Cyber Security Engineer

Cyber Security Engineer

As an integral member of NCBs IS team, the IS Cyber Security Engineer will collaborate with the Information Technology Teams on all activities necessary to ensure the safety of NCBs information system assets while protecting the systems from unauthorized internal and external access across NCB.

1. Contribute to the development, advancement, and automation of NCBs security projects, initiatives, and security controls including effective security monitoring and alerting. 45%
   1. Design security architecture elements to mitigate threats and work with IT and other teams to ensure proper implementation.
   2. Conceptualize solutions that align enterprise security architecture frameworks and standards (e.g. NIST 800-53, NIST CSF, FFIEC, PCI, CIS) with overall business and security strategy.
   3. Participate in risk assessments for new technologies and projects.
   4. Utilize secure configuration management processes.
   5. Assist in developing a disaster recovery and business continuity plan to identify and prioritize system functions required to promote resiliency of critical business processes.
2. Monitor and track the performance of security controls to protect information and network infrastructure and architecture. 25%
   1. Conduct analysis and monitoring of security controls.
   2. Perform security assessments as needed, identify gaps in existing security architecture, and recommend changes or improvements.
3. Consult with Tier 1 engineers on troubleshooting, configuration, and maintaining security infrastructure software and hardware. 15%
   1. Assist with the installation of software that monitors systems and networks for security breaches and intrusions.
   2. Monitor systems for irregular behavior and ensure that preventive measures and incident response processes are set up. Assist NCB with exams, internal and external audits, risk assessments, and penetration tests.
4. Assist the Chief Information Security Officer and Security Team. 15%
   1. Document security requirements and controls for protecting information, systems, and technology assets.
   2. Define and document how the implementation of a new technology impacts the security posture of the current environment.
   3. Provide input on security requirements to be included in request for proposals (RFPs), statements of work (SOWs), and other procurement documents.

Minimum Qualifications:

• 5 years of related experience with a bachelor’s degree; or equivalent experience.
• Industry-recognized security, network, or other professional certifications sponsored by organizations such as SANS, ISC2, Microsoft, Cisco, and Offensive Security. Security certifications such as CISSP, CISM, GIC, CISA, CRISC, are preferred.
• Ability to communicate and present complex issues and ideas with precision and clarity, adjusting appropriately for the audience; ability to communicate effectively at all levels of the organization including communicating technical solutions to project management, development team, operations team, information security team and IT solutions team.
• Experience with the following industry/regulatory requirements and frameworks: ISO27001, SOC2, PCI/DSS, SOX, NIST 800-53, NIST CSF, CIS.
• Well-rounded knowledge of networking (ex. Windows, LAN/WAN, routing, firewalls, cloud services).
• Ability to manage multiple projects and initiatives in a fast-paced environment.

Eligibility requirements may differ for each benefit or program.

National Cooperative Bank, N.A. is an Equal Employment Opportunity Employer (EOE/AA)