The Senior Information Security Engineer performs project leadership on information security efforts while simultaneously providing infrastructure support on several security technologies. This position provides leadership to efforts that are large and cross department boundaries. This position is responsible for monitoring the IT security infrastructure in a corporate network. He/she will articulate technical security requirements, monitor the effectiveness of the existing IT security controls framework, and raise the level of security awareness and policy compliance among workforce members.

ESSENTIAL DUTIES AND RESPONSIBILITIES

• Works directly with Information Security Manager and others in the planning, development, and maintenance of corporate data security plans, policies, and procedures. Helps to identify and document business unit information security requirements and ensure corporate information security plans comply with regulatory requirements.
• Work directly with all members of the Information Security Group and other applicable departments to develop an efficient, effective security organization that uses repeatable and defined processes, standards, and procedures.
• Facilitate penetration testing and audit participation, where applicable. Participate in the collection of security process/control details and artifacts in support of internal and external IT audits and assessment activities.
• Monitor all authorities, permissions, Firewalls, event logs, and other administrators for all platforms to identify abuse/misuse of elevated privileges.
• Microsoft Azure security architect with strategic analysis and enterprise-wide technology experience to contribute toward the success of our Cloud initiatives. Facilitates research, design, development, and integration of emerging Cloud security technologies to align with security and regulatory goals and objectives. Leads development of Cloud security architectures. Creates architectural principles to support information security. Consults with senior managers and other IT professionals to establish security and regulatory requirements for standard IaaS/PaaS patterns. Understands and models key security processes and tools, security controls, and their impact on strategic Cloud patterns. Formulates conceptual architectures and communicates architectural vision, goals, and objectives to multiple audiences. Leads the development of Cloud security strategies and on-boarding for emerging Cloud services and technologies, evaluating usefulness and risk, and making recommendations regarding selected services and technologies. Assists senior managers in developing the vision and strategy for securing First Bank's use of the private Cloud. Guides and consults with IT and business management regarding use of specific Cloud services and technologies. Identifies risks associated with current or new technologies and Cloud services. Provide subject matter expertise for controls objectives, audit, and regulatory assessments.
• Collaborate with Information Security practitioners, Technical Support Center staff, and others as appropriate to ensure the security of the network infrastructure, servers, desktops, peripherals, and mobile computing devices.
• Assist the Information Security Manager in the continuous review, evaluation, and rollout of security tools and security administration tools. Configure, implement, monitor, and support security software/systems that will help ensure compliance with regulatory, industry, and corporate policies and procedures. This includes but is not limited to IDS/IPS (Host/Network/Wireless), cloud based technologies, data loss prevention, firewalls, log management/correlation (SIEM), secure password storage/retrieval, application whitelisting, and vulnerability management.
• Provide leadership in the identification, response, investigation, and remediation of potential breaches of and issues surrounding data security.
• Ensure security best practices are identified and integrated into all facets of projects, including network, system designs/configuration, and implementations.
• Establish and maintain Information Security related disaster recovery plans, and participate in the planning and execution of scheduled exercises.
• Maintain current understanding of regulations and guidelines regarding information security. This includes the continuous professional development of banking and information security standards and best practices and to maintain technological currency in network, client server, and internet/intranet platforms.
• Other duties may be assigned.
• This is a "work-remote" position

• Bachelor's degree (B. S.) or equivalent from four-year College or university, technical or business related degree is preferred;
• Minimum of five years data processing, audit, security or related experience and/or training; or equivalent combination of education and experience.
• Possesses proven technical abilities, demonstrated leadership, business expertise and superior past performance.
• Strong PC skills required; Strong organizational and analytical skills required; Strong Microsoft Azure experience required
• Experience with the following technologies and concepts are highly recommended:

Qualys Vulnerability Scanner

Privileged Access Management

Identity and Access Management

Network Access Control/Segmentation

Application Whitelisting

Cloud Computing

DNS/Certificate Management

• This is a "work-remote" position but if locally assigned, a real plus
• Multi-lingual, a plus
• U.S. Military Veterans are encouraged to apply
• Must be a US Citizen

Be a part of a growing company that is truly committed to its employees and clients. Consider joining the First Bank family. As a member of our family, you are part of one of the largest independent banks in the U.S. We are proud of our growth and success over the past 100 years and look forward to a bright and promising future.

At First Bank one of our biggest strengths is the diversity of our people. Our mission is to capitalize on the diversity of our associates and promote personal and professional development throughout every area of the organization. We encourage diversity by actively seeking employees from various backgrounds, walks of life, and job skills. We strongly encourage you to apply whenever a First Bank job opportunity interests you.

First Bank is a VEVRAA Federal Contractor and an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or protected Veteran status.

Attn: Applicants interested in a San Francisco based position: First Bank will consider qualified applicants with a criminal history in a manner consistent with the San Francisco Fair Chance Ordinance.