Systems Information Security Engineer
Company: The Washington Trust Bank
Posted on: June 8, 2021
The Systems Information Security Engineer is part of the
Information Security Office team and responsible for support of
following information security areas: Information Security
Configuration Management, Endpoints, Databases, Core processing
systems, and Information Security Systems Architecture &
Consulting. This is a hands-on position that works closely with
Information Security team members on continues assessment and
hardening of bank's information security posture, maturity level
and risk assessments. Acts as a liaison to IT team regarding
information systems security architecture, configuration and
posture assessment and verification. Prepares analyses, metrics,
Key Risk Indicators (KRIs), and evaluations to ensure compliance
with bank policies, standards, and security regulations.
Information Security Configuration Management
- Supports Information Security Office to maintain and enhance
the security posture of the bank's systems, endpoints (on-premises
and cloud), database / data, and core processing systems.
- Assists with the implementation of secure baseline
configurations, incorporates secure configuration settings for
Information Security, IT product and services and integration of
third party provided systems.
- Monitors and maintains information security tools and solutions
for effective operation, peak performance and orchestration of the
- Ensures information security standards, procedures and
guidelines in compliance with bank regulations (e.g. FFIEC, NIST,
- Assists the Information Security Office with various activities
associated with the banks Operational Risk Management Program.
Endpoints/Databases/Data/Core Processing Systems Security
- Identifies opportunities to improve endpoints (on-premises and
cloud), core processing platform security through the
implementation of secure frameworks, establishments of standards,
procedures, and guidelines.
- Works closely with IT team to analyze the current network and
applications security posture to detect critical deficiencies and
recommend solution for improvements.
- Works with Information Security team to assist with building of
new controls, automation and resolving gaps or identified issues
with security technologies.
- Assists in supporting all reporting, metrics, and Key Risk
Indicators (KRIs) requirements for security applications, tools,
- Support implementation of static and dynamic application
- Support implementation and management of data loss prevention
and data discovery tool.
- Management and configuration of endpoint security tools,
including antivirus, antimalware, application control and EDR.
- Documents necessary endpoints, databases, and core processing
systems security design including project postmortem documentation
and metrics collection and reporting.
- Works with IT staff and project managers to resolve security
related issues with network, systems, and applications during
implementation and ongoing.
Information Security Architecture & Consulting
- Performs analysis of information systems security architecture
needs and contributes to design, integration, and tune- up of
required hardware and software.
- Identifies and defines initial information security design and
architecture requirements and ensure implementation and
verification throughout the life cycle of projects and
- Provides information security consulting across the
organization and assists in defining individual information
security requirements for applications bank-wide.
- Assists developing training material that covers organizational
policies, procedures, tools, artifacts, and monitoring
- Documents information security processes and procedure as
- Follows established change management procedures.
- Participates in incident response and vulnerability remediation
- Participates in on-call rotational duties with other team
- Regular, reliable attendance is required.
- Performs compliance and risk management duties as required or
- Bachelor's degree in Computer Science, MIS or related technical
field or equivalent related work experience.
- 3 - 5 years of experience in configuration of secure systems,
endpoints, databases, and core processing systems.
- Experience with endpoints, databases, and core processing
systems hardening and compliance (FFIEC, NIST and PCI).
- Network, systems, application information security
certification preferred (GIAC's GCCC, GPPA, GCWN. CISSP, SCCP, CEH,
- Experience with Common Secure Configurations (i.e. STIGs, CIS)
and other industry security checklists / benchmarks
- Experience in assessing the risk of a proposed solution,
escalating appropriately and driving to closure.
- Technical knowledge of systems engineering, networking/cloud
and software architectures.
- Demonstrated proficiency with various security applications and
investigation / forensic tools.
- Extensive knowledge of networking protocols and security
- Excellent communications and interpersonal skills; ability to
Keywords: The Washington Trust Bank, Spokane , Systems Information Security Engineer, Other , Spokane, Washington
Didn't find what you're looking for? Search again!