Information Security Engineer II
Listed on 2026-07-09
-
IT/Tech
Cybersecurity, Information Security
Summary
Implements and monitors information security programs and controls. Ensures protection of technology and the business against unauthorized access, disclosure, modification and deletion of information. Completes a variety of audit, reporting, information program, policy, procedure, technology and incident mitigation tasks.
Responsibilities- Establishes and applies risk management principles for consistent tracking and measurement in compliance with industry standards.
- Serves as a security engineering technical advisor for all technology initiatives to ensure program conformance.
- Ensures end-to-end system and data security through the use of perimeter threat event reporting, data loss prevention and anti-spam/anti-virus and phishing simulation solutions.
- Performs risk‑analysis for threat events through simulations and communicates findings and training requirements to management and business.
- Supports a near‑zero risk enterprise using telemetry from security incident and event management and other solutions.
- Tests solutions effectively utilizing industry standard analysis methods. Delivers technical reports and other documentation concerning test results.
- Engineers security solutions efficiently with a minimal technology footprint where possible and manages vendor solutions and partnerships with discretion to ensure business and data privacy.
- Audits and reports on identity and access management to ensure a zero‑trust framework for production and development business application systems.
- Maintains awareness of evolving threats through membership with ISO, RSA, SANS, ISSA, etc. and information security solution vendor partners.
- Collaborates with other IT and business teams on security program initiatives and resolves security related issues.
- Monitors intrusion prevention system technologies and performs vulnerability scans, escalates incidents when applicable, and tracks completion of full event life cycles.
- Supports efforts and processes focused on investigations and misuse of company data; captures evidence that is admissible in a court of law for unauthorized activities.
- Uses approved AI tools responsibly to improve productivity and support job‑related duties, while maintaining data privacy, security, and compliance with applicable policies.
- Harnesses approved AI capabilities to strengthen the organization’s security posture (e.g., improving threat detection, triage, and response) while ensuring data privacy, security, and compliance with applicable policies.
- Must have at least 3 years information security experience or 6 years information systems experience, preferably in the financial services industry.
- Must have or be able to obtain within six months of hire one of the following/equivalent certifications:
Certified Ethical Hacker (CEH), Offensive Security Certified Professional (OSCP), CompTIA Pen Test+, SC‑200 Microsoft Security Operations Analyst. - Bachelor’s degree in a related field or equivalent experience is required.
- Must have advanced computer skills and practical knowledge of computing systems and software including support desk solutions.
- Must also demonstrate conduct consistently with the company’s Corporate Values.
The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. While performing the duties of this job, the employee is frequently required to stand; sit and talk or hear. The employee is occasionally required to walk; use hands to finger, handle, or feel; reach with hands and arms;
climb or balance; stoop, kneel, crouch, or crawl and taste or smell. The employee must occasionally lift and/or move up to 50 pounds. Specific vision abilities required by this job include color vision to identify colored labels, cables, and indicator lights.
Use of computer workstations at desk height and use of server consoles while standing. Installation, removal or termination of cabling, in communications closets and office settings. Occasional use of ladder to reach cables or hardware in ceilings or near top of computer hardware racks. Installation or removal of computer…
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).