Merrick Bank
Sr. Engineer, Information Security Assurance & Response
Merrick Bank, South Jordan, Utah, United States, 84095
Merrick Bank employees share in our mission to delight our customers and empower underserved consumers to achieve their credit goals. In return, we delight our associates; ensuring they are noticed, heard, appreciated and understand the importance of their role(s). For over 20 years, our Guiding Principles of; doing the right thing, putting the customer first, and Earn, Learn, Have Fun (aka E.L.F.), have defined who we are as an Employer of Choice. Give Yourself Credit, Work at Merrick!
Position Summary:
Seeking a Senior Security Engineer to be a guide and mentor amongst the Security Management and Response (SMR) team. The primary responsibilities include improving, maintaining and building; visibility, detection and response amongst SMR operations, incident response, forensics, threat detection, threat intel integration, and detection engineering. The Senior Security Engineer will also work diligently with our MSSP to improve, integrate, build and maintain visibility, detection and response processes.
The ideal candidate will be proficient in using a variety of security tools to support these responsibilities. This role requires strong leadership, analytical skills, and the ability to work collaboratively with cross-functional teams.
Essential Functions:
Guide and mentor the Security Management and Response (SMR) team: Provide guidance and mentorship in investigations and daily operations, ensuring effective monitoring, detection and response to security events and complex attacks. Engineer: Champion and innovate engineering efforts to enhance visibility, detection, and response processes within the team, the financial institution, and with the MSSP. Incident Response: Develop and implement incident response plans, offer guidance during security events, and coordinate with relevant teams to acknowledge, contain, mitigate, and resolve security incidents. Tool Management: Utilize and manage Security Event and Information Management (SEIM) and various assigned security tools. Provide Guidance: Support and assist other teams in configuring tools to support operations related to security processes and systems, ensuring the protection of data, customers, and computer systems. Collaborate: Work closely with security and other teams to collaborate, maintain, streamline and build processes. Task Management: Prioritize and complete assigned tasks, ensuring timely and efficient completion of security-related activities. Reporting: Utilize issue and project management software to report progress and provide management status based on designed sprints and assigned tasks. Learn: Continuously learn and convey methods to identify and detect new attacks, and use that knowledge to upskill others and identify gaps in existing controls. Compliance with Laws & Regulations:
Responsible for complying with policies and procedures. Responsible for understanding and complying with all laws and regulations. Responsible for communicating problems in operations, noncompliance with the code of conduct, noncompliance with laws and regulations, policy violations, or illegal acts. Education and Experience:
Six (6) years of work experience insecurity monitoring and incident response, cybersecurity engineering, and network/systems administration required. Bachelor's degree in computer or cybersecurity-related studies, or equivalent broad experience required, six (6) years of related and equivalent experience accepted in lieu of education requirement. GIAC, OffSec, ISC2, or other recognized certifications are also desirable. Summary of Qualifications:
Experience as a security engineer or IT (Information Technology) systems engineer is preferred. Familiarity with highly regulated industries, and specifically the financial industry (including FDIC regulations) is preferred. Security project or team experience, preferably with experience in security engineering functions. Demonstrated history and ongoing effective performance with security architecture, engineering, investigation & remediation capabilities. Demonstrated ability in engineering, detection engineering, tuning, and operating security tools. Demonstrated skills with security concepts, defense-in-depth strategies, security tools, and protocols. Demonstrated ability to effectively communicate security events, risks and incidents to people with technical and non-technical backgrounds Outstanding troubleshooting and problem-solving skills Demonstrated ability to investigate complex security, hardware, and network systems "White hat" mentality, with a healthy sense of paranoia (security awareness and risk) Positive, inquisitive, can-do attitude. Self-starter, requires minimal oversight to perform as expected, work well independently and as part of a team. Comfortably perform well under pressure, deliver to commitments on tight deadlines Meticulous attention to detail. Passion for cybersecurity and technology trends, news, and hacking techniques. Work Environment/Physical Demands:
May require some travel to company, partner, or vendor locations for various job duties. May require some lifting of up to 50 pounds to rack/maintain IT or security equipment. Security Responsibilities - General:
This classification requires heightened security awareness to safeguard financial data, including customer non-public personal information. This security level means that the job includes exposure to all categories of financial data, including customer non-public personal information.
We offer a total rewards package comprised of a competitive base rate of pay, variable pay incentive programs based on the role, and a comprehensive benefit suite. Offered rates of pay are determined based on job-related knowledge, relevant experience, skills, certifications, and geographic location. Our benefits offerings include medical, dental, vision, life insurance, 401(k) plan with company match, paid vacation time, sick time, as well as other benefits and programs to meet the needs of our employees. Further details will be shared during the interview or offer process, as appropriate and applicable.
We are an equal opportunity employer, and we evaluate qualified applicants without regard to race, color, religion, sex, national origin, disability, veteran status or any other legally protected characteristic. We will conduct a thorough background check for all hires in compliance with applicable law which includes (but may not be limited to) a review of factors including drug testing and employment/personal references.
Other details
Pay Type Salary
Apply Now
Position Summary:
Seeking a Senior Security Engineer to be a guide and mentor amongst the Security Management and Response (SMR) team. The primary responsibilities include improving, maintaining and building; visibility, detection and response amongst SMR operations, incident response, forensics, threat detection, threat intel integration, and detection engineering. The Senior Security Engineer will also work diligently with our MSSP to improve, integrate, build and maintain visibility, detection and response processes.
The ideal candidate will be proficient in using a variety of security tools to support these responsibilities. This role requires strong leadership, analytical skills, and the ability to work collaboratively with cross-functional teams.
Essential Functions:
Guide and mentor the Security Management and Response (SMR) team: Provide guidance and mentorship in investigations and daily operations, ensuring effective monitoring, detection and response to security events and complex attacks. Engineer: Champion and innovate engineering efforts to enhance visibility, detection, and response processes within the team, the financial institution, and with the MSSP. Incident Response: Develop and implement incident response plans, offer guidance during security events, and coordinate with relevant teams to acknowledge, contain, mitigate, and resolve security incidents. Tool Management: Utilize and manage Security Event and Information Management (SEIM) and various assigned security tools. Provide Guidance: Support and assist other teams in configuring tools to support operations related to security processes and systems, ensuring the protection of data, customers, and computer systems. Collaborate: Work closely with security and other teams to collaborate, maintain, streamline and build processes. Task Management: Prioritize and complete assigned tasks, ensuring timely and efficient completion of security-related activities. Reporting: Utilize issue and project management software to report progress and provide management status based on designed sprints and assigned tasks. Learn: Continuously learn and convey methods to identify and detect new attacks, and use that knowledge to upskill others and identify gaps in existing controls. Compliance with Laws & Regulations:
Responsible for complying with policies and procedures. Responsible for understanding and complying with all laws and regulations. Responsible for communicating problems in operations, noncompliance with the code of conduct, noncompliance with laws and regulations, policy violations, or illegal acts. Education and Experience:
Six (6) years of work experience insecurity monitoring and incident response, cybersecurity engineering, and network/systems administration required. Bachelor's degree in computer or cybersecurity-related studies, or equivalent broad experience required, six (6) years of related and equivalent experience accepted in lieu of education requirement. GIAC, OffSec, ISC2, or other recognized certifications are also desirable. Summary of Qualifications:
Experience as a security engineer or IT (Information Technology) systems engineer is preferred. Familiarity with highly regulated industries, and specifically the financial industry (including FDIC regulations) is preferred. Security project or team experience, preferably with experience in security engineering functions. Demonstrated history and ongoing effective performance with security architecture, engineering, investigation & remediation capabilities. Demonstrated ability in engineering, detection engineering, tuning, and operating security tools. Demonstrated skills with security concepts, defense-in-depth strategies, security tools, and protocols. Demonstrated ability to effectively communicate security events, risks and incidents to people with technical and non-technical backgrounds Outstanding troubleshooting and problem-solving skills Demonstrated ability to investigate complex security, hardware, and network systems "White hat" mentality, with a healthy sense of paranoia (security awareness and risk) Positive, inquisitive, can-do attitude. Self-starter, requires minimal oversight to perform as expected, work well independently and as part of a team. Comfortably perform well under pressure, deliver to commitments on tight deadlines Meticulous attention to detail. Passion for cybersecurity and technology trends, news, and hacking techniques. Work Environment/Physical Demands:
May require some travel to company, partner, or vendor locations for various job duties. May require some lifting of up to 50 pounds to rack/maintain IT or security equipment. Security Responsibilities - General:
This classification requires heightened security awareness to safeguard financial data, including customer non-public personal information. This security level means that the job includes exposure to all categories of financial data, including customer non-public personal information.
We offer a total rewards package comprised of a competitive base rate of pay, variable pay incentive programs based on the role, and a comprehensive benefit suite. Offered rates of pay are determined based on job-related knowledge, relevant experience, skills, certifications, and geographic location. Our benefits offerings include medical, dental, vision, life insurance, 401(k) plan with company match, paid vacation time, sick time, as well as other benefits and programs to meet the needs of our employees. Further details will be shared during the interview or offer process, as appropriate and applicable.
We are an equal opportunity employer, and we evaluate qualified applicants without regard to race, color, religion, sex, national origin, disability, veteran status or any other legally protected characteristic. We will conduct a thorough background check for all hires in compliance with applicable law which includes (but may not be limited to) a review of factors including drug testing and employment/personal references.
Other details
Pay Type Salary
Apply Now