Information Security Engineer II

Summary

At Simmons Bank the Security Engineering Team is responsible for the design implementation and maintenance of security solutions to include but not limited to: Identity & Access Protection Email Security Network Security Endpoint Protection Data Protection and Vulnerability Management. These security solutions secure critical business operations and protect our customers and data.

You will join a team of Associates dedicated to ensuring the security of the corporate network and be responsible for the day-to-day operation of the Information Security Program.

Level II Security Engineers are primarily responsible for the implementation and maintenance of security systems and supporting end-users use of the Companys security services. Level II Security Engineers operate with limited direct supervision and provide mentoring of Level I Security Engineers.

Essential Duties and Responsibilities

Systems Engineering

• Contributes substantially to the design and implementation of security systems as needed

• Identifies and documents system security requirements to assist with solution selection

• Assists with the evaluation of new technologies or process improvements that enhance security capabilities

• Serves as specialist for certain security systems as assigned

System Administration

• Configures maintains and monitors the Companys security systems including but not limited to: secure email gateway firewall VPN network access control secure web gateway security information and event management platform endpoint protection data loss prevention and vulnerability scanning tools

• Supports Level I Security Engineers with service request and incident tickets as needed

• Supports Level I Security Engineers with system changes as needed

• Handles service request and incident tickets pertaining to security systems

• Reviews system alerts and responds in accordance with established procedures (e.g. triage mitigate and escalate)

• Researches tests and presents proposed security system changes to IT and Business leadership

• Conducts security system changes in accordance with the change management process

• Collaborates with external parties (e.g. vendor support professional services and others) to maintain security technologies

• Monitors cases tickets and incidents opened with vendor support to ensure timely response and remediation

• Applies upgrades patches and other configurations in support of the patch management and vulnerability management processes

• Maintains the teams written documentation (e.g. diagrams procedures and other system information) for the Companys security systems

Administrative

• Participates in rotating on-call schedule representing the Security Engineering team

• Mentors other team members and supports cross-training

• Communicates security concerns to management in a timely manner

• Completes training related to this position as assigned in a timely manner

• Pursues IT and/or Security certifications relevant to this position

• Takes initiative and responsibility for achieving desired results

• Performs other duties as assigned

Qualifications

Education and/or Experience

• Minimum of six (6) years of experience in information technology network engineering or security engineering (required)

• Bachelors degree in a related field (preferred)

• Direct experience administering security systems such as: endpoint protection network access control web content filtering data loss prevention vulnerability scanners and firewalls ()

• Experience in operational roles supporting of IT systems networks or applications and direct experience conducting basic troubleshooting steps documenting tickets and communicating with end-users (required)

Certifications

• CompTia A Security Network or other baseline security related certifications ()

• CISSP SSCP CEH or other intermediate security related certifications (preferred)

Other Qualifications (including physical requirements)

• Must be willing to periodically work non-standard hours and be on call

• Intermediate understanding of common enterprise operating systems database systems and networks

• Basic understanding of cloud computing architecture and cloud services

• Baseline knowledge of security technology landscape and emerging security technology

• Working knowledge of Microsoft Windows operating systems for advanced troubleshooting techniques

• Ability to read and interpret documents and follow written or verbal instructions

• Ability to transform technical details and processes into written instructions playbooks and procedures

• Ability to conduct oral and written communication and present in a professional manner to internal and external parties

• Ability to prioritize assignments while working on multiple projects

• Ability to manage their own time with awareness to escalate issues promptly and with focused on meeting SLA targets

• Ability to work independently with limited supervision

• Possesses service-oriented mindset and strong customer service skills

Please note this job description is not designed to cover or contain a comprehensive listing of activities duties or responsibilities that are required of the employee for this job. Activities duties and responsibilities may change at any time with or without notice.