Principal Information Security Engineer (Remote)
Virtual - Ohio, United States
Make banking a Fifth Third better®
We connect great people to great opportunities. Are you ready to take the next step? Discover a career in banking at Fifth Third Bank.
This is a Principal Engineer role in the data and application security space in the Information Security organization. Ideal candidate will have hands on experience in data and application security with technologies like tokenization, encryption, code scanning, and secrets management and will have the ability to coach/mentor junior team members while delivering results to our customers.
GENERAL FUNCTION:
The Information Security Engineer (ISE) will be responsible for defining, delivering, and supporting the enterprise security tools and architecture developed in collaboration with the IT Engineering team. The ISE will also participate in a diverse variety of IS projects and support the ongoing operations of the Information Security department. The ISE is be focused on securing the network through the operations of intrusion detection system/intrusion prevention system (IDS/IPS), data loss prevention (DLP), Proxy, enterprise anti-virus and anti-malware solutions, log management, and vulnerability scanning and remediation.
Responsible and accountable for risk by openly exchanging ideas and opinions, elevating concerns, and personally following policies and procedures as defined. Accountable for always doing the right thing for customers and colleagues, and ensures that actions and behaviors drive a positive customer experience. While operating within the Bank's risk appetite, achieves results by consistently identifying, assessing, managing, monitoring, and reporting risks of all types.
ESSENTIAL DUTIES & RESPONSIBILITIES:
- Mentor more junior members of the team.
- Contribute to and enhance the bank's vulnerability management program.
- Define security requirements for the implementation of new applications and projects.
- Serve as a data security engineer/consultant on projects.
- Participate in conducting security research on threats and remediation techniques/ technology, make recommendations to the IS/IT teams and oversee their implementation.
- Support the Bank's operational information security responsibilities, including the development maintenance of standards, procedures, and guidelines necessary to satisfy the Information Security department's operations.
- Provide technical support to regulatory agencies, external auditors, and internal auditors, as required, to respond to audits and examinations of the Bank's control environment.
- Seeking and maintaining knowledge (cross/up skill) of current and upcoming IT security technologies.
- Awareness of latest and common security threats.
- Knowledge of key/secrets management technologies.
- Knowledge of application scanning technologies (SCA, SAST, DAST, IDE, & secrets scanning).
SUPERVISORY RESPONSIBILITIES: None.
MINIMUM KNOWLEDGE, SKILLS & ABILITIES REQUIRED:
- Inherent focus on customer
- Expertise in tokenization and Cryptography
- Expertise in application scanning (SAST, SCA, DAST, etc.)
- Hands on experience in Javascript, Python, and other languages
- Hands on experience in cloud (AWS, Azure, GCloud)
- Ability to coach/mentor junior team members
- Ability to communicate well with peers/leaders/junior members/cross functional teams.
- IT Security experience required.
- Bachelor's degree in Computer Science/Information Systems or equivalent combination of education and experience. Master's degree a plus.
- Industry Standard Certifications such as, but not limited to: CompTIA A+, CompTIA Network +, CompTIA Security +, ISC2 CISSP, and EWS are preferred.
- Must be able to communicate ideas both verbally and in writing to management, business and IT sponsors, and technical resources in language that is appropriate for each group.
- Eight+ years of IT work experience relevant to the position.
- Experience working with and supporting Unix/Linux and Windows systems.
- Solid conceptual understanding of distributed computing principles.
- Working knowledge of application and data security concepts, best practices, and common vulnerabilities.
- Financial industry experience is a plus.
- Excellent ability to diagnose and troubleshoot accessibility issues.
Fifth Third Bank, National Association is proud to have an engaged and inclusive culture and to promote and ensure equal employment opportunity in all employment decisions regardless of race, color, gender, national origin, religion, age, disability, sexual orientation, gender identity, military status, veteran status or any other legally protected status.
ApplyJob Profile
Fully remote Ohio Ohio, United States
Benefits/PerksEqual employment opportunity Fully remote Inclusive culture
Tasks- Conduct security research
- Define security requirements
- Develop security standards
- Manage vulnerabilities
- Mentor junior team members
- Provide technical support
- Recommend security improvements
- Reporting
- Support audits and examinations
- Support security tools and architecture
Anti-malware Anti-virus Application scanning Application Security Auditing AWS Azure Banking Cloud Computing Code scanning Collaboration Computer Computer Science Cross-functional Communication Cryptography Customer Experience DAST Data Loss Prevention Data Security Distributed computing Encryption Engineering Focus GCP IDE Information security Intrusion Detection Intrusion Prevention IT Security Javascript Linux Log Management Procedures Proxy Python Regulatory Compliance Remediation techniques Reporting Research Risk Management SAST SCA Secrets/key management Secrets management Secrets scanning Security Security Architecture Security policies Security procedures Security Research Security standards Security Technologies Security threat awareness Security Tools Technical Support Threat Research Tokenization UNIX Unix/Linux Vulnerability Management Vulnerability Scanning Windows
Experience3 years
EducationBachelor's Bachelor's degree Bachelor's degree in Computer Science Business Computer Science Engineering Equivalent Information Systems IT Master's Master's degree
CertificationsCISSP CompTIA A+ CompTIA Network+ CompTIA Security+ EWS ISC2 CISSP
TimezonesAmerica/Anchorage America/Chicago America/Denver America/Los_Angeles America/New_York Pacific/Honolulu UTC-10 UTC-5 UTC-6 UTC-7 UTC-8 UTC-9