Vacancy expired!
BE PART OF A BANK LIKE NO OTHER.
When you work with the world's most innovative companies, you know you're making a difference.Our clients are the game changers, leaders and investors who fuel the global innovation economy. They're the businesses behind the next medical breakthroughs. And the visionaries whose new technologies could transform the way people live and work.They come to SVB for our expertise, deep network and nearly forty years of experience in the industries we serve, and to partner with diverse teams of passionate, enterprising SVBers, dedicated to an inclusive approach to helping them grow and succeed at every stage of their business.Join us at SVB and be part of bringing our clients' world-changing ideas to life. At SVB, we have the opportunity to grow and collectively make an impact by supporting the innovative clients and communities SVB serves. We pride ourselves in having both a diverse client roster and an equally diverse and inclusive organization. And we work diligently to encourage all with different ways of thinking, different ways of working, and especially those traditionally underrepresented in technology and financial services, to apply.Job DescriptionThe Sr. Cyber Security Engineer provides cyber security advisory services to business units at SVB and supports IT initiatives as well as business projectsbyrecognizing security risks and implementing security controls in adherence to SVB security policies and standards.The engineer will work with, and under the direction of Cyber Security Architects to engage SVB IT teams to integrate new and better manage existing security solutions. The engineer will work on large and complex projects to ensure the safety and compliance of SVB assets, as well as vulnerabilities, risk management and adherence of security policy and standards. Essential Functions:- Analyze and approve security requests escalated from Tier 1
- Attend project meetings and recommend cyber security requirements
- Analyze SVB projects, recommend, implement, and validate security controls
- Attend architecture review meetings to identify and recommend security controls
- Executes tasks under the direction of cyber security architects
- Updates and improves security policies and standards
- Deep understanding of security architectures, defense in depth, cloud and on-prem security models and concepts
- Experience and working knowledge of network architecture, subnetting, and TCP/IP protocols, and OSI model layers and protocols at each model layer
- Understanding of international and United States laws and regulations impacting cyber security and personal data privacy, including GLBA, SOX, and the FFIEC Information Security requirements
- Working knowledge of security frameworks and control references such as NIST CSF, CIS 20, COBIT, PCI DSS, OWASP, ISO 27000 family and NIST SP 800 series
- Familiar with various security architectures and methodologies (Defense in Depth, Kill-Chain, NIST, Critical Controls, OWASP, etc.)
- Excellent analytical and problem-solving skills
- Ability to demonstrate empathy while seeking common interests, effective problem solving and conflict resolution skills
- Scripting skills (Shell, Python, Java, PHP, PowerShell, etc.) preferred but not required
- Familiar with government security standards and regulations including GLBA, SOX, PCI, COBIT, ITIL
- Excellent written and verbal communication skills
- Bachelor's degree in management Information Systems, Computer Science, and/or Business, or equivalent work experience
- 5+ years working in IT security domain
- Experience implementing, supporting and/or defining requirements for security tools such as WAF, IPS/IDS, CASB, DLP, EDR (Crowdstrike), and SIEM (Splunk)
- Experience implementing and/or supporting email protection tools, phishing campaigns, as well as good understanding of DMARC, DKIM and SPF
- Experience with public cloud services, technologies, and security tools such as AWS and Azure
- Experience working with Windows and Linux operating systems
- Experience doing vulnerability assessments, risk assessments and/or penetration testing
- One or more of the following professional certifications: CISSP, CISM, SANS GIAC, CISA, Security+, AWS Solutions Architect, AWS Security Specialist (or willingness to obtain within 6 months)
- Strong demonstrated knowledge of networking and TCP/IP protocol or networking certification (CCNA)