidents including root cause analysis and remediation plan development.
- Collaborate effectively with cross-functional teams, including managed service providers and IT to improve detection, response, and resilience.
- Conduct regular security assessments, tests, and risk analyses to identify and remediate potential security weaknesses.
- Lead and participate in the development and enforcement of security policies and procedures in accordance with banking regulations (NYDFS, FFIEC, GLBA, SEC, etc.).
- Support audits, regulatory examinations, and risk assessments.
- Collaborate with IT, enterprise risk management, compliance, internal audit, and business units to align security practices with organizational goals.
- Evaluate emerging security technologies and recommend solutions and vendors aligned with the bank’s strategy.
- Oversee third-party risk management and ensure vendor security posture meets bank standards.
- Maintain up-to-date knowledge of the ever-evolving threat landscape, industry trends, and regulatory changes affecting financial institutions.
- Document and report on security metrics, incidents, and compliance initiatives for senior management.
- Mentor junior engineers and analysts in security best practices.
- Demonstrate the standards and principles of the Five Star Bank experience in every interaction with internal and external customers, associates, and stakeholders. Incorporate the high-performance behaviors of teamwork, leading by example, and service in every facet of work.
Job Related Qualifications:
Required:
- Education: Bachelor’s degree in Information Security, Computer Science, or related field (or equivalent experience).
- Prior Experience: 5+ years of experience in information security, with at least 2 years in engineering roles. Financial services or banking environment preferred.
- Licenses or Accreditation: Professional certifications preferred (CISSP, CISM, GIAC, CEH, CCSP, or equivalent)
Competencies:
- Expertise in security technologies such as SIEM (Microsoft Sentinel, Splunk), firewalls (Check Point, Palo Alto, Cisco), IDS/IPS, EDR (Microsoft Defender, CrowdStrike), data security (Varonis), email security (Microsoft, Proofpoint), and vulnerability management (MDVM, Qualys, Tenable).
- Hands-on experience with Microsoft 365 security, Active Directory, Entra, and cloud platforms (Azure, AWS).
- Knowledge of encryption, PKI, secure networking, and identity/access management.
- Familiarity with frameworks and regulations: NIST CSF, NIST 800-53, ISO 27001, CIS Controls, FFIEC, NYDFS Cybersecurity Regulation (23 NYCRR 500)
- Ability to respond to emergencies after hours as needed.
- Strong analytical and problem-solving skills.
- Proven ability to produce comprehensive documentation.
- Ability to communicate complex technical concepts to technical and non-technical stakeholders.
- Excellent organizational skills and attention to detail.
- Ability to work independently and collaboratively in a fast-paced, regulated environment.
Physical Requirements:
- Able to travel occasionally
- Extensive computer usage is required.
- Ability to work evenings and weekends occasionally in support of on-call duties
Benefits:
- Medical, Dental, and Vision Insurance
- Health Savings Account
- Flexible Spending Account(s)
- Company Paid Life Insurance, Long-Term Disability, and Short-Term Disability
- Voluntary Offerings: Life, Critical Illness/Specified Disease, Accident, Hospital Indemnity & Personal Accident
- Tuition Reimbursement
- Employee Referral Program
- Wellness Reimbursement Program
- Star Volunteer Program
- Employee Banking and Financial Perks
- Flexible Hybrid Work Schedule
- Paid Time Off (PTO)
- Company Paid Holidays
This job description is not exhaustive. The Senior Security Engineer may be required to perform other duties as assigned.
The expected rate of pay for this position is shown above. Compensation offers are based on a wide range of factors including relevant skills, training, experience, education and, where applicable, licenses or certifications obtained. Market and organizational factors are also considered. In addition to your base rate of pay and a competitive benefits package, successful candidates may be eligible to receive cash or equity-based incentives based on the role and performance.