Senior Information Security Engineer (Temp)

Fremont Bank - Hayward, CA3.5

Full-time | TemporaryEstimated: $110,000 - $150,000 a year

Fremont Bank founded in 1964, is one of the oldest independently owned banks in the Bay Area and is one of the top rated mid-tier banks in the nation. Voted a Top Workplace for 2019 and for the past nine consecutive years, Fremont Bank has an immediate opening for a Senior Information Security Engineer (Temp) in Hayward, CA.

Position Overview

Senior Information Security Engineer implements and executes the network security controls across multiple data centers. The role will coordinate a variety of network and infrastructure requests between teams, partners, and clients and evaluate new and existing network/security architecture requirements, participate in system design, and provide technical assistance as required. In addition, this role will build and manage new appliances, manage and maintain existing appliances. Additional duties will also include vulnerability management, rotating on call schedule, conducting third party risk assessments, performing vulnerability scans, troubleshooting and responding to alerts and assisting with the development of policies and standards.

Role and Responsibilities

  • Network security review and troubleshooting
  • Worked with and deployed various security appliances
  • Resolve network and system security issues using computer host analysis, forensics, and reverse engineering
  • SIEM alert management
  • Resolve network and system security issues using computer host analysis, forensics, and reverse engineering
  • Maintain security requirements
  • Monitor, Review and Troubleshoot alerts
  • Antivirus policy management
  • Manage Vulnerability tools and scans
  • Test security measures including OS patches, system hardening, and application configuration
  • Project security representation
  • Security compliance monitoring
  • Produce security standards
  • Participate in project meetings to advise business stakeholders and IT staff on best practices
  • Escalation for technical security questions and problems
  • Network security audit
  • Understand and develop countermeasures against network attacks using vulnerability analysis and knowledge of exploit techniques
  • Perform security research
  • Produce security risk advisories based on newly identified threats and risk assessment
  • Security tool evaluation, testing, selection, certification, and integration
  • Perform and document internal and external vulnerability assessments
  • Create lab environment and automate test procedures associated with above testing

Minimum Qualifications

  • Bachelor's degree in Information Systems, Computer Science, Information Security, Information/Cyber Security, Network Security, or related technical discipline required; advanced degree is a plus
  • CISSP, CISM, CISA, Security+ or other recognized information security certifications or accreditations are a plus
  • Minimum of 5 years of recent, consistent hands-on experience in Information and Cyber Security with modern technologies.
  • Anti-Virus experience a plus
  • Familiarity with network technologies (switches, routers, firewalls, VPNs, remote connection technologies, and multiple domain environments)
  • Experience with systems analysis including, but not limited to: Gathering requirements from stakeholders, Constructing RFP/RFQs, devising and planning proof-of-concepts, defining use and test cases, driving critical security infrastructure projects, creating cogent status reports for senior management, strong technical understanding of vulnerabilities, and how attackers can exploit vulnerabilities to compromise systems
  • Working knowledge of security technologies such as DLP, SIEM, IDS/IPS, Web filters, two factor authentication, web application firewalls, Active Directory Group Policy
  • Ability to establish both SLA and KPI driven metrics for measuring performance
  • Familiarity with tools like Nessus, Rapid7, FireEye, BlueCoat, Juniper, F-5, Cisco, Palo Alto Networks, MDM solutions are a plus
  • Knowledge of vulnerability sources such as SANS, US-CERT, commercial vendors (Symantec, SecureWorks, McAfee, IBM, etc.)
  • Knowledge of public intelligence sources such as ICS-CERT, FBI Infragard, HSIN
  • Excellent verbal, written, and presentation skills; in particular, demonstrated ability to effectively communicate technical and business issues and solutions to multiple organizational levels internally and externally as needed
  • Solid analytical and problem solving skills; ability to think strategically and turn ideas into actions.
  • Able to work independently, yet seamlessly integrate activities with other teams when needed
  • Ability to lead, guide, support, and mentor staff
  • Ability to work with little supervision and consistently deliver results
  • Able to lift 50 lbs. and see color coded events.
  • 24/7 Rotating On Call Schedule
  • Previous experience in the financial industry is preferred
  • McAfee Suite
  • WAF, PAN, Cisco ASA firewalls
  • Symantec Security Products

Job Types: Full-time, Temporary