Full Stack Security Engineer (West Lebanon)

Compensation

: $102,625.00 - $147,380.00 /year *

Employment Type

: Full-Time

Industry

: Information Technology



Loading some great jobs for you...





Description

We are looking for an engineer who brings fresh ideas from all areas including distributed computing at scale, data retrieval and persistence, UI design, mobile, security, artificial intelligence, machine learning, natural language processing, and so on. We need our security engineer to be versatile, data-driven, displaying leadership qualities and being enthusiastic to tackle problems across the full-stack as we continue to push boundaries and advance our platforms.This role is responsible for full stack security engineering activities and helping ensure that security is built into the organizations core consumer applications and platforms throughout the application and capability lifecycle.This role supports critical security activities between our security division and core business delivery teams; and will participate in agile/DevOps project work streams as a security SME representing and engineering security solutions.This role will also analyze, design, propose and help deliver modernized technology solutions that are appropriate for next generation banking applications.The Full Stack Security Engineer maintains current knowledge of modernized computing paradigms, automation/orchestration frameworks, virtualization platforms, security threats and recommends security enhancements and purchases that allow Citizens Bank to deliver the most secure and robust digital applications deployed within the organization and within the cloud.Primary responsibilities include:
  • Gaining a comprehensive understanding of the companys overall digital technology and information systems and capabilities.
  • Participating in Agile meetings and timely delivery of project-related artifacts.
  • Working on significant and unique security issues where analysis of situations or data requires an evaluation of intangibles. Candidate should exercise independent judgment in methods, techniques and evaluation criteria for obtaining risk reduction objectives.
  • Supporting delivery of secure, architecturally sound components, tools, and applications.
  • Infusing Quality of Service characteristics (scalability, manageability, maintainability, etc.) into distributed service-based framework to create or expand business or technical capabilities.
  • Supporting automated and security testing of distributed components and environments
  • Collaborating with peers and other technology teams to raise or exceed the bar in terms of building security natively into applications.
  • Remaining current with technological and security innovations to provide direction for operational efficiency and future products.
  • Deployment and security configuration of complex applications throughout the project and secure software development lifecycle. Project delivery work may include delivery of AWS solutions, CI/CD tool sets, automation/orchestration platforms, micro-services, cryptographic safeguards, J2E platform software, and deployment of software artifacts, web server setup and configuration, coordination of network and database connectivity.
  • Securing integration of internally developed components (API's, web services, broker services, MQ and Data Power artifacts).
  • Remediation of vulnerabilities, close coordination with project testing teams for performance analysis, creation of documentation, and knowledge transfer to support staff.
  • Researching and evaluating proposed security and business solutions for adherence to documented company standards, policies and regulatory responsibilities.
  • Acting as a security SME with regards to strengths and weaknesses of the security capabilities systems and being able to recommend improvements to both software and hardware.
  • Assessing emerging security technologies against security architecture standards to determine where they fill gaps, overlap with existing solutions or extend capabilities.
  • While our preference would be to have a chosen candidate with onsite capabilities in our Nashville, TN offices we are open to remote employment within the United States for an experienced candidate.

    Qualifications

    Required Skills/Experience:
  • 8 or more years of systems/platform security engineering experience
  • 5 or more years of experience with Java, Go, Python, Ruby or other object oriented languages and software development environments
  • 3 or more years of experience in Continuous Integration, build management and automated deployments, TravisCI, Jenkins, or GitlabCI
  • End to end understanding of the secure software development lifecycle (SSDLC) and DevOps/DevSecOps process integration.
  • Knowledge of Integration Brokers like Zuul and Rabbit MQ is a strong plus, as is understanding of JIRA, Nexus, Subversion, Rapid Deploy and shell scripting.
  • Experience with Open Source Application stacks like Nginx and NodeJS.
  • Familiarity with security industry and regulatory standards (ISO 17799, ISO 27001/2, ISO 31000, NIST 800 series, PCI, SOX, GLBA. etc.)
  • Demonstrated experience with cloud-based solutions. This should include administration, architecture, and security of web services.
  • Candidate should have an understanding of APIs, methods of automated deployment, and API security management in a corporate setting.
  • Experience with internal controls, risk assessments, business process and internal IT control testing or operational auditing
  • Influencing experience at senior levels within an organization
  • Excellent verbal and written communication skills
  • Knowledge of ISO and NIST security standards preferred
  • Education, Certifications and/or Other Professional Credentials:
  • Bachelor's degree required ( Degree in Computer Science or Computer Engineering preferred)
  • CISSP or other relevant industry certifications (TOGAF, ITIL).
  • Hours & Work Schedule Hours per Week: 40Work Schedule: Monday - Friday 8:30AM - 5:00PM
    Associated topics: cybersecurity, identity, idm, information assurance, leak, malicious, protect, security engineer, security officer, threat * The salary listed in the header is an estimate based on salary data for similar jobs in the same area. Salary or compensation data found in the job description is accurate.

    Launch your career - Create your profile now!

    Create your Profile

    Loading some great jobs for you...