Listing Description
At Regions, the Information Security Engineer oversees the research, technical analysis, recommendation, configuration, and administration of systems and procedures to ensure the protection of information processed, stored, or transmitted.
Primary Responsibilities
Provides security design, consultation, and technology governance oversight for various projects and initiatives
Provides assistance to system users relative to information systems security matters
Undertakes complex projects requiring additional specialized technical knowledge
Acts as information liaison to various business units and information technology departments
Acts as a resource for direction, training, and guidance for less experienced staff
This position is exempt from timekeeping requirements under the Fair Labor Standards Act and is not eligible for overtime pay.
Requirements
High school diploma or GED with ten (10) years of experience or Bachelor's degree in a related field with eight (8) years of experience
Preferences
Certified Information Systems Security Professional (CISSP), Microsoft Certified Systems Engineer (MCSE), or other industry certification
Skills and Competencies
Ability to prioritize assignments while working on multiple projects
Excellent writing and oral communication skillsRequired Qualifications:
Advanced knowledge of system and/or web application vulnerabilities and risk assessment methodologies such as Common Vulnerability Scoring System (CVSS) and OWASP Risk Rating Methodology.
Extensive knowledge around application security and assist with the design and implementation of application security processes and technologies Technical background in application security, software development, or DevOps, Knowledge of the SDLC, continuous build systems and other software engineering methodologies/systems Knowledge of programming languages such as Java and .net
Ability to analyze application security vulnerabilities and executing process.
Experience with automated and manual tools used to find system and web application vulnerabilities such as Fortify on Demand, Veracode Kali, WebInspect, Contrast, WhiteHat, etc.
Ability to think outside the box and emulate adversarial approaches Demonstrated ability to work well independently with little input and as part of a team Capable of articulating complex technical concepts or scenarios to both technical and non-technical audiences
Listing Details
- Citizenship: Us Citizen
- Incentives: Not Provided
- Education: High School Diploma
- Travel: No Travel
- Telework: Full Telecommute