As a leading regional bank, SouthState has been providing financial solutions to individuals, families, and businesses in the Southeast for more than 100 years. SouthState team members strive to create remarkable experiences while building meaningful and lasting relationships. We are proud to be a reflection of the communities we serve, and our team members share core values that make SouthState a great place to bank, and a great place to work.

SUMMARY/OBJECTIVES

The Cybersecurity Engineer (CSE) performs two core functions for the enterprise. The first is the day-to-day operations of the in-place security solutions while the second is the identification, investigation, and resolution of security related events detected by those systems. A cybersecurity engineer is expected to have a clear understanding of security best practice and understanding of the impacts of controls and the tuning thereof.

The CSE I performs day-to-day operational tasks to ensure the efficient operation of cybersecurity controls and platforms. This generally takes the form of response to tickets that are generated either from the system itself or as part of the Cybersecurity Operations ticket queue.

ESSENTIAL FUNCTIONS

Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

• Ensures compliance with all bank policies and procedures as well as state, federal, and regulatory requirements.
• Be fully aware of the enterprise's security goals as established by its stated policies, procedures, and guidelines and to actively work towards upholding those goals.

System Monitoring & Threat Management

• Review logs and reports of all in-place devices, whether they be under direct control (i.e., security tools) or not (i.e., workstations, servers, network devices, etc.) and interpret the implications of that activity to provide feedback to leadership.
• Participate in investigations into anomalous activity.
• Serves as a first responder and assists with initial investigations for potential security events or control impacts.

Operational Management

• Maintain operational configurations of all in-place security solutions as per the established baselines and security best practice.
• Participate in the design and execution of vulnerability assessments, penetration tests and security audits.
• Provide on-call support for end users and all in-place security solutions.
• Monitor all in-place security solutions for efficient and appropriate operations.

Acquisition & Deployment

• Maintain up-to-date detailed knowledge of the IT security industry including awareness of new or revised security solutions, improved security processes and the development of new attacks and threat vectors.
• Recommend and implement additional security solutions or enhancements to existing security solutions to improve overall enterprise security.
• Research, evaluate, and stays current on emerging tools, techniques, and technologies.
• Participate in projects or department initiatives.
• Assists in the development and implementation of internal security projects.
• Perform daily management of assigned security solutions.

Incident Response

• Serve as a member of the incident response team as needed for response to cybersecurity incidents.
• Participate in incident response planning and testing exercises.

OTHER DUTIES

• Accepts other duties as assigned.

COMPETENCIES

• Proven analytical and problem-solving abilities.
• Ability to effectively prioritize and execute tasks in a high-pressure environment.
• Good written, oral, and interpersonal communication skills.
• Ability to conduct research into security issues and products as required.
• Ability to present ideas in business-friendly and user-friendly language.
• Highly self-motivated and directed.
• Keen attention to detail.
• Team-oriented and skilled in working within a collaborative environment.

QUALIFICATIONS AND EDUCATION REQUIREMENTS

• Education: Associate Degree (or equivalent work experience) from a regionally accredited institution in Information Security, computer science, mathematics, engineering or a closely related field.
• Experience:
  • Two (2) or more years of direct Cybersecurity experience preferably as a cybersecurity engineer or similar role maintaining cybersecurity safeguards at a financial institution.
  • Direct experience maintaining and operating current security platforms is preferred.
• Certifications/Specific Knowledge:
  • One or more of the following (or similar) certifications preferred:
    • Global Information Assurance Certification (GIAC) Certifications (e.g., GIAC Security Essentials (GSEC), GIAC Certified Incident Handler (GCIH), GIAC Continuous Monitoring Certification (GMON), GIAC Certified Intrusion Analyst (GCIA), GIAC Security Operations Certified (GSOC), GIAC Certified Enterprise Defender (GCED), GIAC Certified Detection Analyst (GCDA))
    • CompTIA Certifications (e.g., Security , CySA )
  • A strong security mindset, understanding of financial sector regulatory requirements and security best practice.

TRAINING REQUIREMENTS/CLASSES

• Required Annual Compliance Training
• New Employee Orientation

PHYSICAL DEMANDS

Must be able to effectively access and interpret information on computer screens, documents, reports, and cash denominations, and identify customers. This position requires a large amount of time in front of a computer. This can be done sitting or standing with use of the right desk.

WORK ENVIRONMENT

Telecommuting roles no matter if hybrid or 100% full time telecommuting must have a secure home office environment that is free from background noise and distractions. They must also have a reliable private internet connection that is not supplied by use of cellular data (hot spot). Cable or fiber connections are preferred. Requirements are subject to change, as new systems and technology is delivered. Travel may be required to come to meetings as needed.

The information below is to be updated by the HRBP and HR Compensation team only.