Vulnerability Assessment Engineer - Regions Bank Birmingham, AL, USA Bookmark Share Print 504 3 22

Listing Description

Job Description

Job Description

At Regions the Information Security Engineer is responsible for the research, technical analysis, recommendation, configuration, and administration of systems and procedures to ensure the protection of information processed, stored or transmitted.

Primary Responsibilities

•Provides security design, consultation, and technology governance oversight for various projects and initiatives

•Provides assistance to system users relative to information systems security matters

•Undertakes complex projects requiring additional specialized technical knowledge

•Acts as information liaison to various business units and information technology departments

•Acts as a resource for direction, training and guidance for less experienced staff

This position is exempt from timekeeping requirements under the Fair Labor Standards act and is not eligible for overtime pay.

Requirements

•High school diploma or GED and four years of experience

•Bachelor's degree in a related field

•Must be able to prioritize assignments while working on multiple projects

•Must have excellent writing and oral communication skills

•Certified Information Systems Security Professional (CISSP), Microsoft Certified Systems Engineer (MCSE) or other industry certification preferred.

Additional Job Description

Advanced knowledge of system/infrastructure and/or web application vulnerabilities and risk assessment methodologies such as Common Vulnerability Scoring System (CVSS) and OWASP Risk Rating Methodology.

• Strong networking understanding

•Experience with automated and manual tools used to find system vulnerabilities such as Nexpose, Qualys, and Contrast Security.

•Ability to think outside the box and emulate adversarial approaches

•Demonstrated ability to work well independently with little input and as part of a team

•Capable of articulating complex technical concepts or scenarios to both technical and non-technical audiences

•Project management skills: must be able to manage concurrent projects through standard delivery phases of information gathering, assessment, and reporting.

•Bachelor’s degree in a technical field, experience in Information Security or Information Technology, or a combination of education and relevant experience.