BACKGROUND

The Financial Services Information Sharing and Analysis Center (FS-ISAC) was created by and for members and operates as a member-driven non-profit entity. FS-ISAC provides vital information to the financial services sector to assist financial firms in protecting their critical infrastructure assets and confidential information.

POSITION SUMMARY

The System Security Engineer is directly responsible for the deployment, operations and maintenance of security tools and capabilities in on premise and AWS cloud environments. This position is a hands-on, operational engineering role with a programmatic element to help shape the security controls, technologies and architecture. This role covers both corporate and member facing security technologies.

ESSENTIAL FUNCTIONS

• Responsible for assisting the CISO with building a thoughtful, purposeful, risk-based security program.
• Identify technical risks, develop mitigation strategies, & contribute to risk register as necessary.
• Deploy & maintain measurable cloud security controls, focused on system and network security.
• Deploy & maintain measurable SDLC and CI/CD security controls, focused on application and code security.
• Remediate security issues through both hands-on configuration and establishment of security policies and templates.
• Work with security and technology teams as well as MSP/MSSP to monitor threats against the organization and membership, vulnerability management, intrusion detection/prevention, malware detection/prevention/analysis, data loss prevention, forensics, incident response, key management, and event logging/correlation.
• As appropriate, serve as project manager/lead within security project deployments; gather technical requirements, develop scoping documents, prepare deployment schedules and assess resource requirements and constraints.
• Participate in cloud architecture and system designs; provide security considerations and guardrails.
• Provide input to the security and technology roadmaps.
• Design, configure and maintain native and integrated AWS security services including but not limited to CloudTrail, GuardDuty, SecurityHub, Config, etc.
• Perform data to day management of security tools and capabilities to include system updates, configuration updates and enhancements to existing and new secure tools and capabilities
• As part of the team, liaison with business stakeholders and technologists to understand integration requirements with external systems, networks, and organizations.
• Manage outsourced providers in a MSSP relationship (Vendor Management) to include contract management, SLA management, event resolution, escalations, etc.
• Investigate and resolve security incidents.
• Implement automation for health and status monitoring of security tools.

POSITION QUALIFICATIONS

• High level of proficiency and hands on experience with at least 50% of the tools/capabilities mentioned.
• Experience defining, implementing, and verifying technical security controls.
• Working knowledge of common AWS services; AWS IAM, EC2, RDS
• Experience with AWS security tools such as AWS GuardDuty, SecurityHub, CloudTrail etc.
• Experience deploying and maintaining AppSec tools, such as static and dynamic scanners.
• Experience with authentication, authorization, and SSO technologies, such as SAML, OIDC, and OAuth
• Strong understanding of IAAC, CI/CD tools and security best practices; such as Terraform, GitHub Actions, Ansible, CloudFormation, etc.
• Knowledge of encryption, key management, and data retention best practices
• Ability to automate tasks in at least one scripting language (Python preferred)
• Strong communication skills
• Ability to work independently with minimal direction as part of a lean team
• Demonstrated teamwork and dependability.
• Global work experience & multi-cultural knowledge a plus
• Fundamental belief that security is a business enablement function

EDUCATION AND EXPERIENCE

• 5 years of security engineering experience required
• 2 years of cloud security experience desired
• 1 years of application security or DevSecOps experience desired
• BS in Computer Science or a related field desired
• ISC2, GIAC, AWS or other security certification desired

WORK ENVIRONMENT

This position can be remote or based out of our Reston Headquarters with a hybrid office/work from home schedule. Regardless of work location, the position requires a professional work environment and candidate must be able to meet the physical demands associated with the professional environment. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

FS-ISAC has reviewed this position description to ensure that essential functions and basic duties have been included. It is not intended to be construed as an exhaustive list of all functions, responsibilities, skills and abilities. Additional functions and requirements may be assigned by supervisors as deemed appropriate.

All employees must be authorized to work in the United States. FS-ISAC provides equal employment opportunities to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability, or genetics. In addition to federal law requirements, FS-ISAC complies with applicable state and local laws governing non-discrimination in employment in every location in which the company has facilities.