Vacancy expired!
BE PART OF A BANK LIKE NO OTHER.
When you work with the world's most innovative companies, you know you're making a difference.Our clients are the game changers, leaders and investors who fuel the global innovation economy. They're the businesses behind the next medical breakthroughs. And the visionaries whose new technologies could transform the way people live and work.They come to SVB for our expertise, deep network and nearly forty years of experience in the industries we serve, and to partner with diverse teams of passionate, enterprising SVBers, dedicated to an inclusive approach to helping them grow and succeed at every stage of their business.Join us at SVB and be part of bringing our clients' world-changing ideas to life. At SVB, we have the opportunity to grow and collectively make an impact by supporting the innovative clients and communities SVB serves. We pride ourselves in having both a diverse client roster and an equally diverse and inclusive organization. And we work diligently to encourage all with different ways of thinking, different ways of working, and especially those traditionally underrepresented in technology and financial services, to apply.Job Description: Sr Cyber Security Engineer Description Cyber security is an integral part of our SVB culture , and as a growing financial institution , it's vital that we all play our part in keeping customers' data secure. We're looking for a cyber professional inherently driven and fascinated by the art and science of cyber defense. We will arm you with the very best tools and tech so that you can deliver top notch results. This is a critical role within the Security Engineering organization. You will work closely under the Cyber Security Manager to support and maintain operational excellence, act as the lead for operational improvements, and help execute the strategic initiatives. As the Sr Cyber Security Engineer , you will provide cyber security advisory services to business units at SVB and supports IT initiatives as well as business byrecognizingsecurity risks and i mplementing security controls in adherence toSVB security policies and standards. You will workwith Security Operations , IT, and other internal teams t o integrate newand enhanced tools and solutions . The engineer will work on medium to large , complex projectstoensure the safety and compliance of SVB assets, as well as vulnerabilities, risk management and adherence of security policy and standards. Engineer will also help identify opportunities for operational excellence and design new solutions as needed. Responsibilities- Evaluate current IT/security architectures, infrastructure, end user computing to determine lifecycle stage, constraints, costs and future needs to support growth.
- Implement formal security governance process to set priorities, goals, efficiency and leverage of cyber resources. Ensure formal procedures and documentation are in place.
- Analyze and track development process, proactively monitor GSO security efforts and approach can go a long way in being prepared to handle open-source security risks.
- Stay up to date on new security tools & techniques in the information security space.
- Conduct proof of concept activities with key business users in support of advanced use cases.
- Be responsible for overall planning, direction and oversight of multiple projects, products, services or functions.
- Update, upgrade and remediate systems and applications as needed.
- Conduct in-depth technical reviews of enterprise systems in order to identify the appropriate mitigation strategies required to bring these systems into compliance with established policy and industry guidelines.
- Lead organizing and mentoring junior and intermediate level engineers .
- Oversee operations and drive maturity of delivery across the organization .
- Collaborate with the leadership team, and other key stakeholders (like Technology, Info Security, HR , Finance, Data Stewards etc.) to track, analyze and report our performance against established OKRs .
- Oversee operational adherence to control frameworks, drive response to audit requests .
- Identify alternative security strategies to address organizational security objectives .
- Solid infrastructure experience with both Windows and Linux OS's, AD, DNS and Virtualization.
- Experience and working knowledge of network architecture, subnetting, andTCP/IP protocols, and OSI model layers and protocols at each model layer
- Deep understanding ofsecurityarchitectures, defense in depth, cloud and on-prem security models and concepts
- Familiar with various security architectures and methodologies (Defense in Depth, Kill-Chain, NIST, Critical Controls, OWASP, etc.)
- Excellent analytical andproblem-solvingskills
- Ability to demonstrate empathy while seeking common, effective problem solving and conflict resolution skills
- Ability to work under pressure and with minimum supervision
- Scripting skills (Shell, Python, Java, PHP, PowerShell, etc.)preferred but not required
- Familiar with government security standards and regulations including GLBA, SOX, PCI, COBIT, ITIL
- Excellent written and verbal communication skills
- Ability to work in an ever-changing environment and shift priorities as required
- 5+years working in IT /Security
- Experience working with Auditors
- Experience designing, implementing, supporting and/or defining requirements forsecurity tools such as IPS/IDS, CASB , DLP , FIM , EDR ( Crowdstrike ), and SIEM (Splunk)
- Experience writing documentation such as policies, procedures and articles
- Experience working with clustering, HA and DR applications and infrastructure
- Experience implementing and/or supporting email protection tools, phishing campaigns, as well as D MARC , DKIM and SPF
- Experiencewith public cloud services, technologies, and security tools such as AWS and Azure
- Experience doing vulnerability assessments, risk assessments and/or penetration testing
- Experience with SIEM technologies
- Experience with cloud technologies
- Experience working with Windows and Linux operating systems
- Bachelor's degree in management Information Systems, Computer Science, and/or Business, or equivalent work experience
- 7 years of work experience with a bachelor's degree ; 5 years of work experience with an Advanced degree ( i.e Masters/MBA/JD/MD); or a minimum of 3 years of work experience with a PhD
- Minimum of 3 years of experience in architecting, designing, and/or developing and supporting large enterprise class applications with increasing responsibilities.
- Understanding ofinternational and United States laws and regulations impacting cyber security and personal data privacy, including GLBA, SOX,and the FFIEC Information Security requirements
- Working knowledge of security frameworks and control references such as NIST CSF,CIS 20,COBIT,PCI DSS,OWASP, ISO 27000 family and NIST SP 800 series.
- One or more of the following professional certifications: CISSP, CISM,SANS GIAC, CISA, Security+, AWS Solutions Architect, AWS Security Specialist(or willingness to obtain within 6 months)