Come join TCM Bank’s Information Security Team and help protect the confidentiality, integrity, and availability of information systems. This exciting role will assist the SVP, Information Security Officer to ensure compliance of systems with existing policies while adopting innovative new cybersecurity solutions to help TCM Bank meet its goals. This is a remote opportunity!
Information Security Engineer
(Remote - Full-Time)
DUTIES & RESPONSIBILITIES
- Analyze and provide expertise, advice, recommendations on new, innovative information security solutions in an environment with rapidly advancing technologies and concepts.
- Participate in the planning and design of enterprise security architecture, technology processes, and solutions; including security information and event management, anti-malware, intrusion prevention, e-mail and web gateways, vulnerability management, public key management, certificate management, physical security management, identity, and password management solutions, etc.
- Collaborate with IT Operations team on security processes, controls, and project initiatives. Including the deployment, integration, and initial configuration of all new security solutions and any enhancements to existing solutions per standard best operating procedures and the Bank's enterprise security strategy.
- Investigate and respond to security events and potential incidents. Prepare reports on response, threat, and mitigation actions.
- Monitor, identify and assess suspected or detected information security concerns. Escalate to appropriate staff.
- Support the Bank’s data breach and Incident Response Program, including all policy and procedural updates and annual testing.
- Provide coordination and maintenance of disaster recovery, contingency planning, and testing to mitigate against systems and information losses and assure a successful recovery of Bank systems and information.
- Provide guidance and education on security policies, practices, and standards.
- Support business impact analysis and risk assessments. Identify and work with impacted teams to recommend solutions, remediate vulnerabilities, propose and document compensating controls, and ensure the documentation of exceptions.
- Perform regular vulnerability scans, assessments, and support third-party audit requests, including simulating attacks to identify and defend potential areas of vulnerabilities.
- Create and maintain documentation related to security policies, procedures, incidents, audits, designs/configurations, processes, and requirements.
- Protect and maintain the confidentiality of company and customer information, policies, and processes.
- Maintain knowledge of the IT security industry, including awareness of new or revised security solutions, improved security processes, and the development of new attacks and threat vectors.
- Review all security alerts through well-known security communication channels such as NIST, US-CERT, FS-ISAC, SANS, etc. Work with the IT and Security Operations teams to identify any alerts that may impact the Bank and its systems and applications, determine the remediation steps required, and coordinate with appropriate staff on implementation.
- Perform other related duties as assigned.
- At least three (3) years in an IT Security role with direct hands-on experience administering Unix/Linux and Windows systems, complex networks, monitoring and analysis, cyber threat and vulnerability analysis.
- Information technology or security certification required in at least one of the following: (CISSP, CISA, CISM, CCSP, GSE, GSNA, GSAE)
- Association with security industry groups (ISSA, ISACA, (ISC)2, ASIS) required
- Detailed knowledge of system security technology and information security programs (encryption, data protection, design, privileged access, RBAC, etc.)
- Demonstrated experience implementing a security framework and related controls such as the NIST Cybersecurity Framework, NIST-800-53, NIST 800-171, PCI-DSS, and AICPA SOC2 Type II.
- Knowledgeable of compliance issues related to PCI DSS and other financial requirements such as FFIEC, GLBA, NCUA, NACHA, etc.
- Ability to understand and interpret technical concepts and procedures; general understanding of platform/application-specific technology, such as intrusion detection, firewalls, host-hardening, vulnerability management, encryption, patch management, and shell/web scripting.
- Strong customer service skills with the ability to interact with all levels of personnel through verbal and written communications.
- Expertise to translate complex technical concepts into business or “common” language; ability to think and act pragmatically rather than in the absolute realm of information security.
- Ability to manage multiple projects, work in a fast-paced environment, and meet deadlines.
- Experience in performing 2nd level analysis and interpretation of information from SOC systems, incident identification/analysis, escalation procedures, reduction of false positives, response, and containment strategies.
- Familiarity with using and applying open and closed-source resources within a corporate environment.
- Knowledge of authentication technologies and processes (VPN, SSL, SSH, PKI, etc.); experience implementing a manageable and scalable public and certificate management infrastructure.
- Experience in monitoring, evaluating, and interpreting vulnerabilities, CVEs, remedies, mitigation measures, techniques for escalation, social engineering tactics, phishing techniques, and performing risk/vulnerability assessments.
- Ability to exercise discretion and good judgment in making decisions.
- Capable of finding solutions through technical documentation, internet searches, or peer interactions.
- Flexibility and capability of working under high pressure in a complex environment.
TCM Bank, N.A., a subsidiary of ICBA Bancard, serves as a trusted advisor to community banks, helping build and strengthen customer relationships with a market competitive and fully branded consumer and business credit card agent program. Through our Total Card Management program, we serve as a direct issuer of credit cards for banks who prefer not to issue cards themselves. TCM Bank has been in business for over 21 years and has grown to over 100 employees nationwide. We are now partnered with over 800 financial institutions across the United States, and proud to meet the credit card needs of more than 320,000 customers. We are a Community Bank that believes in Community Banks.
Outstanding benefits package - 100% premiums are company paid! Salary range for this position is $65,000-$75,000.
TCM Bank, N.A. embraces the diversity of its applicants and employees and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, veteran status or any other characteristic protected by applicable law.
TCM Bank is located in Tampa, FL. This is a remote opportunity. Qualified candidates located in the states where we do business will be considered.
No sponsorship is available for this position.
Principals Only. No Agencies Please.
Let us know
Help us maintain the quality of jobs posted on RemoteTechJobs and let us know if:
Section 1: Position SummaryReporting to the BISO, the Application Security Engineer is responsible for the application security program. This position requires a passion for data protection, possesses a combination of either application development and/or.
Overview:Are you a Senior Security Analyst that would like to be part of delivering initiatives for digitization, automation, modernization, infrastructure, security, and interoperability of systems and processes to provide Veterans and their families.
Gray Tier Technologies is seeking a talented Lead Splunk Engineer to join our team to support a federal customer within the Department of Homeland Security (DHS) Enterprise Security Operations Center (ESOC). The Splunk Engineer provides support across.
IoT Security EngineerFully RemotePermanent Hire: $125,000 - $135,000 depending on relevant experienceInsight Global is seeking a Security Engineer to work at one of our top manufacturing clients. This person is going to be responsible for the security.
Description:Overview:Vaultes is a rapidly growing enterprise IT and cybersecurity company headquartered in the Washington DC metro area. Serving customers across the Federal government and commercial sectors, we use our broad experience and deep technical.
Opala is growing and seeking an experienced Application Security Engineer to complement our team. This Engineer will be responsible for reducing risk across Opala along with partnering with engineering and product teams during each point of the software.
More jobs by this company
SummaryThis position is responsible for maintaining and supporting:ICBA's Association Management System (AMS) - NetForumSQL Server and Data WarehouseCustom Applications & Web ProjectsDuties & ResponsibilitiesAssociation Management System (AMS) - NetForum.
Come join TCM Bank’s Information Security Team and help protect the confidentiality, integrity, and availability of information systems. This exciting role will assist the SVP, Information Security Officer to ensure compliance of systems with existing.