The Financial Services Information Sharing and Analysis Center (FS-ISAC), was created by and for members and operates as a member-owned 501(c)(6), not-for-profit entity. FS-ISAC serves as a bi-directional information and intelligence organization leading the financial services sector efforts to protect against and mitigate as needed cyber and physical threats and incidents against financial firms.
The System Security Engineer is directly responsible for the deployment, operations and maintenance of security tools and capabilities in on premise and AWS cloud environments. This position is a hands-on, operational engineering role with a programmatic element to help shape the security controls, technologies and architecture. This role covers corporate and member facing security technologies.
- Responsible for assisting the CISO with building security operations, administration of logical and physical access, monitoring of threats against the organization and membership, vulnerability management, intrusion detection/prevention, malware detection/prevention/analysis, data loss prevention, forensics, incident response, key management, and event logging/correlation.
- Design, deploy, operate and maintain security tools and capabilities in enterprise on premise and Cloud environments including: Vulnerability Management Agent, Endpoint Protection, anti-phishing/spam, CASB, CDNs and WAFs, IDS/IPS, and others.
- Select, implement and oversee the implementation of security, controls, templates and policies to comply with Fedramp security requirements.
- As appropriate, serve as project manager/lead within IT security project deployments, gather technical requirements, develop project scoping documents, prepare deployment schedules and assess resource requirements and constraints.
- Assist with development of information security processes and procedures in support of the information security office.
- Provide input to the security and technology roadmaps
- As part of the team, liaison with business stakeholders and technologists to understand integration requirements with external systems, networks, and organizations.
- Assess system designs to validate them against expected technical parameters Identify, analyze, define, and coordinate user, customer, and stakeholder needs and translates them into hardware and software requirements.
- Identify technical risks and develop mitigation strategies.
- Perform data to day management of security tools and capabilities to include system updates, configuration updates and enhancements to existing and new secure tools and capabilities.
- Support and manage installing, configuring, monitoring, and troubleshooting network security solutions and related monitoring tools including L2/L3 network security devices, IDS/IPS, Full packet capture, DLP, Endpoint (AV, DLP, Endpoint Detection & Response), and infrastructure supporting log management based on industry best practices, and technical requirements.
- Design, configure and maintain native and integrated AWS security services including but not limited to CloudTrail, GuardDuty, SSM, Redlock
- Manage outsource providers in a MSSP relationship (Vendor Management) to include contract management, SLA management, event resolution, escalations, etc.
- Investigate and resolve security incidents.
- Plan and carry out projects for routine application or hardware upgrades.
- Implement automation for health and status monitoring of security tools.
- Collect measurements, analyze data and provide metrics to report on compliance, security posture and health of security tools.
- High level of proficiency and hands on experience with at least 50% of the tools mentioned
- Experience defining, implementing and verifying technical security controls
- Working knowledge/experience in developing cloud security capabilities
- Strong understanding of and experience with Cloud Security tools such as SSM, GuardDuty, Redlock, etc.
- 5+ years of use of end point solutions, firewalls, IDS/IPS and CISecurity baselines.
- Experience with Active Directory, Active Directory Federation Services (ADFS), SAML, web Single Sign-on (SSO), OAuth and related authentication technologies a plus.
- Knowledge of Transport Layer Security / SSL principles and management
- Strong communication skills
- Ability to work independently with minimal direction as part of a lean team
- Demonstrated teamwork and dependability.
- Global work experience & Multi-cultural knowledge a plus
- Fundamental belief that security is a business enablement function
Education and Experience
- 5+ years of system security engineering required
- 2+ years of cloud security experience
- BS in Computer Science or a related field desired
- Security+, CASP, CISSP, or other IT Security certification desired
This position is located in Reston, VA. Regardless of work location, the position requires a professional work environment and candidate must be able to meet the physical demands associated with the professional environment. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
FS-ISAC has reviewed this position description to ensure that essential functions and basic duties have been included. It is not intended to be construed as an exhaustive list of all functions, responsibilities, skills and abilities. Additional functions and requirements may be assigned by supervisors as deemed appropriate.