- Analyzes technologies and establishes highly effective processes and protocols to ensure comprehensive protection exists to prevent unauthorized entry into the company networks and systems.
- Supports automation and orchestration to maximize team talent and reduce routine tasks.
- Lead security incident response activities and provide reports on security incidents to senior management.
- Support development and tuning of correlation rules for a SIEM
- Conduct security assessments on Microsoft Office365 and Azure security configurations and policies
- Ensure security tools are functioning optimally
- Oversee vulnerability management responsibilities such as scanning of network assets, remediations are meeting SLAs and providing reports to stakeholders and management
- Manage application security SAST and DAST scans to detect application vulnerabilities and ensure remediation in a timely manner
- Lead application and network pentesting engagements by ensuring vulnerabilities are tracked and remediated within SLAs.
- Actively recruits and leads by example to create a culture where employees want to work.
- Mentors security team and places a heavy emphasis on employee retention – people, first.
- Conducts independent verification and validation testing of the company networks and sensitive programs through internal team resources and independent consultant engagements.
- Leads the team to implement secure enterprise systems and identifies issues that could compromise data integrity or security.
- Develops IT security programs and recommends necessary changes to the information security team to ensure the company’s systems are fully compliant with all applicable regulatory requirements and privacy laws.
- Facilitates third-party audit reviews of internal departments.
- Provides periodic training to company employees on information security topics.
- Participates in the company’s change management program.
- Stays abreast of the security industry threat landscape, specifically within the banking industry.
- Recognizes personal developmental needs and is proactive in obtaining the coaching, networking and training needed to ensure continued success in the position.
- Creates a working environment that is conducive to two-way communication, teamwork and learning.
- Recognizes the varying strengths, skills and needs of the team and adapts coaching skills to obtain the best possible results from each individual contributor.
- Openly supports the organization, the management team and executive leadership team, even during times of adversity.
- Utilizes open communication and managerial courage to ensure the standards, expectations and goals of the organization are respected and upheld.
- Acts as a change agent and drives the department and business forward using effective management, analysis and strategic skills.
- Leads security-related projects from inception to successful completion and is capable of effectively coaching technology staff on appropriate security protocols and needs as they implement new technology into the organization.
- Required to perform duties outside of normal work hours based on business needs.
- Assumes responsibility for other duties as required or assigned.
Skills and Experience
- Experience leading investigations and reporting of security incidents
- Experience managing SIEM and MSSP
- Experience with vulnerability management and reporting tools
- Experience with configuration of AV/EDR policies and tools
- Experience with Microsoft Office 365 and Azure
- Experience leading projects from inception to implementation
- Experience with SAST and DAST tools preferred
- Demonstrates strong written and oral communication skills.
- Demonstrates solid organizational skills and the ability to multi-task, prioritize workload and delegate responsibilities.
- Prior experience in a Security Operations Center (SOC) preferred
- Effectively manages stress in a constantly changing environment.
- Leverages subject matter expertise in security and compliance.
- Demonstrates excellent judgment and the ability to make quick decisions and think outside the box when working with complex situations.
- Demonstrates a high level of flexibility.
- Is forward thinking and possesses business acumen.
- Possesses a high level of integrity, trustworthiness and confidence, and represents the company and its management team at the highest level of professionalism.
- Demonstrates strong analytical skills and is effective at interpreting and applying applicable regulation.
- Works effectively with a variety of personalities and can adapt his/her approach to effectively reach and develop his/her team. Uses this skill as well as his/her functional knowledge to both earn and maintain a high level of credibility with the team.
Job Qualifications/Requirements
- Minimum Education Level: Bachelor’s degree in computer science, information assurance, MIS or related field
- Minimum Job Experience: 8+ years
- Language requirements: English (Written: Advanced, Verbal: Fluent)
- Computer/software skills: Advanced
- Required: 8+ years of technical hands-on security experience, with at least 2 years in a team lead or supervisor role
- Preferred: CISSP, CISM and/or SANS certification
The salary range for this full-time position is $170,000 - $200,000 + bonus + benefits
Salary ranges are determined based on qualifications, level, and location.
Exact compensation may vary based on your skills and experience.
Bank of Hope is an equal employment opportunity employer and does not discriminate on the basis of race, color, gender, religion, age, sexual orientation, genetic information, national or ethnic origin, disability, marital status, veteran status or any other basis protected by federal, state, or local law.