Information Security Engineer

Responsible for ensuring the smooth operation of the Bank security systems and controls with a goal to maintain a strong information security program and enable comprehensive auditing and compliance verification. Provide hands-on support for a broad spectrum of technologies, including security software running on Windows and UNIX systems, network devices, virtual machines, as well as the Bank’s own products and services. Collaborate with internal and external stakeholders in implementing and supporting technical projects, and for operational support of production platforms.


Major Accountabilities:        

  • Perform security research, analysis, and design for the Bank’s computing systems and network infrastructure.
  • Facilitate security vulnerability assessments and penetration tests. Work on security alerts, events, and security incidents, including forensics analysis.
  • Contribute general consulting (risk analysis) and project support in the area of information security to IT infrastructure and projects as needed to support new business requirements.
  • Participate in internal security audits and investigations. Manage and maintain a library of security audit tools and corresponding processes. Monitor trends in information technology and security.
  • Research emerging technologies and maintain awareness of current security risks in support of security enhancement and development efforts.
  • Monitor security systems for anomalies and respond to potential security events.
  • Oversee security patch process and validate compliance.
  • Perform periodic policy compliance reviews, risk assessments, and control testing.
  • Assist in the investigation of security incidents as required and recommend corrective actions and process improvements.
  • Awareness training of the workforce on information security standards, policies and best practices
  • Documentation that includes writing comprehensive reports, architectural and workflow designs, security standards and policies.
  • Participate in on-call system administration support including but not limited to weekends, holidays and after-business hours as required to service the needs of the business.