Senior Security Engineer (Full Time) - Lubbock, Ave.
Apply NowCompany: Prosperity Bank
Location: Lubbock, TX 79424
Description:
External Applicants: Please apply through Prosperity Bank's Career Center at https://www.prosperitybankusa.com/Careers. Applying through any other source may prevent Prosperity from receiving your application.
Internal Applicants: If you are a current associate of Prosperity Bank, please apply through the internal Talent - Career Center in ADP.
The Security Engineer will work with IT Management to develop and maintain a comprehensive security program. The Infrastructure team owns security technologies and works with other technology teams to ensure that the proper layers of protection are in place and are effective. The candidate will work on cutting edge security technologies to identify and address risks present in the environment. The candidate will also be responsible for maintaining the security technologies. This position is for a senior level candidate with extensive experience with modern security technologies. Candidate must work well in a team environment, he or she will also be part of the overall support team, and requires outstanding customer service skills both over the phone and in person.
Responsibilities
Develop Defense-in-Depth strategy
Responsible to implement, support Security systems such as Webfiters, Rapid7, Spam Filters, Anti-Virus, MDM, DLP, SIEMS etc...
Design, develop, and implement Disaster Recovery and Business Continuity process, procedures, and infrastructure as it relates to the Information Security Program, well as actively participate in Disaster Recovery exercises
Work closely and support the Senior Network Analyst and the Application's team to provide deep security layers around server hardware, software and applications
Identify and plan preventive maintenance, software/hardware upgrades, patch management, and firmware upgrades
Working with both end users and all members of the IT staff
Benchmarks company security practices and recommends best practices to adopt.
Conducts firewall and IPS policy reviews.
Develops, monitors, and reports on information security performance metrics (such as threat level, vulnerability level, problem resolution time, etc.).
Identifies areas of non-compliance and makes recommendations for achieving compliance.
Monitors traffic and access logs in order to verify compliance.
Coordinates data destruction and secure disposal of hardware.
Actively works to reduce risk levels for the organization.
Keeps updated on IT security regulation changes and new developments in the IT security environment.
Occasional travel may be required.
Ensures there are no repeat IS security related findings from regulatory and 3rd party exams
Other duties as assigned
Required Experience
Bachelor's degree in Computer Science, Information Technology, Engineering or a related technical field; or Associate's degree in Computer Science or related field plus 2 years relevant work experience
3+ years of experience directly related to information security
CISSP, CISM, or CISA certification
Experience utilizing common framework standards including FIEC, NIST, ISO, HIPPA
Strong experience supporting and implementing servers and systems including but not limited to Active Directory, Citrix, Microsoft SQL, file servers, Excange, AIX and other applications as needed
4+ years Enterprise network monitoring
4+ years managing, implementing, and supporting Security systems such as Web filters, Rapid7, Spam filters, Anti-Virus, MDM, DLP, SIEMS, etc.
4+years Virtualization environments including VMware, vSphere, ESX/ESXi, Enteriprise 4.0/5.0/5.5 (HA, DRS, vMotion, SRM), Microsoft Hyper-V, and Citrix XenServer
Full understanding of how Windows environments operate to ensure they are configured to current defined standards
Detail technical experience with a minimum of 4 years experience in computer network penetration testing and techniques preferred
Experience in change control methodology with an ability to provide clear technical documentation supporting change
RSA Security Analytics preferred
Internal Applicants: If you are a current associate of Prosperity Bank, please apply through the internal Talent - Career Center in ADP.
The Security Engineer will work with IT Management to develop and maintain a comprehensive security program. The Infrastructure team owns security technologies and works with other technology teams to ensure that the proper layers of protection are in place and are effective. The candidate will work on cutting edge security technologies to identify and address risks present in the environment. The candidate will also be responsible for maintaining the security technologies. This position is for a senior level candidate with extensive experience with modern security technologies. Candidate must work well in a team environment, he or she will also be part of the overall support team, and requires outstanding customer service skills both over the phone and in person.
Responsibilities
Develop Defense-in-Depth strategy
Responsible to implement, support Security systems such as Webfiters, Rapid7, Spam Filters, Anti-Virus, MDM, DLP, SIEMS etc...
Design, develop, and implement Disaster Recovery and Business Continuity process, procedures, and infrastructure as it relates to the Information Security Program, well as actively participate in Disaster Recovery exercises
Work closely and support the Senior Network Analyst and the Application's team to provide deep security layers around server hardware, software and applications
Identify and plan preventive maintenance, software/hardware upgrades, patch management, and firmware upgrades
Working with both end users and all members of the IT staff
Benchmarks company security practices and recommends best practices to adopt.
Conducts firewall and IPS policy reviews.
Develops, monitors, and reports on information security performance metrics (such as threat level, vulnerability level, problem resolution time, etc.).
Identifies areas of non-compliance and makes recommendations for achieving compliance.
Monitors traffic and access logs in order to verify compliance.
Coordinates data destruction and secure disposal of hardware.
Actively works to reduce risk levels for the organization.
Keeps updated on IT security regulation changes and new developments in the IT security environment.
Occasional travel may be required.
Ensures there are no repeat IS security related findings from regulatory and 3rd party exams
Other duties as assigned
Required Experience
Bachelor's degree in Computer Science, Information Technology, Engineering or a related technical field; or Associate's degree in Computer Science or related field plus 2 years relevant work experience
3+ years of experience directly related to information security
CISSP, CISM, or CISA certification
Experience utilizing common framework standards including FIEC, NIST, ISO, HIPPA
Strong experience supporting and implementing servers and systems including but not limited to Active Directory, Citrix, Microsoft SQL, file servers, Excange, AIX and other applications as needed
4+ years Enterprise network monitoring
4+ years managing, implementing, and supporting Security systems such as Web filters, Rapid7, Spam filters, Anti-Virus, MDM, DLP, SIEMS, etc.
4+years Virtualization environments including VMware, vSphere, ESX/ESXi, Enteriprise 4.0/5.0/5.5 (HA, DRS, vMotion, SRM), Microsoft Hyper-V, and Citrix XenServer
Full understanding of how Windows environments operate to ensure they are configured to current defined standards
Detail technical experience with a minimum of 4 years experience in computer network penetration testing and techniques preferred
Experience in change control methodology with an ability to provide clear technical documentation supporting change
RSA Security Analytics preferred