Eastern Bank - Lynn, MA
posted 1 day ago
Full-time
Lynn, MA
Credit Intermediation and Related Activities
About the position
This role is a strategic leader on the Security Operations team as an incident responder. The role plans the response to complex security threats and enhances the incident management framework. This role drives initiatives that bolster the bank's cybersecurity defenses and fosters a culture of continuous improvement and resilience, refines IR processes, and communicates with stakeholders at all levels.
Responsibilities
- Analyze data, make recommendations for remedial action and/or security network enhancements based on detailed analysis and ensure proper communication of issues and/or recommendations to both technical and non-technical audiences.
- Research adversarial Tactics, Techniques and Procedures (TTPs) and developing novel detection and prevention techniques across multiple environments including network, endpoint and applications, particularly through use of the bank SIEM solution.
- Monitor events and alerts generated by firewalls, SIEMs, IDS and networking equipment.
- Methodically identify system security issues and determine root cause via a consistent, logical approach.
- Work with senior engineers and technology management, define and drive security-based process improvements.
- Create and/or maintain security documentation including security architecture diagrams, procedures, and Bank security standards.
Requirements
- College degree or equivalent combination of training and experience.
- 5+ years' experience in security engineering w/ 3+ years working as a security engineer.
- 1-2 years Azure experience.
- Experience with project management methodologies and with large scale enterprise and service provider networks.
- Solid understanding of computer forensic analysis, firewall technology, SIEM configuration and content development experience, IP networking (TCP/IP and packet analysis), IPS/IDS system attack knowledge, two factor authentication systems, Powershell or python scripting language.
- Knowledge of LINUX and Windows system administration a plus.
- Must be able to synthesize multiple data points across several business and technical domains.
- Must be analytical, well-organized, and self-directed.
- Makes recommendations to manager on decisions of complex, multifaceted nature.
- Independently drives and coordinates solutions to complex matters.
- Proficiency in handling complex security incidents, with a deep understanding of the current cybersecurity landscape and threats.
- Organizational and planning skills, with the ability to manage multiple projects and priorities effectively.
- Ability to implement new security tools in large scale projects.
- CISSP, GPEN, CEH a plus in addition to other network security certifications.
- Advanced level knowledge in designing and managing complex next gen firewall infrastructures to include firewall, IPSEC VPN and IPS/IDS, Advanced Networking, Acceleration & Clustering technologies.
- Must have the ability to communicate information and ideas so others will understand.
- Strong ability to understand, accurately translate and produce technical information for a general audience.
