job summary: Summary/Objective:
The Lead Security Engineer will work directly and oversee a team, managing the confidentiality, integrity, and availability as it relates to the credit union's process, procedures, and systems, ensuring. Working with the Information Security and Information Systems teams to ensure security best practices in existing and current processes and configurations throughout the organization.
location: Berlin, Massachusetts
job type: Permanent
work hours: 9am to 5pm
responsibilities: Essential Functions :
Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
- Lead a small team of Security Analysts and Engineers in ensuring the confidentiality, integrity and availability of the data residing on or transmitted to/from/through credit union workstations, servers and other systems and in databases and other data repositories
- Evaluate, design, architect, test, deploy, configure, administrator, and maintain the credit union's Information Security monitoring and scanning solutions.
- Work with Information Systems teams and vendors to optimize Information Security solutions and/or systems for the credit union.
- Automate security analytics. Drive up signal-to-noise ratio and eliminate low-value work.
- Maintain up-to-date knowledge of the IT Security industry including awareness of new or revised security solutions, improved security processes and the development of new attacks and threat vectors
- Identify and monitor metrics regarding the state of security in the environment.
- Analyze threat data and act as an escalation point for the security operations team.
- Participate in root cause analysis of critical events for improving preventative and reactive processes
- Participate in the governance process and contribute to the development of security policies, procedures and standards for the credit union.
- Work with other business areas to explain security concepts, make recommendations, and help drive security initiatives
- Perform other job-related duties as assigned by Management.
qualifications: Education and Experience Requirements
- Troubleshooting, problem solving, documentation and communication skills
- Bachelor's Degree in Information Security, Cybersecurity, Information Technology, or related field Security related certifications, such as CISSP, SSCP, ECSA
- 4+ years of experience in Cybersecurity
- 8+ years of experience in Information Technology
- Experience with CIS Critical Security Controls, NIST 800 and CSF, and FFIEC frameworks, and Financial Institution Regulatory Requirements
- Experience with managing Microsoft Active Directory, Group Policy, DNS
- Experience with managing SIEM, Logs, IDS/IPS, DLP, Web filters, AV, and WAF solutions
- Knowledge of common protocols such as SNMP, HTTP, HTTPS, SMTP, NTP, LDAP, KERBEROS, RADIUS and FTP
- Network and Firewall experience/configuration a plus
skills: Job Competencies:
- Solid understandings of network and systems security, as well as cloud security.
- Expertise in enterprise level SIEM, NAC, IDS/IPS, WAF solutions.
- Linux, Windows system administration skills.
- Ability to multi-task under strict deadlines
- Professional and interpersonal skills
- Ability to work effectively and contribute within a team environment
Equal Opportunity Employer: Race, Color, Religion, Sex, Sexual Orientation, Gender Identity, National Origin, Age, Genetic Information, Disability, Protected Veteran Status, or any other legally protected group status.