Security Engineer II

Columbia Bank New Jersey provided pay range

This range is provided by Columbia Bank New Jersey. Your actual pay will be based on your skills and experience — talk with your recruiter to learn more.

$/yr - $/yr

Summary:

Responsible for the day-to-day security operations and ownership over one or more security practice areas at Columbia Bank. The individual will serve as a technical operations subject matter expert and will be responsible for the proper maintenance of security controls, detection of and response to potential threats, and remediation and escalation of incidents. Supports the cyber incident response team, vulnerability management, secure design, security platform support, data security, provides guidance to technology operators, and ensures execution of processes.

• Executes, enhances, and creates/maintains documentation for security operations processes.
• Responsible for ownership over one or more security practice areas and leads the assessment of security processes, platforms, and practices to identify areas for improvement.
• Supports incident response efforts by reviewing security events and escalations, performing investigations, and seeing matters through to resolution.
• Collaborates with technology and business organizations as appropriate.

• Performs ongoing security platform maintenance including health monitoring, troubleshooting, tuning, and upgrades.
• Assists in implementing and operationalizing new security solutions. Coordinates with internal and external resources as required.

• Develops and analyzes security related content - reports, alerts, dashboards, and metrics - to gain insights from the Bank's systems, platforms, and data.
• Utilizes content outputs to drive subsequent action plan through to completion.

• Assists in the management of small to medium sized projects according to project management schedules.

• Stays abreast of relevant industry related developments, trends, and threats.
• Commits to ongoing professional education and development in the Information / Cyber Security field.

• Performs other job related duties as assigned.

• Bachelor’s degree in an IT related discipline required.
• 5 - 10 years of experience in information technology, information security, risk, or similar field.
• 5+ years of experience in an information security role.
• 3+ years of engineering experience.
• Relevant industry certifications and/or advanced degrees may be considered in lieu of experience.
• Strong knowledge of one or more security practice areas including security architecture, identity and access management, asset management, vulnerability management, threat detection and response, endpoint security, network security, cloud security, web security, email security, data security, application security, threat intelligence.
• Performs ongoing analysis of various security events, incident alerts, event notifications, health status from security tools, and additional detection and response activities.
• Investigates security incidents and collaborates with the CISO and business organizations in response to detected threats.
• Coordinates with internal and external resources for risk mitigation and service outage resolution.
• Develops standard operating procedures for deployed security solutions, interfacing with managed security service providers, incident responses, review and escalation processes.
• Communicates security warnings, ongoing awareness, and general best practices to end-users.
• Develops performance metrics, trend statistical data, and customizes management reports for Risk, IT and Information Security.
• Strong knowledge of securing network/infrastructure design and deployment.
• Experience in conducting a daily assessment of vulnerabilities identified by infrastructure scans.
• Evaluate, rate, and perform risk assessments on assets.
• Prioritizing vulnerabilities discovered along with remediation timeline(s).
• Knowledge of scripting languages and automation methodologies.
• Deep knowledge of intrusion detection methodologies and techniques for…