Lead Engineer, Security Assurance
Lead Engineer, Security Assurance
Posted on :
22-05-2025
Employer Active
1 Vacancy
Job Alert
You will be updated with latest job alerts via emailValid email field required
Send jobs
Share
Send me jobs like this
Job Alert
You will be updated with latest job alerts via emailValid email field required
Send jobs
Job Description
Purpose of the Job:
The Lead Engineer Security Assurance will be responsible for providing technical expertise to support the security of the organizations technology products. This includes managing security tools identifying vulnerabilities and providing recommendations for remediation. Additionally the candidate will lead efforts to automate security processes implement configuration management and develop security processes around the Infrastructure & Application Security program. This position will be required to collaborate effectively with crossfunctional teams and to provide guidance to business stakeholders on securityrelated matters. Ultimately the Lead Engineer Security Assurance will play a critical role in safeguarding the organizations assets and maintaining a high level of customer satisfaction.
Main Activities
- Lead and provide security testing using tools such as DAST SAST Mobile DAST SCA RASP EASM & API Security.
- Design implement and operate security solutions for the following capabilities: vulnerability management infrastructure & application security.
- Manage the attack surface of Equitable Bank by identifying prioritizing and mitigating potential threats and vulnerabilities according to the organizations risk appetite.
- Build and manage relationships with stakeholders across the organization to ensure effective communication and collaboration on information security matters
- Implement and manage configuration management tools and processes across the organizations infrastructure & applications to ensure consistent and secure configurations
- Keep uptodate with the latest security threats and vulnerabilities and assess their impact on the organization
- Evaluate and implement new tools and technologies to improve the automation and efficiency existing processes
- Develop and maintain technical documentation including standards technical security configurations and procedures
Knowledge/Skill Requirements
- A college diploma or university degree is required. Higher accreditation (e.g. Bachelor of Computer Science) is preferred.
- 5 years of experience in information technology/information security
- Proven expertise in deploying and operating security infrastructure solutions is required.
- Experience in scripting or programming languages such as Python Ruby or PowerShell to automate security functions is preferred.
- Experience in cloud environments is required
- Excellent analytical and problemsolving skills
- Strong verbal and written communication skills
- The following certifications are preferred: CCSP CCSK CISM CISSP or CRISC.
- Understanding and experience with PCI DSS MITRE ATT&CK BSIMM NIST ISO 27K series is an asset.
- Experience working in a banking or financial services environment is an asset.
- Understanding of DevSecOps (CI/CD Pipelines Shiftleft SCM etc) approaches to automate security testing is an asset.
- Understanding of Vulnerability Management Risk Acceptance and IT practices such as ITIL.
Accountability
- Reports directly to the Manager Enterprise Security Assurance & Testing (ESAT)
- This position sets priorities for themselves but also make decisions in their domain of accountability.
- This position is empowered to make decisions that impact their own position however there is decisionmaking involved relating to vulnerability management which could have a potential impact on the overall reputation of the bank and as such should follow the banks IT Change management process.
Employment Type
Full-Time
Key Skills
Report This Job
Disclaimer: Drjobpro.com is only a platform that connects job seekers and employers. Applicants are advised to conduct their own independent research into the credentials of the prospective employer.We always make certain that our clients do not endorse any request for money payments, thus we advise against sharing any personal or bank-related information with any third party. If you suspect fraud or malpractice, please contact us via contact us page.
