Information Security Engineer

Job Summary

• Consults on a senior level and provides professional support for major components of the company's information security program. Responsible for supporting the technical analysis, design consulting and product review of security components. Leads the identification of new tools and techniques. Evaluates and assesses existing technical issues by researching and identifying innovative solutions to broad and complex information security challenges. Manages components of various projects to completion, consulting with various corporate teams, both within the Information Technology and business environments to define information security solutions.

• Provides support in the development and implementation of security architecture, standards, procedures and guidelines for multiple platforms in diverse system environments. Ensures that security concerns are addressed and mitigated and appropriate standards are defined and published.
• Often drives the evaluation, testing and implementation of emerging technologies, information systems security issues. Presents proposed security enhancements to management for approval, funding and implementation.
• Performs security assessments and reviews networking initiatives for security compliance. Prepares status reports and informational metrics on security matters; develops security risk analysis scenarios and response procedures.
• Serves as a resource regarding the security of data networks and centralized data frameworks, to include coordinating activities with the business unit, users and external networks.
• Robust operational knowledge of the TCP/IP stack, network protocols, network topology and architecture, Windows and Unix operating systems, system logs events, anti-virus technologies, authentication systems (AD, LDAP, RADIUS, RACF), DNS, DHCP, SNMP, Net Flow, IP and application development processes/life cycles.
• Provides input into the design, implementation, and maintenance of the information security architecture. Analyzes, reviews, and determines the technical requirements necessary to mitigate the security risk for Information Technology needs, plans, and initiatives.
• Implements and maintains required security tools. Investigates information security violations; monitors and communicates technical vulnerabilities.
• Recognizes and identifies potential areas where existing security policies and procedures require change, or where new ones need to be developed. Conducts risk assessments and security briefings; advises management of critical issues.
• Evaluates products and/or procedures to enhance productivity and effectiveness. Provide direct support to the company and Information Technology staff for security related issues. Coordinates security awareness programs and provides education on security policies and practices. Provides consultations on security issues regarding new and existing systems.
• Monitors Information Technology assets for security requirements to include procedures, software, and integrity.
• Works to build and maintain a security sensitive mindset within the company culture.
• Participates in major projects and initiatives with a low level of management oversight
• Assists with the development, implementation, monitoring, maintenance and compliance of all information security standards, policies, and procedures.
• Participates in the on-call rotation that ensures 24x7 coverage of the corporate security infrastructure and network environments, assuming responsibility for resolving or escalating any network issues that arise during own on-call period
• Generates security/network-related Management Information for regular internal reporting, including producing some high-level analysis of any emerging trends.
• Each team member is expected to be aware of risk within their functional area. This includes observing all policies, procedures, laws, regulations and risk limits specific to their role. Additionally, they should raise and report known or suspected violations to the appropriate Company authority in a timely fashion.
• Perform other related duties as required.

The information on this description has been designed to indicate the general nature and level of work performed by employees within this classification. It is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities, and qualifications required of employees assigned to this job.

Synovus is an Equal Opportunity Employer committed to fostering an inclusive work environment.

• Bachelor s Degree in Information Technology, Business Administration, or related field or an equivalent combination of education and experience.

• Eight years of information security experience to include a background in a multiple information security technologies (e.g. intrusion detection, penetration testing, identity and access management)

• Certified Information Systems Security Professional (CISSP), Microsoft Certified…