Lead Security Engineer

The Lead Security Engineer, working independently, will direct staff in the execution of manual activities and/or automated activities to ensure applications and projects within their portfolio meet defined quality standards.

Essential Job Functions:


* Ensure that security risks are comprehensively and effectively managed though leading the application of established and ad hoc processes and techniques to identify, validate, and prioritize.


* Lead the identification of security requirement deficiencies, eliciting of security requirements, and the architecture and design of security controls.


* Develop and implement strategies to promote consistent use of security controls across the enterprise.


* Lead the operation and monitoring of security controls.


* Establish, implement, and promote security control operation and monitoring strategies.


* Ensure that controls are operating effectively; resolve operating discrepancies.


* Review, triage, and prioritize control output.


* Take appropriate action to resolve security discrepancies.


* Lead the identification, evaluation, and recommendation of new security technologies, techniques, and tools.


* Lead team in defining, reviewing, and promoting information security policies, standards, guidelines, and procedures.


* Lead and champion efforts to enforce and monitor compliance with internal and external regulations, policies, and standards.


* Establish and promote strategies to ensure that compliance is effectively monitored and enforced.


* Direct internal process improvement initiatives.

Provide feedback on processes by offering suggestions.


* Mentor junior staff.


* Participate in external process improvement committees as a Quality Assurance representative.


* Provide backup coverage for next level management, as appropriate.


* Assist with adherence to technology policies and comply with all security controls.


* Ensure all work products meets/exceeds FINRA standards.

Education/Experience Requirements:


* Bachelor’s degree in Computer Science, Information Systems or related discipline with at least seven (7) years of related experience, or equivalent training and/or work experience; Master’s degree and past Financial Services industry experience preferred.


* Experience must include direct experience in leading key areas such as: securing networks and systems architecture, design and implementation, secure software assurance, intrusion detection, defense and incident response, security configuration management, access controls design and implementation and security policy and standards development.


* In-depth knowledge of more than one communications protocol.


* Experience managing several Cyber Security tools, including: Configuration Assessment, Log Aggregation, Integrity Verification, Web Application Security Testing, Network Access Control System, Network Intrusion prevention systems, and...