Senior Cyber Security Engineer (Endpoint & DLP Security), Infrastructure & Access security

About The Position

Requirements

• Bachelor’s degree in Cybersecurity, Information Security, or a related field. Equivalent experience will also be considered.
• 7+ years of experience in risk management, security awareness, or a related role within the finance industry.
• Highly proficient in the management and use of the Microsoft Security Tool Suite.
• Proficient in scripting languages such as Python, PowerShell with relation to API, automation and metric collection.
• Thorough understanding of current cyber threat and risk landscape.
• Solid understanding of web application frameworks, APIs, microservices, and cloud environments (AWS, Azure, GCP).
• Demonstrated skills with security concepts, defense-in-depth strategies, security tools, and protocols.
• “White-hat” mentality, with a healthy sense of paranoia (security awareness and risk).
• Positive, inquisitive, can-do attitude.
• Self-starter, requires minimal oversight to perform as expected, work well independently and as part of a team.
• Comfortably perform well under pressure, deliver to commitments on tight deadlines.
• Meticulous attention to detail.
• Passion for cybersecurity and technology trends, news, and hacking techniques.

Nice To Haves

• Experience in developing and delivering training programs is highly desirable.
• Relevant certifications such as CISSP, CISM, or advanced SANS are highly desirable.
• 1+ years of Morphisec experience preferred.
• Good experience with highly regulated industries, and specifically the banking industry (including FDIC regulations) is preferred.

Responsibilities

• Work with team lead and direct leadership to implement comprehensive cyber security strategies that align with team and organizational goals while also maintaining regulatory requirements.
• Lead programs, mentor junior engineers and analysts, and help develop a high-performing cyber security team, acting as a point of technical escalation.
• Maintain in-scope program implementation, road mapping and maturity best practices.
• Keep a “real time” status on the latest cyber security trends, technologies, and best practices, helping to integrate them into the organization’s security framework.
• Assist in authoring and enforcing security policies, standards, and procedures to create efficiencies and mitigate risks to ensure compliance with industry regulations.
• Support the SOC during incident response efforts, coordinating with the SOC team internally to facilitate resolutions effectively.
• Participate in incident response plans as well as regular drills and reviews to ensure preparedness.
• Collaborate cross-functionally with teams and stakeholders.
• Establish and maintain relationships to properly support security initiatives enterprise wide.
• Report on program metrics as well as potential gaps identified to the team lead and direct leadership providing insights and recommendations for improvement.
• Senior Cyber Security Engineer is also responsible for familiarity with tooling and cross-train with other security functions as assigned:
• Endpoint security controls – Monitor ticketing and requests for all endpoint controls and respond to events and outages in a troubleshooting capacity.
• Data loss prevention – Address tickets for block remediation and apply rule changes as needed.
• Cloud access security brokering – Monitor incoming requests and apply proper validation and remediation steps as needed.
• Email security – Perform triage and remediation of tickets related to email security.
• Define and enforce policies for endpoint security and DLP aligned with regulatory and business requirements.
• Develop and maintain operational playbooks and escalation procedures.
• Administer and optimize Microsoft Defender XDR and DLP tools across the enterprise.
• Lead tool upgrades, configuration changes, and integration efforts with SIEM and SOAR platforms.
• Analyze and triage security alerts from Defender XDR and DLP platforms.
• Lead investigations into endpoint-related incidents and data exfiltration attempts.
• Generate regular reports on endpoint and DLP effectiveness, coverage, and incident trends.
• Collaborate with compliance and risk teams to ensure audit readiness and policy adherence.
• Responsible for complying with all the Bank’s internal control policies and procedures.
• Responsible for understanding and complying with all laws and regulations to which the Bank is subject.
• Responsible for communicating problems in operations, noncompliance with the code of conduct, noncompliance with laws and regulations, policy violations, or illegal acts.

Benefits

• Competitive Pay , including a Bonus Target or Variable Pay Incentive Program
• Benefits Package -Medical, Dental, and Vision (plus much more)
• 401(k) Plan with Company Match
• Short- & Long-Term Disability
• Wellness Programs
• Group Life and AD&D Insurance
• Paid Vacation, Sick Days and bank Holidays
• Employee Engagement Activities including Employee Appreciation Day, DEI Employee Resource Groups, Corporate Social Responsibility, Service Recognition