Mizuho Bank Ltd
Senior Security Engineer
Mizuho Bank Ltd, New York, New York, us, 10261
Join the Mizuho team as a Senior Security Engineer!
This role will be focused on and around the regular administration/maintenance of security tools including performing upgrades/troubleshooting and maintaining system documentation. They may be required to help write or shape policies/procedures/run books/processes, etc. They will be expected to maintain vendor relationships, keep up to date on new product features, improve our overall security posture, and prepare data/reports for management. They will be expected to participate in our incident response process serving as an SME/escalation point. Additional miscellaneous work may also be required as it comes up to help the team achieve the overall goals for the organization.
The remaining responsibilities of the engineer focus on a variety of functions within project implementation including business analyst, project management, and technical resource/implementer. The projects will tend to focus on and around the organization improving our security posture, as well as compliance posture as we operate in a highly regulated industry. The expectation is to understand the needs and requirements of stake holders and/or regulations, and translate the requirements into actionable tasks, drive project team members to complete their tasks, and perform their own implementation tasks to complete the objective. They will also be responsible for evaluating different products and aiding in the selection of tools for implementation.
The projects will likely focus on or around concepts and tools related to EDR, Vulnerability Management, IPS, SIEM/SOAR, Network Monitoring Tools, CASB/SASE, and others.
Knowledge of the above items, as well as being comfortable working with VMware, Firewall Policies, Cloud and understanding of DNS is required. Familiarity with DevSecOps, while not a day-to-day task, will be required as well.
Major Responsibilities:
The engineer is responsible for providing additional oversight of the security engineering function in a non-supervisory manner. They are expected to call out and highlight gaps/deficiencies and identify compensating controls that can be put in place by the broader team. They will be responsible for reporting on projects and BAU items to the Director of Security and may serve as a backup as necessary.
Required Qualifications:
Knowledge of the tools/concepts mentioned above.
Understanding of the SDLC and project management concepts
Understanding of the Incident Response life cycle is required as engineering may serve as an escalation point for Security Operations.
Working knowledge of Linux and Windows OSes required. Ability to script/code to aid automation required - preferably Python, PowerShell, or Bash.
Candidate must have high attention to detail and operate independently. Ability to troubleshoot and identify root cause analysis is a must have skill.
Additional Qualifications:
Experience with any of the following tools will help the candidate stand out:
Splunk Cloud, Splunk ES Qradar/Palo SOAR ExtraHop/Reveal(x) Fortinet Netskope Cisco Umbrella, IOS, ISE, AMP/Secure Endpoint, Umbrella CrowdStrike Netskope CASB rsyslog and logrotate OpenShift / Azure ServiceNow Tenable JIRA Gitlab Puppet/Ansible
Required to be part of on-call rotation with the rest of the security engineering team.
Location: Hybrid. 1-3x a week in NYC or NJ.
The expected base salary ranges from $105k-$170k. Salary offers are based on a wide range of factors including relevant skills, training, experience, education, and, where applicable, certifications and licenses obtained. Market and organizational factors are also considered. In addition to salary and a generous employee benefits package, successful candidates are eligible to receive a discretionary bonus.
#LI-Hybrid
Other requirements
Mizuho has in place a hybrid working program, with varying opportunities for remote work depending on the nature of the role, needs of your department, as well as local laws and regulatory obligations. Roles in some of our departments have greater in-office requirements that will be communicated to you as part of the recruitment process
Company Overview
Mizuho Financial Group, Inc. is the 15th largest bank in the world as measured by total assets of ~$2 trillion. Mizuho's 60,000 employees worldwide offer comprehensive financial services to clients in 35 countries and 800 offices throughout the Americas, EMEA and Asia. Mizuho Americas is a leading provider of corporate and investment banking services to clients in the US, Canada, and Latin America. Through its acquisition of Greenhill, Mizuho provides M&A, restructuring and private capital advisory capabilities across Americas, Europe and Asia. Mizuho Americas employs approximately 3,500 professionals, and its capabilities span corporate and investment banking, capital markets, equity and fixed income sales & trading, derivatives, FX, custody and research. Visit www.mizuhoamericas.com.
Mizuho Americas offers a competitive total rewards package.
We are an EEO/AA Employer - M/F/Disability/Veteran.
We participate in the E-Verify program.
We maintain a drug-free workplace and reserve the right to require pre- and post-hire drug testing as permitted by applicable law.
#LI-MIZUHO
This role will be focused on and around the regular administration/maintenance of security tools including performing upgrades/troubleshooting and maintaining system documentation. They may be required to help write or shape policies/procedures/run books/processes, etc. They will be expected to maintain vendor relationships, keep up to date on new product features, improve our overall security posture, and prepare data/reports for management. They will be expected to participate in our incident response process serving as an SME/escalation point. Additional miscellaneous work may also be required as it comes up to help the team achieve the overall goals for the organization.
The remaining responsibilities of the engineer focus on a variety of functions within project implementation including business analyst, project management, and technical resource/implementer. The projects will tend to focus on and around the organization improving our security posture, as well as compliance posture as we operate in a highly regulated industry. The expectation is to understand the needs and requirements of stake holders and/or regulations, and translate the requirements into actionable tasks, drive project team members to complete their tasks, and perform their own implementation tasks to complete the objective. They will also be responsible for evaluating different products and aiding in the selection of tools for implementation.
The projects will likely focus on or around concepts and tools related to EDR, Vulnerability Management, IPS, SIEM/SOAR, Network Monitoring Tools, CASB/SASE, and others.
Knowledge of the above items, as well as being comfortable working with VMware, Firewall Policies, Cloud and understanding of DNS is required. Familiarity with DevSecOps, while not a day-to-day task, will be required as well.
Major Responsibilities:
The engineer is responsible for providing additional oversight of the security engineering function in a non-supervisory manner. They are expected to call out and highlight gaps/deficiencies and identify compensating controls that can be put in place by the broader team. They will be responsible for reporting on projects and BAU items to the Director of Security and may serve as a backup as necessary.
Required Qualifications:
Knowledge of the tools/concepts mentioned above.
Understanding of the SDLC and project management concepts
Understanding of the Incident Response life cycle is required as engineering may serve as an escalation point for Security Operations.
Working knowledge of Linux and Windows OSes required. Ability to script/code to aid automation required - preferably Python, PowerShell, or Bash.
Candidate must have high attention to detail and operate independently. Ability to troubleshoot and identify root cause analysis is a must have skill.
Additional Qualifications:
Experience with any of the following tools will help the candidate stand out:
Splunk Cloud, Splunk ES Qradar/Palo SOAR ExtraHop/Reveal(x) Fortinet Netskope Cisco Umbrella, IOS, ISE, AMP/Secure Endpoint, Umbrella CrowdStrike Netskope CASB rsyslog and logrotate OpenShift / Azure ServiceNow Tenable JIRA Gitlab Puppet/Ansible
Required to be part of on-call rotation with the rest of the security engineering team.
Location: Hybrid. 1-3x a week in NYC or NJ.
The expected base salary ranges from $105k-$170k. Salary offers are based on a wide range of factors including relevant skills, training, experience, education, and, where applicable, certifications and licenses obtained. Market and organizational factors are also considered. In addition to salary and a generous employee benefits package, successful candidates are eligible to receive a discretionary bonus.
#LI-Hybrid
Other requirements
Mizuho has in place a hybrid working program, with varying opportunities for remote work depending on the nature of the role, needs of your department, as well as local laws and regulatory obligations. Roles in some of our departments have greater in-office requirements that will be communicated to you as part of the recruitment process
Company Overview
Mizuho Financial Group, Inc. is the 15th largest bank in the world as measured by total assets of ~$2 trillion. Mizuho's 60,000 employees worldwide offer comprehensive financial services to clients in 35 countries and 800 offices throughout the Americas, EMEA and Asia. Mizuho Americas is a leading provider of corporate and investment banking services to clients in the US, Canada, and Latin America. Through its acquisition of Greenhill, Mizuho provides M&A, restructuring and private capital advisory capabilities across Americas, Europe and Asia. Mizuho Americas employs approximately 3,500 professionals, and its capabilities span corporate and investment banking, capital markets, equity and fixed income sales & trading, derivatives, FX, custody and research. Visit www.mizuhoamericas.com.
Mizuho Americas offers a competitive total rewards package.
We are an EEO/AA Employer - M/F/Disability/Veteran.
We participate in the E-Verify program.
We maintain a drug-free workplace and reserve the right to require pre- and post-hire drug testing as permitted by applicable law.
#LI-MIZUHO