Senior Cyber Security Engineer; Endpoint & DLP Security), Infrastructure & Access security

Senior Cyber Security Engineer (Endpoint & DLP Security), Infrastructure & Access security

Join to apply for the Senior Cyber Security Engineer (Endpoint & DLP Security), Infrastructure & Access security role at Card Works
.

Our aim is to help people connect with possibility and opportunity using our financial servicing expertise. We build meaningful relationships with consumers, employees, and clients.

We are seeking a highly skilled Senior Cyber Security Engineer to join our dynamic team in the financial sector. This role emphasizes mentoring and tactical oversight in safeguarding our organization’s information systems against cyber threats. The ideal candidate will possess a deep understanding of cyber security principles and technologies, along with the ability to own and lead projects while mentoring junior team members.

• Work with team lead and direct leadership to implement comprehensive cyber security strategies that align with team and organizational goals while also maintaining regulatory requirements.
• Lead programs, mentor junior engineers and analysts, and help develop a high-performing cyber security team, acting as a point of technical escalation.
• Maintain in-scope program implementation, road mapping and maturity best practices.
• Keep a “real time” status on the latest cyber security trends, technologies, and best practices, helping to integrate them into the organization’s security framework.
• Assist in authoring and enforcing security policies, standards, and procedures to create efficiencies and mitigate risks to ensure compliance with industry regulations.
• Support the SOC during incident response efforts, coordinating with the SOC team internally to facilitate resolutions effectively.
• Participate in incident response plans as well as regular drills and reviews to ensure preparedness.
• Collaborate cross-functionally with teams and stakeholders. Establish and maintain relationships to properly support security initiatives enterprise wide.
• Report on program metrics as well as potential gaps identified to the team lead and direct leadership providing insights and recommendations for improvement.

is also responsible for familiarity with tooling and cross-train with other security functions as assigned:

• Endpoint security controls – Monitor ticketing and requests for all endpoint controls and respond to events and outages in a troubleshooting capacity.
• Data loss prevention – Address tickets for block remediation and apply rule changes as needed.
• Cloud access security brokering – Monitor incoming requests and apply proper validation and remediation steps as needed.
• Email security – Perform triage and remediation of tickets related to email security.

• Define and enforce policies for endpoint security and DLP aligned with regulatory and business requirements.
• Develop and maintain operational playbooks and escalation procedures.
• Administer and optimize Microsoft Defender XDR and DLP tools across the enterprise.
• Lead tool upgrades, configuration changes, and integration efforts with SIEM and SOAR platforms.

• Analyze and triage security alerts from Defender XDR and DLP platforms.
• Lead investigations into endpoint-related incidents and data exfiltration attempts.
• Generate regular reports on endpoint and DLP effectiveness, coverage, and incident trends.

• Collaborate with compliance and risk teams to ensure audit readiness and policy adherence.
• Responsible for complying with all the Bank’s internal control policies and procedures.
• Responsible for understanding and complying with all laws and regulations to which the Bank is subject.
• Responsible for communicating problems in operations, noncompliance with the code of conduct, noncompliance with laws and regulations, policy violations, or illegal acts.

• Bachelor’s degree in Cybersecurity, Information Security, or a related field. Equivalent experience will also be considered.
• 7+ years of experience in risk management, security awareness, or a related role within the finance industry. Experience in…