FreshRemote.Work

VP, Cybersecurity Engineer (Remote)

AZ, US

Join us on our mission to create a completely new, 100% digital bank that truly serves customers' best interests. We are a close-knit and fun-loving team of seasoned financial services professionals who came together for the challenge of building a bank from scratch - and we are committed to doing it all the right way (from technology infrastructure to modern marketing to customer experience).

 

The anticipated salary range for this role is between $158,000.00 and $185,000.00. The specific salary offered to an applicant will be based on their individual qualifications, experiences, and an analysis of the current compensation paid in their geography and the market for similar roles at the time of hire. The role may also be eligible for an annual discretionary incentive award. In addition to cash compensation, SMBC offers a competitive portfolio of benefits to its employees.

 

We work with the flexibility and speed of a start-up. But we also have significant stability and capital from being part of the SMBC Group (Sumitomo Mitsui Banking Corporation). SMBC is the second largest bank in Japan and the 12th largest bank in the world with operations in over forty countries. And SMBC is committed to disrupting the US marketplace with ground-breaking products.

 

It is the best of both worlds, and we are seeking proven marketing leaders to propel us towards a national launch. We have both the ambitious growth plans and the 'patient capital' necessary to execute a multi-year plan. Join us on the journey to deliver an exciting concept of evolved banking.

SUMMARY:

We are looking for a candidate with a proven background in defining and implementing security engineering solutions. As the Cloud Cybersecurity Engineer, you will provide expert advice and lead the design and implementation of the security components in hybrid cloud environment including Azure and GCP. In this role, you will lead implementing solutions with a process-driven view, as well as scheduled maintenance and/or updates to existing structures.
 

PRINCIPAL DUTIES AND RESPONSIBILITIES:

  • Plan and design methods for the optimization and integration of various forms of technology systems or policies and high-level principals.
  • Apply varied engineering and design theories to produce robust, integrated functioning of various systems, technology interfaces, and/or overarching information policies and high-level principles.
  • Assess the functioning of overall technology and communications systems and end-to-end processes and look for ways to upgrade and optimize systems and processes in the future.
  • Work across the architecture and technology organization to ensure effective implementation, architecture compliance, and conflict resolution.
  • Implement selected security solutions in the Azure and GCP Cloud environments.  This would include security related policy, deployment of end-point controls, and securing Kubernetes.
  • Build the DevSecOps program vision and strategy covering all aspects from architecture, design, development, and deployment.
  • Build and publish application security standards, design patterns and secure coding standards for web and mobile security
  • Build and implement API Security vision and strategy including protection capabilities for securing APIs throughout their life cycle
  • Establish encryption standards for the organization
  • May participate in other ad-hoc projects to upgrade or install cloud components, workstations, networks, or software, or to assess and optimize overall functioning of technology, data, and processes.

POSITION SPECIFICATIONS:

  • Minimum of 7 years of experience in Cybersecurity and/or related field. 
  • Bachelor’s degree or equivalent work experience, Azure/ GCP certifications
  • Experience designing, building, and implementing security architecture within cloud environments (AWS, Azure, GCP, etc.) Azure and GCP preferred.
  • Proficient knowledge and use of Terraform for automation is preferred.
  • MS Defender, Sentinel, CrowdStrike, Rapid7, Imperva, Palo Alto Firewalls and native cloud firewalls
  • Experience with industry security frameworks (CIS, NIST)
  • Foundational and functional understanding of how APIs works (RESTful)
  • Understanding of API and Service Mesh security - specifically on common controls for API security (SSO, OAuth, Threat Protection)
  • Applicable security certifications desired; CISSP, CEH, GIAC, GSEC, or CSSLP or advanced degree in InfoSec.
  • Azure/GCP Architecture certification preferred.
     

EOE STATEMENT
We are an equal employment opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, national origin, disability status, protected veteran status or any other characteristic protected by law.

 

CCPA DISCLOSURE
Personal Information Collection Notice: This notice contains information under the California Consumer Privacy Act (CCPA) about the categories of personal information (PI) of California residents that SMBC MANUBANK collects and the business or commercial purpose(s) for which the PI may be used. We do not sell PI. More information about our collection and use of PI may be found in our CCPA Privacy Policy at https://www.smbcmanubank.com/privacy/ccpa-disclosure. Persons with disabilities may contact our Customer Contact Center toll-free at (877) 560-9812 to request the information in this Notice in an alternative format.

Apply