Lead Security Engineer

About The Position

Requirements

• Bachelor’s degree in Computer Science, Information Systems or related discipline with at least seven (7) years of related experience, or equivalent training and/or work experience
• Direct experience in leading key areas such as: securing networks and systems architecture, design and implementation, secure software assurance, intrusion detection, defense and incident response, security configuration management, access controls design and implementation and security policy and standards development.
• In-depth knowledge of more than one communications protocol.
• Experience managing several Cyber Security tools, including: Configuration Assessment, Log Aggregation, Integrity Verification, Web Application Security Testing, Network Access Control System, Network Intrusion prevention systems, and Endpoint Security Solutions.
• Strong written and verbal technical communication skills.
• Demonstrated ability to develop effective working relationships that improved the quality of work products.
• Should be well organized, thorough, and able to handle competing priorities.
• Ability to maintain focus and develop proficiency in new skills rapidly.
• Ability to work in a fast paced environment.
• Excellent planning skills.
• Willingness to accept new challenges and grasp new or changing concepts, technologies and procedures.
• In-depth knowledge across all areas of Information Security.
• Employees must comply with the company’s policy on nepotism.
• Employees must execute FINRA’s Employee Confidentiality and Invention Assignment Agreement without qualification or modification.
• Employees must disclose to FINRA all brokerage accounts that they maintain, and those in which they control trading or have a financial interest (including any trust account of which they are a trustee or beneficiary and all accounts of a spouse, domestic partner or minor child who lives with the employee) and to authorize their broker-dealers to provide FINRA with duplicate statements for all of those accounts.
• All of those accounts are subject to the Code’s investment and securities account restrictions, and new employees must comply with those investment restrictions—including disposing of any security issued by a company on FINRA’s Prohibited Company List or obtaining a written waiver from their Executive Vice President—by the date they begin employment with FINRA.
• Employees may only maintain securities accounts that must be disclosed to FINRA at one or more securities firms that provide an electronic feed (e-feed) of data to FINRA, and must move securities accounts from other securities firms to a firm that provides an e-feed within three months of beginning employment.

Nice To Haves

• Master’s degree
• Past Financial Services industry experience

Responsibilities

• Ensure that security risks are comprehensively and effectively managed though leading the application of established and ad hoc processes and techniques to identify, validate, and prioritize.
• Lead the identification of security requirement deficiencies, eliciting of security requirements, and the architecture and design of security controls.
• Develop and implement strategies to promote consistent use of security controls across the enterprise.
• Lead the operation and monitoring of security controls.
• Establish, implement, and promote security control operation and monitoring strategies.
• Ensure that controls are operating effectively; resolve operating discrepancies.
• Review, triage, and prioritize control output.
• Take appropriate action to resolve security discrepancies.
• Lead the identification, evaluation, and recommendation of new security technologies, techniques, and tools.
• Lead team in defining, reviewing, and promoting information security policies, standards, guidelines, and procedures.
• Lead and champion efforts to enforce and monitor compliance with internal and external regulations, policies, and standards.
• Establish and promote strategies to ensure that compliance is effectively monitored and enforced.
• Direct internal process improvement initiatives.
• Provide feedback on processes by offering suggestions.
• Mentor junior staff.
• Participate in external process improvement committees as a Quality Assurance representative.
• Provide backup coverage for next level management, as appropriate.
• Assist with adherence to technology policies and comply with all security controls.
• Ensure all work products meets/exceeds FINRA standards.
• Demonstration of FINRA’s values.
• Collaboration, both in-person and virtually, in furtherance of FINRA’s mission of investor protection and market integrity.

Benefits

• Discretionary bonus
• Overtime pay
• Comprehensive health, dental and vision insurance
• Basic life, accidental death and dismemberment, supplemental life, spouse/domestic partner and dependent life, and spouse/domestic partner and dependent accidental death and dismemberment, short- and long-term disability, long-term care, business travel accident, disability and legal insurance
• Immediate participation and vesting in a 401(k) plan with company match
• Additional FINRA-funded retirement contribution
• Tuition reimbursement
• Commuter benefits
• Adoption assistance
• Backup family care
• Surrogacy benefits
• Employee assistance
• Wellness programs
• 15 days of paid time off
• 5 personal days
• 9 sick days
• Two volunteer service days
• Military leave
• Jury duty leave
• Bereavement leave
• Voting and election official leave for federal, state or local primary and general elections
• Care of a family member leave (available after 90 days of employment)
• Childbirth and parental leave (available after 90 days of employment)
• Nine paid holidays